JFrogThe JFrog Platform gives you an end-to-end pipeline to control the flow of your binaries from build to production. Power your software updates to the edge
At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software.” Wouldn't it be amazing if you could join us in our journey?
We are looking for a passionate, business-savvy, and talented GRC Specialist to join our Compliance Team in Sunnyvale, California.
In this role, you will support our sales, legal, and business colleagues through various information security projects and initiatives. This is a great opportunity to work closely with technical stakeholders to further build and scale our global Information Security and GRC programs. We are looking for a team player who brings a thoughtful, pragmatic mindset to overcoming challenges.
As a GRC Specialist in JFrog you will...
- Support the sales process by responding to customer inquiries related to information security and data privacy
- Collaborate with cross-company teams such as sales, product engineering, security, sales-ops, and solutions engineering to build on an extensive and comprehensive compliance library
- Respond to and complete customer risk assessments
- Review and negotiate customer information security addendums
- Evaluate the information security and privacy risk of third parties
- Understand technical terminology to translate technical security concepts to the legal, sales, and marketing teams regarding regulatory and data protection requirements
- Draft and review contractual language related to information security to ensure compliance with business operations and global data protection regulations
- Lead and coordinate compliance and information security meetings with JFrog’s executive team, customers, and vendors
- Review, update and manage applicable internal policies
- Coordinate and carry out strategic customer audits
To be a GRC Specialist in JFrog you need...
- 6+ years of work experience focused on issues related to Information security and GRC
- Experience reviewing and redlining information security addendums
- General knowledge of global privacy laws and regulations
- Familiarity with SOC, ISO, NIST, SIG & CAIQ frameworks
- Ability to multi-task effectively, complete projects and perform daily tasks with minimal supervision and ability to set and meet deadlines
- Experience working with Salesforce, Jira, and GRC platforms
- Ability to perform as the primary Security Subject Matter Expert
- Excellent verbal, writing, organizational, and time management skills
- Ability to identify and analyze issues and think critically to resolve problems
- Resourcefulness, with an ability to cross boundaries to find solutions
- Ability to work well under pressure: responsiveness, accuracy, and sense of urgency are essential to this role
- Willingness to work a flexible schedule based on department and company needs
- Ability to understand and translate security concepts, controls, and risk scenarios to identify their impact on technology, business, and customers
- Comfortable working with both technical and non-technical audiences
- Strong collaboration skills with an ability to build relationships with internal resources
- Experience auditing cloud-based environments for policy compliance
Even if you don’t meet all the requirements listed here, we still encourage you to apply. Skills can be used in many different ways, and your life and professional experience may be relevant beyond what this list of requirements will capture.
WHAT JFROG CAN OFFER…
- At JFrog, base salary is only one component of our compensation package.
- This position has a base salary range between $150,000 to $170,000. Base salary will be based on your skills, qualifications, experience and location.
- This position also includes an equity package of restricted stock units (RSU). In addition, JFrog employees are eligible to participate in our Employee Stock Purchase Plan.
- JFrog provides employees comprehensive benefits including medical, dental, vision, retirement, wellness and much more!
- JFrog embraces hybrid work: 3 days in office / 2 days remote.
- Additionally, this role may be eligible for discretionary bonuses or commission payments.
JFrog is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status or any other category protected by law.
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs