CrawlJobs Logo

Senior Application Security Researcher

jfrog.com Logo

JFrog

Location Icon

Location:
Israel , Netanya/Tel Aviv

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The JFrog CSO Security team is looking for a Senior Application Security Researcher. In this role, you will perform vulnerability research, assess existing architectures, and build and run tools to secure the JFrog application landscape at scale. You will work closely with R&D and DevOps teams and be the focal point for identifying and solving complex security challenges. This is a hands-on, development-focused role with the goal of ensuring JFrog products adhere to the stringent security requirements of our thousands of customers.

Job Responsibility:

  • Continuously assess and challenge JFrog’s overall security posture to ensure optimal and up-to-date platform security in our products and systems
  • Evaluate architecture, design, and code to ensure they are free from potential vulnerabilities and security risks
  • Train and mentor developers about security frameworks, testing, vulnerabilities, and best practices to ensure code compliance
  • Evaluate new technologies and standards in the application security domain
  • Plan and lead cross-company efforts with the R&D that will improve JFrog’s security posture

Requirements:

  • 4+ years of hands-on experience in an application security role
  • Experience with Web Penetration Testing (Hands On) - Mandatory
  • Strong coding skills, preferably in Java, Golang, and JavaScript - Mandatory
  • Experience with cloud environments - an advantage
  • Experience with microservices (Docker, K8S, Service Mesh) - an advantage
  • Excellent problem-solving skills and the ability to work independently with a strong sense of ownership
  • Good communication skills and a true passion to educate others and achieve continuous improvement

Nice to have:

  • Experience with cloud environments
  • Experience with microservices (Docker, K8S, Service Mesh)

Additional Information:

Job Posted:
December 26, 2025

Icon
JFrog - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Application Security Researcher

New

Senior Security Researcher - ITDR (Cortex)

We are looking for a Senior Security Researcher to join our Identity Threat Dete...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years’ experience with Active Directory security and identity related attacks
  • 2+ years of experience with Entra ID (formerly Azure AD) or SAAS application - Advantage
  • In-depth knowledge of the inner-workings of operating systems
  • In-depth Knowledge of network protocols, including but not limited to Kerberos, RPC, SMB, HTTP, SMTP, DNS, DHCP, etc
  • In-depth knowledge of enterprise infrastructure, including Active Directory, FW, VPN, Security products, etc
  • At least 2 Years of experience coding Python - Advantage
  • Strong knowledge of SQL language - Advantage
  • Experience with red-teaming / pentest of Entra ID - Advantage
  • Experience with machine learning / data analysis / cloud infrastructure / security - Advantage
  • Ability to drive and own projects from start to finish
Job Responsibility
Job Responsibility
  • Research the evolving threat landscape and develop advanced detections to protect SAAS, Cloud, on-premises, and hybrid identities
  • Focus on identifying and mitigating identity-related threats across networks, endpoints, and cloud environments, using statistical classification methods to build effective detection models and protecting customers at scale
  • Collaborate with cross-functional teams, validate detection concepts on real-world data, and continuously enhance detection capabilities to stay ahead of emerging threats
  • Research innovative methods for detecting targeted attackers operating in endpoints, networks, cloud and SAAS environments
  • Simulate real-world attacks in lab environments and conduct a deep analysis of the behavior
  • Develop and refine statistics-based classification algorithms and techniques to create and improve detection models
  • Research specific scenarios to enhance our model's capabilities
  • Collaborate within a diverse research group, improving our research processes and leading us to be a better team creating a better product
  • Stay informed on the latest APTs, attacker methodologies, and TTPs to ensure our models stay ahead of emerging threats
Read More
Arrow Right

Senior Security Research Engineer

Senior Security Research Engineer position at HPE's Security Lab in Bristol, UK....
Location
Location
United Kingdom , Bristol
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD (or equivalent research experience)
  • 8+ or more years of experience
  • Track record of innovation driven into products
  • Experience as a technical leader
  • Knowledge of system security techniques and principles
  • Good knowledge of computer architecture, operating systems, networking, application of AI to security or security of AI
  • Good implementation skills with experience in Python, Rust, C, Go
  • Good written and verbal communication skills
  • mastery in English
  • Comfortable presenting to executives, technologists and customers
Job Responsibility
Job Responsibility
  • Define research agenda and take lead on research projects
  • Lead design of systems and solutions with colleagues
  • Own implementation of significant components
  • Build robust product-ready prototypes to test and demonstrate ideas
  • Research and develop foundational security capabilities for HPE products and services
  • Collaborate with business units, supply chain, partners and open-source community
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Senior Security Research Engineer

We are seeking a senior technologist to join the Security Lab in HPE Labs. This ...
Location
Location
United Kingdom , Bristol
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD (or equivalent research experience) plus 10 or more years of experience
  • track record of innovation driven into products
  • experience as a technical leader
  • application of AI to security or security of AI
  • excellent knowledge of system security techniques and principles
  • strong implementation skills with experience in one or more of the following: Python, Rust, C, Go
  • excellent knowledge of computer architecture, operating systems and networking
  • excellent written and verbal communication skills
  • comfortable presenting to executives, technologists and customers
  • excellent analytical and problem-solving skills
Job Responsibility
Job Responsibility
  • Define a research agenda and take the lead on research projects
  • build advanced security capabilities for HPE products and customers
  • collaborate with business units, supply chain, partners, and the open-source community
  • build robust product-ready prototypes to test and demonstrate ideas
  • lead the design of systems and solutions
  • inspire and motivate others.
What we offer
What we offer
  • Comprehensive suite of health & wellbeing benefits
  • personal & professional development programs
  • unconditional inclusion
  • flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right

Senior Application Security Analyst

The Senior Application Security Analyst, VP position is part of CISO organizatio...
Location
Location
United States , Irving
Salary
Salary:
125760.00 - 188640.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
December 31, 2025
Flip Icon
Requirements
Requirements
  • At least 6+ years of relevant experience in web development, source code review, or application security testing
  • Deep understanding and proven expertise in application security principles, common vulnerabilities (e.g., OWASP Top 10, CWE), and secure coding practices
  • Development background in Java/J2EE, C#, .NET (and other relevant enterprise languages like Python, JavaScript/Node.js) in an enterprise environment
  • Strong understanding of DevSecOps principles, CI/CD pipelines, and integrating automated security tools, including AI/ML-driven solutions, into the Software Development Life Cycle
  • Experience using commercial enterprise automated security testing tools such as Burp, Fortify, Checkmarx, Blackduck, Snyk
  • Proficiency in leveraging SAST tools and experience with manual code review techniques and tools/IDEs to identify complex vulnerabilities
  • Demonstrated experience in AI/ML development, including data modeling, algorithm design, and implementation using Python and relevant libraries/frameworks (e.g., TensorFlow, PyTorch, scikit-learn)
  • Professional certifications, such as CISSP, CSSLP (highly preferred), GIAC, CEH or willingness to obtain
  • At least Bachelor's degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST)
  • Conduct in-depth manual source code reviews to identify vulnerabilities
  • Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
  • Identify opportunities to automate, develop custom rules and standardize information security controls
  • Design, develop, and implement AI/ML-driven utilities and models to enhance source code analysis
  • Write formal security assessment report for each application
  • Direct the development and delivery of secure solutions by coordinating with business and technical teams
  • Manage and execute security assessments for multiple projects simultaneously
  • Research and explore new testing tools and methodologies
  • Act as a mentor to the junior team members
What we offer
What we offer
  • Medical, dental & vision coverage
  • 401(k)
  • Life, accident, and disability insurance
  • Wellness programs
  • Paid time off packages including vacation, sick leave, and paid holidays
  • Discretionary and formulaic incentive and retention awards
  • Fulltime
!
Read More
Arrow Right

Senior Product Security Engineer

Join our Product Security team, where you'll partner with development and game t...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
  • At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
  • Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines
  • Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
  • Ability to translate design documents into security-focused guidelines and requirements for product development
  • Adapt quickly to new technologies, languages, and solve challenges outside your expertise
Job Responsibility
Job Responsibility
  • Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
  • Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
  • Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
  • Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
  • Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
  • Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
  • Partner with teams to define and execute security strategy, driving security priorities across the organization
  • Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right

Senior Product Security Engineer

Ready to make an impact on the security of products from the ground up? Join our...
Location
Location
United States , Austin
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
  • At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
  • Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines to ensure seamless and secure software delivery
  • Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
  • Ability to translate design documents into security-focused guidelines and requirements for product development
  • Adapt quickly to new technologies, languages, and solve challenges outside your expertise
  • Travel: No routine travel required
  • occasional travel as needed.
Job Responsibility
Job Responsibility
  • Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
  • Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
  • Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
  • Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
  • Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
  • Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
  • Partner with teams to define and execute security strategy, driving security priorities across the organization
  • Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks.
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision, 401(k) with company match, employee stock purchase plan, commuter benefits, in-house wellness program, broad learning & development opportunities, a charitable giving platform with company match
  • Fitness allowance, employee discount programs, discounted games & events and stocked pantries.
  • Fulltime
Read More
Arrow Right

Senior AI Security Engineer

Senior AI Security Engineer role in Citi's Application, Platform and Engineering...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Production system builder with security focus - proven track record of architecting and building secure, large-scale production applications and business-facing platforms from the ground up
  • Ethical hacking and penetration testing expertise - hands-on experience finding and exploiting vulnerabilities, conducting red team exercises
  • State-of-the-art security engineering with Go, Python, JavaScript
  • HashiCorp Vault mastery - deep experience writing custom plugins, creating secrets engines, implementing dynamic credentials
  • Enterprise authentication & authorization - designing and implementing OAuth, JWT, RBAC, and complex identity systems
  • API security and threat modelling - securing REST/GraphQL APIs, conducting threat assessments
  • AI/ML security and vulnerability research - understanding of LLM vulnerabilities, model security, prompt injection attacks
  • Security automation and tooling – automating manual security processes
  • Cloud-native security - securing containerized applications in Kubernetes, service mesh security
  • Incident response and forensics - experience investigating, analyzing, and responding to security incidents
Job Responsibility
Job Responsibility
  • Build secure AI products from 0-1 - Engineer production-grade, business-facing AI platforms with security built-in from day one
  • Conduct ethical hacking and red team activities - penetration testing, vulnerability research, and attack simulation
  • Design and build security tools and frameworks - Create automated security solutions that scale across fast-paced development cycles
  • Secure novel AI attack surfaces - Identify and mitigate LLM-specific vulnerabilities, prompt injection attacks, and AI model security risks
  • Lead 'shift left' security - Embed security practices throughout rapid development lifecycle while maintaining velocity
  • Mentor security practices - Guide other engineers on secure coding, vulnerability remediation, and security-first thinking
What we offer
What we offer
  • 27 days annual leave (plus bank holidays)
  • Discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Hybrid working model (up to 2 days working at home per week)
  • Competitive base salary (annually reviewed)
  • Fulltime
Read More
Arrow Right

Senior Application Full Stack Developer

The Senior Application Full Stack Developer role involves designing and developi...
Location
Location
Canada , Mississauga
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience as a Senior Java Developer with hands on end to end solutions
  • Hands on experience using Core java, Server side Java, Javascript, MVC Pattern, Spring Framework
  • Diverse experience utilizing tools in Microservices architecture applications using Spring Boot, Spring Cloud config, Netflix OSS components (Eureka, Zuul, Hystrix), Pivotal Cloud Fundry, ZooKeeper, AWS etc.
  • Role requires overcoming obstacles through collaboration, research/ testing and communication with ability to negotiate solutions
  • Individual must have experience working in a high pressure, fast paced 'Global' environment providing daily support to multiple competing priorities
  • Excellent interpersonal, oral and written communication skills
  • 5+ years of Oracle RDBMS design and development skills with excellent knowledge in store procedures, PL/SQL, triggers and performance tuning
  • Experience migrating Oracle RDBMS to ECS cloud and NoSQL database
  • Architect and hands on technical experience in implementing large volume real time complex solutions in Big Data Platforms & Public Cloud platforms would be a huge asset
  • 5+ years hands on experience in ETL functionalities including experience with tools like Talend, Infomatica, spark etc.
Job Responsibility
Job Responsibility
  • Responsible for design and development as a full stack java developer to build very high volume low latency enterprise applications that can adapt and scale to changing market conditions
  • Responsible for delivery of application technology solutions and data information planning effort, owns the technical development environment and works with the Enterprise team to deliver in a fast paced time bound manner
  • Help ensure high quality software delivery by providing guidance on testing strategy, technical consultation to plan/design performance testing, and providing feedback/guidance for tuning performance and other non-functional elements of the application
  • Migration of application functionalities that are part of large monolithic systems, running on WebLogic, into an ecosystem of Microservices using the latest technologies, and/or a combination of microservices and monoliths where applicable
  • Understanding the client requirements and envision the solution that can be captured as respective user stories in JIRA
  • Understanding the impact of adapting different architectures and designs and present the same to all relevant stakeholders
  • Management of both functional and technical requirements while deciding on technical solutions
  • Development of solutions following established technical design, application development standards and quality processes in projects
  • Building test automation suites to reduce the regression effort of the QA team
  • Identification of existing system bottlenecks and deficiencies, devise and implement robust solutions to address these shortcomings
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Poland Jobs Ireland Jobs Germany Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy