Governance, Risk Management and Compliance (GRC) Specialist

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software.” Wouldn't it be amazing if you could join us in our journey?

We are looking for a passionate, business-savvy, and talented Governance, Risk Management and Compliance (GRC) Specialist to join our GRC Team in Sunnyvale, California.

In this role, you will work across the organization to support and mature our customer security questionnaires and security audits. You will also support our sales, legal, and business colleagues through various information security projects and initiatives and provide assurance to our customers while also enhancing the overall GRC programs. This is a great opportunity to work closely with technical stakeholders to further build and scale our global Information Security and GRC programs. We are looking for a team player who brings a thoughtful, pragmatic mindset to overcoming challenges.

As a Governance, Risk Management and Compliance (GRC) Specialist in JFrog you will...

• Support the sales process by responding to customer inquiries related to information security
• Collaborate with cross-company teams such as sales,legal & privacy, product engineering, security, sales-ops, and solutions engineering to build on robust and comprehensive compliance processes
• Automate and streamline our Trust & Compliance workflows, including customer facing content, evidence collection,  and security Q&As for employees and customers, with a penchant for creating excellent self-service experiences
• Respond to and complete customer risk assessments
• Coordinate and carry out strategic customer audits
• Review and negotiate customer information security addendums
• Define and execute team KPIs and Metrics 
• Implement improvements and updates to our security program based on regulatory changes and customer requirements
• Mentor and train other junior members of the team

To be a Governance, Risk Management and Compliance (GRC) Specialist in JFrog you need...

• 6+ years of work experience focused on issues related to Information security and GRC
• Experience contributing to implementing security and compliance programs such as SOC 2, ISO 27001, ISO 27017, ISO 27018, CSA STAR, etc.Experience reviewing and redlining information security addendums.
• General knowledge of global privacy laws and regulations such as GDPR, CCPA etc
• Familiarity with various enterprise SaaS applications,  cloud infrastructure such as AWS, and the concepts of modern software engineering practices/tools, databases, operating systems, secure network design, and other technology relevant to cybersecurity
• Ability to multitask effectively, complete projects and perform daily tasks with minimal supervision and ability to set and meet deadlines
• Experience working with Salesforce, Jira, and GRC platforms 
• Ability to understand and translate security concepts, controls, and risk scenarios to identify their impact on technology, business, and customers
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Excellent verbal and written communication
• Ability to work well under pressure: responsiveness, accuracy, and sense of urgency are essential to this role
• Willingness to work a flexible schedule based on department and company needs
• Strong collaboration skills with an ability to build relationships with internal resources

Even if you don’t meet all the requirements listed here, we still encourage you to apply. Skills can be used in many different ways, and your life and professional experience may be relevant beyond what this list of requirements will capture.

WHAT JFROG CAN OFFER…

• At JFrog, base salary is only one component of our compensation package.
• This position has a base salary range between $150,000-$170,000.  Base salary will be based on your skills, qualifications, experience and location.
• This position also includes an equity package of restricted stock units (RSU).  In addition, JFrog employees are eligible to participate in our Employee Stock Purchase Plan.
• JFrog provides employees comprehensive benefits including medical, dental, vision, retirement, wellness and much more!
• JFrog embraces hybrid work: 3 days in office / 2 days remote.
• Additionally, this role may be eligible for discretionary bonuses or commission payments.

JFrog is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status or any other category protected by law.