Application Security Research Team Lead (Relocation Poland, Warsaw)

 As an Application Security Team Lead at JFrog, you will… 

• Build and lead a team of security researchers and penetration testers. • Help to reshape JFrog Product Security  

• Plan and execute advanced penetration testing campaigns. 

• Develop tools and frameworks for scalable security testing and fuzzing. 

• Lead Security innovation by building and managing penetration testing tools \ AI Agents 

• Analyze vulnerabilities, perform root cause analysis, and develop proofs of concept. 

• Identify systemic product weaknesses and help define long-term mitigations. 

• Collaborate with engineering teams to reproduce, triage, and fix vulnerabilities. 

• Contribute to security research publications, CVE submissions, and industry knowledge sharing. 

• Continuously evolve internal testing capabilities using modern tooling and AI-assisted approaches. 

To be an Application Security Team Lead at JFrog, you need… 

• Proven 2+ years of experience in leading application security research Teams (SAAS or software company). 

• 7+ year experience in Research and penetration testing. 

• Strong coding skills and deep technical understanding of web, API, cloud-native, and backend technologies. 

• AI and LLM Penetration testing knowldge and Experience  

• Experience with penetration testing tools (Burp Suite, Metasploit, etc.) and Custom Security Tools development. 

• Familiarity with modern architectures (e.g., Cloud, microservices, containers, Kubernetes). 

• Familiarity with secure software architecture and typical attack vectors. 

• Demonstrated ability to lead security testing engagements and report technical findings effectively. 

• Experience building or integrating automated PT or fuzzing pipelines is a strong advantage. 

• Knowledge and hands-on experience with SSDLC tools and  CI/CD pipelines,  

• Publications or open-source contributions in the security domain are a plus.