GRC Specialist, Customer Trust

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software.” Wouldn't it be amazing if you could join us in our journey?

At JFrog, our customers are our most important asset. We are trusted stewards of their data and are committed to building and maintaining that trust.

We are looking for a GRC Specialist, Customer Trust to join our Global Cybersecurity Governance, Risk, and Compliance (GRC) team. This role is at the forefront of our customer-facing security efforts, ensuring that both current and prospective customers feel confident in our security posture.

You will be the key subject matter expert on all things related to JFrog's security practices, helping to build and scale our customer trust program. This is a unique opportunity to combine your cybersecurity expertise with a passion for customer engagement and collaboration, all while helping to mature our GRC function.

As a GRC Specialist, Customer Trust in JFrog you will...

• Lead customer security reviews and security due diligence process.
• Support and participate in customer audits, managing end-to-end processes with internal teams.
• Partner with sales, engineering and legal teams to support deal cycles through timely and accurate responses to security questionnaires and due diligence requests.
• Build and maintain customer-facing trust assets, including white papers, FAQs, and a public-facing trust center.
• Deliver internal and external enablement programs, training teams to address security concerns effectively.
• Support key GRC initiatives across ISO, SOC 2, NIST, PCI DSS, FedRAMP and other compliance frameworks.
• Provide security expertise to the legal teams during contract negotiations, reviewing and redlining security clauses.

To be a GRC Specialist, Customer Trust in JFrog you need...

• 3-5 years of experience in information security, GRC, or compliance engineering.
• Strong customer-facing expertise with proven success managing audits, inquiries, and security questionnaires.
• Strong knowledge of cybersecurity frameworks (NIST, ISO 27001/27701, SOC2 Type 2, SIG, CAIQ ).
• Experience with GRC platforms or compliance automation tools (e.g., Drata, OneTrust, Hyperproof, Archer).
• SaaS industry experience with contract review and negotiation exposure.
• Excellent communication and project management skills to translate technical and compliance requirements into clear, actionable tasks.

WHAT JFROG CAN OFFER…

• At JFrog, base salary is only one component of our compensation package.
• This position has a base salary range between $150,000 to $165,000. Base salary will be based on your skills, qualifications, experience and location.
• This position also includes an equity package of restricted stock units (RSU). In addition, JFrog employees are eligible to participate in our Employee Stock Purchase Plan.
• JFrog provides employees comprehensive benefits including medical, dental, vision, retirement, wellness and much more!
• JFrog embraces hybrid work: 3 days in office / 2 days remote.

JFrog is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status or any other category protected by law.