Trustwave has flagged the Security Researcher - Web Application Firewall (WAF) job as unavailable. Let’s keep looking.

At JFrog, we’re running the software that runs the world - and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software”. Wouldn't it be amazing if you could join us in our journey?

The JFrog CSO Security team is looking for a senior application security researcher. In this role, you will perform vulnerability research, assess existing architectures, and build and run tools to secure the JFrog application landscape at scale. You will work closely with R&D and DevOps teams and be the focal point for identifying and solving complex security challenges. This is a hands-on, development-focused role with the goal of ensuring JFrog products adhere to the stringent security requirements of our thousands of customers.

As a Senior Application Security Researcher at JFrog you will…

  • Continuously assess and challenge JFrog’s overall security posture to ensure optimal and up-to-date platform security in our products and systems
  • Evaluate architecture, design, and code to ensure they are free from potential vulnerabilities and security risks
  • Train and mentor developers about security frameworks, testing, vulnerabilities, and best practices to ensure code compliance
  • Evaluate new technologies and standards in the application security domain

To be a Senior Application Security Researcher at JFrog you need…

  • 4+ years of hands-on experience in an application security role
  • Experience with web penetration testing (Hands On) - Mandatory
  • Strong coding skills, preferably in Java, Golang, and JavaScript - Mandatory
  • Experience with identifying, tracking, and solving security vulnerabilities in open source components used as third-party dependencies
  • Experience with supply chain attacks and their remediation - An advantage
  • Experience with cloud environments - An advantage
  • Experience with microservices (Docker, K8S, Service Mesh) - An advantage
  • Excellent problem-solving skills and the ability to work independently with a strong sense of ownership
  • Good communication skills and a true passion to educate others and achieve continuous improvement
Read Full Description
Confirmed an hour ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles