Senior Offensive Security Engineer

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit, and just all-around great people. If you’re willing to do more, your career can take off. And since software is central to everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software.” Wouldn't it be amazing if you could join us in our journey?

As a Senior Offensive Security Engineer, you will spearhead JFrog’s offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in JFrog’s systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.

As a Senior Product Manager at JFrog you will…

• Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against JFrog’s infrastructure, applications, and cloud environments
• Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
• Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving JFrog’s security posture
• Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
• Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
• Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
• Participate in incident response when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
• Continuously assess and improve security processes, playbooks, and threat detection mechanisms

To be a Senior Product Manager at JFrog you need…

• 5+ years of experience in offensive security operations, Red Teaming, threat hunting, or threat research
• Deep knowledge of attack techniques, TTPs (Tactics, Techniques, and Procedures), adversary simulations, and threat-hunting methodologies
• Hands-on experience with Redteam tools, frameworks (e.g., Metasploit, Cobalt Strike, Burp Suite), and custom exploit development
• Strong experience with cloud platforms (AWS, GCP, Azure) and containerized environments (Kubernetes, Docker)
• Familiarity with MITRE ATT&CK Framework and its application in Red Team and threat-hunting scenarios
• Proficiency with scripting and automation languages (Python, PowerShell, Bash) for tool development, threat detection, and attack simulation
• Solid understanding of offensive security best practices, vulnerability management, threat detection, and advanced threat analysis
• Ability to effectively communicate and collaborate with cross-functional teams, translating complex security concepts into actionable insights
• A passion for continuous learning, research, and innovation in the fields of offensive security, threat hunting, and cyber threats