Kong Inc., an industry pioneer in cloud-native solutions, empowers businesses worldwide to innovate and excel in managing their API-driven architectures. With numerous awards for innovation and security solutions, our commitment extends beyond technology to cultivating a workplace that celebrates diversity and fosters inclusion. Join us to be part of a company where your work impacts millions and where every team member is instrumental in driving success.
As a Security Engineer specializing in detection and response, you will play a pivotal role in safeguarding Kong’s platforms against sophisticated cybersecurity threats. This dynamic position involves directing our Security Incident Response Team (SIRT), enhancing our incident response strategies, and providing mentorship to develop team expertise. Your efforts in evolving our Detection and Response program will be crucial. Through pioneering advanced frameworks, integrating cutting-edge automation, and crafting essential performance metrics, you will lead initiatives that significantly boost our defenses and operational efficiencies.
This role offers the unique opportunity to shape the future of cybersecurity in Kong, ensuring robust protection against an ever-changing threat landscape. Your strategic input and leadership will not only defend our systems but also influence the security culture at Kong Inc., making an indelible impact on our global operations.
What will you do:
- Direct our Security Incident Response Team (SIRT), leveraging strategic frameworks, state-of-the-art technologies, and rigorous processes to swiftly identify, manage, and mitigate security incidents.
- Focus on minimizing the impact of these incidents through effective response and recovery strategies.
- Engineer sophisticated detection systems and analytics to proactively identify and neutralize threats across diverse environments, including cloud, corporate, and edge infrastructures.
- Foster strong partnerships with Engineering, Risk Management, Compliance, and other critical departments to ensure security measures are perfectly integrated with the broader business goals and objectives.
- To strengthen our security infrastructure, we continuously assess, select, and optimize a blend of custom and commercial security tools, including EDR, anti-phishing technologies, and SIEM systems.
- Craft and refine advanced strategies, create resilient frameworks, and implement process automation to elevate the maturity of our Detection and Response programs.
- Develop critical metrics to measure effectiveness and drive continuous improvement.
- Design and maintain comprehensive incident response playbooks and detailed documentation to guide the security team's actions during incidents and ensure consistency in response strategies.
- Lead proactive threat-hunting initiatives to uncover hidden risks and vulnerabilities. Manage and enhance our security simulation program, including conducting rigorous tabletop exercises to test and improve incident response tactics.
- Engage actively in on-call rotations, providing expert support and rapid responses to emergent security issues, ensuring 24/7 protection for our operations.
- Developing the security event simulation program and conducting security event tabletop exercisesOversee and cultivate strategic partnerships with external vendors and Managed Detection and Response (MDR) services, ensuring they align with our security objectives and deliver exceptional support and technology.
What we look for: