Security Engineer - (Security Operations/Incident Response)

United States
Engineering – Security /
Full-time /
If you don’t think you meet all of the criteria below but are still interested in the job, please apply.  Nobody checks every box - we’re looking for candidates that are particularly strong in a few areas, and have some interest and capabilities in others.

About the role:

As a Security Engineer specializing in detection and response, you will play a pivotal role in safeguarding Kong’s platforms against sophisticated cybersecurity threats. This dynamic position involves directing our Security Incident Response Team (SIRT), enhancing our incident response strategies, and providing mentorship to develop team expertise. Your efforts in evolving our Detection and Response program will be crucial—through pioneering advanced frameworks, integrating cutting-edge automation, and crafting essential performance metrics; you will lead initiatives that significantly boost our defenses and operational efficiencies.

This role offers the unique opportunity to shape the future of cybersecurity in Kong, ensuring robust protection against an ever-changing threat landscape. Your strategic input and leadership will not only defend our systems but also influence the security culture at Kong Inc., making an indelible impact on our global operations.

Kong is a fully distributed team with an HQ office in San Francisco. This role is remote and open to US and Canadian applicants. The role is eligible for work authorization sponsorship.

Why should you want to work at Kong?  

Market Opportunity 
We are on a quest to build a $10b+ software company over the next few years and need YOUR help!
Why APIs Matter? APIs have been enabling innovation for decades!
Strong VC team, Series D, strong year-over-year revenue growth!
Technical Leadership - We are recognized as the leader in innovation in the connectivity space.
Marco, our CTO/co-founder - “We are the Cisco of L4 and L7” - CUBE Conversation, March 2021
We are the leading innovator in the connectivity space!
Amazing Team & Culture - Come be a "Konger" and find out what we mean.
Great Place to Work Certified in 2020 & 2021 Best Workplaces in 2022
Customer Fireside Chat with Rabobank | API Summit 2023
Building Great Products - Learn why the world's largest companies love our tech!
Kong Named a Leader in the 2023 Gartner Magic Quadrant
Over 250m+ downloads of our open-source API gateway!  Over 60k+ stars on GitHub between Kong API and Kong Insomnia!


    • Direct our Security Incident Response Team (SIRT), leveraging strategic frameworks, state-of-the-art technologies, and rigorous processes to swiftly identify, manage, and mitigate security incidents. Focus on minimizing the impact of these incidents through effective response and recovery strategies.
    • Engineer sophisticated detection systems and analytics to proactively identify and neutralize threats across diverse environments, including cloud, corporate, and edge infrastructures.
    • Foster strong partnerships with Engineering, Risk Management, Compliance, and other critical departments to ensure security measures are perfectly integrated with the broader business goals and objectives.
    • To strengthen our security infrastructure, we continuously assess, select, and optimize a blend of custom and commercial security tools, including EDR, anti-phishing technologies, and SIEM systems.
    • Craft and refine advanced strategies, create resilient frameworks, and implement process automation to elevate the maturity of our Detection and Response programs. Develop critical metrics to measure effectiveness and drive continuous improvement.
    • Design and maintain comprehensive incident response playbooks and detailed documentation to guide the security team's actions during incidents and ensure consistency in response strategies.
    • Lead proactive threat-hunting initiatives to uncover hidden risks and vulnerabilities. Manage and enhance our security simulation program, including conducting rigorous tabletop exercises to test and improve incident response tactics.
    • Engage actively in on-call rotations, providing expert support and rapid responses to emergent security issues, ensuring 24/7 protection for our operations.
    • Developing the security event simulation program and conducting security event tabletop exercises.
    • Oversee and cultivate strategic partnerships with external vendors and Managed Detection and Response (MDR) services, ensuring they align with our security objectives and deliver exceptional support and technology.


    • At Kong Inc., we value a diversity of voices. The following is not a laundry list, but to be effective in this role, you should possess most of the following and an interest in learning more about the rest.  
    • Expertise in building and operating security information/event management systems (SIEM), including investigating threats, developing metrics and dashboards, normalizing data feeds, and integrating with other tools.
    • Strong understanding of attacker tactics, techniques, and procedures (TTPs) and experience with “Detection as Code.”
    • Proven expertise in managing and operating SIEM systems; familiarity with CrowdStrike and LimaCharlie SecOps Cloud Platform preferred.
    • Demonstrated ability to use Tines, the smart, secure workflow builder, to automate processes that detect, contain, and eliminate active malicious agents. This includes designing and implementing automation workflows that enhance our security response capabilities and operational efficiency.
    • Experience in securing, developing detections, and responding to incidents in one major public cloud infrastructure, such as Amazon Web Services (AWS) or Google Cloud Platform (GCP).
    • Experience in effectively leading large and complex security incidents from detection to remediation.
    • Familiarity with modern security frameworks and best practices, such as the MITRE ATT&CK framework and NIST CSF.
    • Proficiency in one or more general-purpose programming languages such as Python, Ruby, Go, or Rust.
    • Experience with Linux administration at scale, associated intrusion/manipulation techniques, and standard methodologies for system hardening and process isolation.

Preferred Qualifications:

    • Experience in building a Detection Engineering Pipeline and leading threat hunts.
    • Published research in detection engineering or threat intelligence.
    • Developed automation to enhance security operations.
Kong has different base pay ranges for different work locations globally, which allows us to pay employees competitively and consistently in different geographic markets. The compensation varies depending on a wide array of factors, including but not limited to specific candidate location, role, skill set, and level of experience. Certain roles are eligible for additional rewards including sales incentives depending on the terms of the applicable plan and role. Benefits may vary depending on location. US-based employees are typically offered access to healthcare benefits, a 401(k) plan, short and long-term disability benefits, and basic life and AD&D insurance, among others. The typical base pay range for this role in USD. USD 153,000 - 188,215.

What is a Konger? 

We are a group of makers, thinkers, and doers focused on helping today’s developers build tomorrow’s technology. Our teams work on the bleeding edge of API innovation to provide our users with a central nervous system for data and services. 

We put design at the heart of everything we do, and we’re relentlessly focused on creating beautiful experiences for our customers. That’s why technology companies, major banks, e-commerce innovators, and government agencies put Kong in front of their most important web applications. 

We believe in the power of Open Source and everything it stands for. That’s why developers around the world enthusiastically contribute on top of our open-source platform. 

We are passionate about solving challenges that will fundamentally shape the future of technology, and we’re looking for the right people to join us on our mission. If you believe in taking ownership of your work, making an impact, and having fun along the way, we would love to talk to you.

Kong Core Values: 

Be Inclusive. We work together from anywhere to achieve our common goals. Our differences make us stronger. 

Be Authentic. We are genuine, principled and confident without arrogance. Show respect and kindness, especially in tough moments. 

Be Relentlessly Resourceful. We work with purpose, obsession and grit. It takes muscle to do hard things and doing hard things build muscle. 

Be Customer Obsessed. We care. Customers are everything, we put them at the center of everything you do. We are all empowered to make an impact. 

Be Curious. We value ideas over hierarchy. Never accept the status quo. We make bold bets, fail, and learn everyday. There is always a way. 

Be an Owner. We are drivers not passengers and own the quality and outcomes of our work.

About Kong: 

Kong is THE cloud native API platform with the fastest, most adopted API gateway in the world (over 300m downloads!). Loved by developers and trusted with enterprises’ most critical traffic volumes, Kong helps startups and Fortune 500 companies build with confidence – allowing them to bring solutions to market faster with API and service connectivity that scales easily and securely. 

83% of web traffic today is API calls!  APIs are the connective tissue of the cloud and the underlying technology that allows software to talk and interact with one another.  Therefore, we believe that APIs act as the nervous system of the cloud.  Our audacious mission is to build the nervous system that will safely and reliably connect all of humankind!  

For more information about Kong, please visit or follow @thekonginc on Twitter.

We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.