Application Security Team Lead

At JFrog, we’re running the software that runs the world – and we want you along for the ride. JFrog is a special place with a unique combination of brilliance, spirit, and great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of a critical mission.Thousands of customers, including the majority of Fortune 100 companies, trust JFrog to manage, accelerate, and secure their software delivery from code to production – a concept we call “liquid software.” Wouldn't it be amazing if you could join us on our journey?

The JFrog CSO Office is seeking an Application Security Team Lead. In this role, you will manage an application security team that focuses on building and running tools to secure the JFrog application landscape at scale, as well as conducting vulnerability research. You will work closely with the R&D and DevOps teams and serve as the focal point for identifying and resolving complex security challenges. This is a hands-on Team Lead position, a development-focused role that ensures JFrog products adhere to the stringent security requirements of our thousands of customers.

As an Application Security Team Lead at JFrog, you will…

Build, lead, and mentor a team of AppSec Engineers

Lead the development of Internal Security tools and AI agents

Design and implement SSDLC practices and automated security controls across the CI/CD pipeline

Build and operate scalable vulnerability management frameworks across cloud-native services and SaaS products

Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA

Partner with development and DevOps teams to embed security early and often

Contribute to secure code reviews and assist with remediation strategies

Track, triage, and report vulnerabilities across product lines

Provide technical leadership and drive adoption of secure development best practices

Define and measure AppSec KPIs and drive continuous improvement

To be an Application Security Team Lead at JFrog, you need…

Proven experience leading AppSec or Product Security teams

Deep Knowledge in Application Security and Vulnerabilities

Strong coding/scripting background (e.g., Python, Go, Java, JavaScript)

Hands-on experience with CI/CD pipelines, security tools, and DevSecOps practices

Familiarity with modern architectures (e.g., Cloud, microservices, containers, Kubernetes)

Deep understanding of software development processes and secure coding principles

Penetration testing knowledge is a plus

Strong communication and collaboration skills