Incident Response Engineer, Security Team

Are you ready to power the World's connections?

If you don't think you meet all of the criteria below but are still interested in the job, please apply. Nobody checks every box - we're looking for candidates that are particularly strong in a few areas, and have some interest and capabilities in others.

This position will build a working leader reporting to the security manager, who is responsible for creating a collaborative environment between Kong Inc. Security and all impacted business/engineering teams by working together in the effective incident detection, response, recovery, identification, and protection. Stakeholder management and clean thinking under pressure are critical requirements for the role, together with a strong passion for Cyber Security and its fantastic ability to make a real difference in protecting customers, partners and employees.

The company's leadership team, and a cross-functional team of skilled engineers from various perspectives, all working with a singular focus of maintaining our customer's trust. You'll be exposed to the reality of how Kong functions on a technical and process level and will build a comprehensive base of knowledge around how it all works together. In doing so, you'll be playing a role in keeping Kong secure and compliant, bringing security to our company's forefront.

• Execute, develop and document incident handling guides and processes for Kong
• Prioritizes events using existing tools to correlate data to reduce false positives and detect threats
• Analyze and tune security alerts and interpret events, as well as create new signals based on signatures and behavioral activities
• Respond to security incidents and perform forensics on IT systems as necessary.
• Guide/lead mitigation strategies for identified vulnerabilities and threats
• Design, automate and maintain a portfolio of security alerts, automated actions, and escalation workflows supporting a high-performing 24/7 incident response capability.
• Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors.
• Assist with implementation of counter-measures or mitigating controls
• Develop and maintain Incident Response capabilities in public cloud environments
• Prepare incident reports of analysis methodology and results.
• Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
• Partner with key stakeholders and communicate effectively to improve preparation, identification, analysis, containment, and post-mortem activities feedback loop.
• Develop monthly reporting dashboards and metrics on incidents and response capabilities
• Prepare executive summaries and conduct briefings on significant investigations.

• Experience in crisis management, namely in preventing incidents from becoming a crisis
• Insight of using incidents as opportunities by leveraging Incidents to drive innovation, situation awareness, and fixes
• Passion for automation, delegation, and scalability via playbooks and highly effective processes
• Drive for automating processes and workflows to detect, contain and eliminate active malicious agents
• Expertise in building and operating security information/event management systems (SIEM), centralized logging, and enrichment solutions (Endpoint protection/detection, Panther, Crowdstrike, AWS Security Hub, codebase infrastructure, build infrastructure).
• Practical experience working with cloud technologies; ability to build and deploy a solution using Terraform.
• Experience with building and deploying solutions (Ansible, Terraform)
• Competency in Linux, windows;
• Ability to automate workflows via Python or javascript scripting languages.

About Kong:

Kong Inc., a leading developer of cloud API technologies, is on a mission to enable companies around the world to become "API-first" and securely accelerate AI adoption. Kong helps organizations globally — from startups to Fortune 500 enterprises — unleash developer productivity, build securely, and accelerate time to market. For more information about Kong, please visit or follow us on X @thekonginc.