Security Engineer • Staff

Who you are

You have extensive experience in cybersecurity, particularly in high-performance networking and distributed systems — your expertise allows you to shape the security posture of complex cloud environments. You are a subject matter expert in security operations, capable of leading initiatives that protect against sophisticated threats and vulnerabilities.

You possess a strong understanding of multi-cloud security models, including AWS, Azure, and GCP — your experience enables you to design and implement 'Zero Trust' security frameworks that operate seamlessly across diverse environments. You are familiar with the OWASP Top 10 and have a proven track record of defending against zero-day exploits and API abuse.

You are a strategic thinker who collaborates effectively with product and architecture teams — your ability to balance the needs of the open-source community with enterprise requirements is crucial in defining the multi-year security roadmap for the Kong Gateway. You thrive in environments where you can lead incident resolution efforts, tackling complex security challenges head-on.

Desirable

Experience with advanced security technologies such as WAF, IDS, and IPS is a plus — your familiarity with these tools will enhance your ability to architect next-generation security capabilities. A background in open-source software development can also be beneficial, as it aligns with Kong's mission to leverage OSS in building state-of-the-art security solutions.

What you'll do

As a Staff Cyber Security Engineer at Kong, you will act as the technical security lead for the Kong Cloud Security Operations — your primary responsibility will be to architect and implement security solutions that protect the API gateway from various threats. You will lead the design of next-generation security capabilities, ensuring that they are robust and effective against evolving attack vectors.

You will collaborate closely with product and architecture leads to define a strategic security roadmap — this involves balancing the needs of the OSS community with enterprise requirements, ensuring that security measures are both effective and user-friendly. Your role will also include leading incident response efforts, where you will address complex security challenges, including vulnerabilities in open-source dependencies.

You will be responsible for implementing multi-cloud security models that support a 'Zero Trust' approach — this will require you to design security measures that operate seamlessly across hybrid and multi-cloud environments. Your expertise will be critical in shaping the security posture of the Kong Cloud, ensuring that it remains resilient against sophisticated threats.

What we offer

Kong provides a dynamic work environment where innovation is encouraged — you will have the opportunity to work with cutting-edge technologies and contribute to the development of security solutions that protect a wide range of clients, from startups to Fortune 500 companies. We value collaboration and support professional growth, offering resources for continuous learning and development in the cybersecurity field.

Join us at Kong, where your contributions will have a direct impact on the security of our API gateway — you will be part of a team that is dedicated to building secure, reliable, and efficient solutions for our users. We encourage you to apply even if your experience doesn't match every requirement, as we value diverse perspectives and skills.