At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit, and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “Liquid Software”. Wouldn't it be amazing if you could join us in our journey?

The Role

As the Tech Lead of IR, you will be the captain of the front-line defence. You won't just respond to threats; you will build the team and the infrastructure that detects them before they happen. You will lead a group of high-performing engineers to mature our Incident Response program, automate security operations, and partner with R&D and DevOps to ensure our "liquid software" remains secure.

As a Tech Lead, Cloud IR at JFrog, you will...

• Incident Command: Act as the primary escalation point for high-priority security incidents, leading the triage, containment, and post-mortem processes.
• Architect Operations: Oversee the design and execution of vulnerability management, SaaS security posture (CASB), and asset management at scale.
• Drive Automation: Champion "Security as Code" by leading the development of internal tools (Python/Go) to automate monitoring and remediation.
• Cross-Functional Partnership: Collaborate with SRE, DevOps, and Product teams to drive holistic fixes for systemic architectural vulnerabilities.
• Evangelize Security: Build a culture of security across the organization through training, documentation, and proactive risk management.

To be an IR Tech Lead at JFrog, you need...

• Leadership Experience: 1+ years of experience leading technical teams or acting as a formal mentor/technical lead in a security context.

• Deep Technical Roots: 7+ years of industry experience in security with a focus on Information Security principles.

• Cloud Mastery: Proven expertise in attack and mitigation methods within complex AWS, GCP, or Azure environments.

• Incident Response Prowess: Extensive experience in risk prioritization and managing the lifecycle of security incidents in a global production environment.

• Technical Breadth: Mastery in at least 5 of the following:

• Endpoint Protection (EDR/XDR) & Zero Trust architecture.

• Identity Management (IAM/IDM) and SSO/SAML.

• Security Analytics (SIEM/Logging) such as ELK or Splunk.

• Container Security (Docker, Kubernetes).

• Email Protection & Patch Management.

• Coding Proficiency: Ability to review and guide the development of security tools in Python or Go.

• Communication: Exceptional ability to translate complex technical risks into actionable business insights for stakeholders.

NOTE: We are located in Bangalore (Bellandur) and we follow a hybrid work model. Minimum 3 (fixed) days work from office is a mandatory.