Incident Response Engineer, Security Team

Are you ready to power the World's connections?If you don't think you meet all of the criteria below but are still interested in the job, please apply. Nobody checks every box - we're looking for candidates that are particularly strong in a few areas, and have some interest and capabilities in others.About the RoleThis position will build a working leader reporting to the security manager, who is responsible for creating a collaborative environment between Kong Inc. Security and all impacted business/engineering teams by working together in the effective incident detection, response, recovery, identification, and protection. Stakeholder management and clean thinking under pressure are critical requirements for the role, together with a strong passion for Cyber Security and its fantastic ability to make a real difference in protecting customers, partners and employees.The company's leadership team, and a cross-functional team of skilled engineers from various perspectives, all working with a singular focus of maintaining our customer's trust. You'll be exposed to the reality of how Kong functions on a technical and process level and will build a comprehensive base of knowledge around how it all works together. In doing so, you'll be playing a role in keeping Kong secure and compliant, bringing security to our company's forefront.What you'll be doingExecute, develop and document incident handling guides and processes for KongPrioritizes events using existing tools to correlate data to reduce false positives and detect threatsAnalyze and tune security alerts and interpret events, as well as create new signals based on signatures and behavioral activitiesRespond to security incidents and perform forensics on IT systems as necessary.Guide/lead mitigation strategies for identified vulnerabilities and threatsDesign, automate and maintain a portfolio of security alerts, automated actions, and escalation workflows supporting a high-performing 24/7 incident response capability.Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors.Assist with implementation of counter-measures or mitigating controlsDevelop and maintain Incident Response capabilities in public cloud environmentsPrepare incident reports of analysis methodology and results.Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary informationPartner with key stakeholders and communicate effectively to improve preparation, identification, analysis, containment, and post‑mortem activities feedback loop.Develop monthly reporting dashboards and metrics on incidents and response capabilitiesPrepare executive summaries and conduct briefings on significant investigations.What you'll bringExperience in crisis management, namely in preventing incidents from becoming a crisisInsight of using incidents as opportunities by leveraging Incidents to drive innovation, situation awareness, and fixesPassion for automation, delegation, and scalability via playbooks and highly effective processesDrive for automating processes and workflows to detect, contain and eliminate active malicious agentsExpertise in building and operating security information/event management systems (SIEM), centralized logging, and enrichment solutions (Endpoint protection/detection, Panther, Crowdstrike, AWS Security Hub, codebase infrastructure, build infrastructure).Practical experience working with cloud technologies; ability to build and deploy a solution using Terraform.Experience with building and deploying solutions (Ansible, Terraform)Competency in Linux, windows;Ability to automate workflows via Python or javascript scripting languages.About KongKong Inc., a leading developer of cloud API technologies, is on a mission to enable companies around the world to become "API-first" and securely accelerate AI adoption. Kong helps organizations globally - from startups to Fortune 500 enterprises - unleash developer productivity, build securely, and accelerate time to market. For more information about Kong, please visit or follow us on X @thekonginc.#J-18808-Ljbffr