Incident Response Lead

** Open to remote within the East Coast only**

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software.” Wouldn't it be amazing if you could join us in our journey?

As the Incident Response Lead, you will be the captain of the front-line defense. You won't just respond to threats; you will build the team and the infrastructure that detects them before they happen. You will lead a group of high-performing engineers to mature our Incident Response program, automate security operations, and partner with R&D and DevOps to ensure our "liquid software" remains secure.

• Incident Commander: Act as the primary escalation point for high-priority security incidents, leading the triage, containment, and post-mortem processes.
• Drive Automation: Champion "Security as Code" by leading the development of internal tools (Python/Go) to automate monitoring and remediation.
• Cross-Functional Partnership: Collaborate with SRE, DevOps, and Product teams to drive holistic fixes for systemic architectural vulnerabilities.
• Evangelize Security: Build a culture of security across the organization through training, documentation, and proactive risk management.

• Optional: Leadership Experience: 2+ years of experience leading technical teams or acting as a formal mentor/technical lead in a security context.
• Deep Technical Roots: 7+ years of industry experience in IR with a focus on Information Security principles.
• Cloud Mastery: Proven expertise in attack and mitigation methods within complex AWS, GCP, or Azure environments.
• Incident Response Prowess: Extensive experience in risk prioritization and managing the lifecycle of security incidents in a global production environment.
• Technical Breadth: Mastery in at least 5 of the following:
  
  • Endpoint Protection (EDR/XDR) & Zero Trust architecture.
  • Identity Management (IAM/IDM) and SSO/SAML.
  • Security Analytics (SIEM/Logging) such as ELK or Splunk.
  • Container Security (Docker, Kubernetes).
  • Email Protection & Patch Management.
• Coding Proficiency: Ability to review and guide the development of security tools in Python or Go.
• Communication: Exceptional ability to translate complex technical risks into actionable business insights for stakeholders.

• Open to remote work for candidates outside a reasonable commuting distance to the Atlanta office.
• At JFrog, base salary is only one component of our compensation package.
• This position has a base salary range between $185,000 to $200,000.  Base salary will be based on your skills, qualifications, experience and location.
• This position also includes an equity package of restricted stock units (RSU).  In addition, JFrog employees are eligible to participate in our Employee Stock Purchase Plan.
• JFrog provides employees comprehensive benefits including medical, dental, vision, retirement, wellness and much more!

JFrog is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status or any other category protected by law.