Software Security Engineer (Remote)

United States /
Engineering – Security /
Full-time
Are you ready to power the World's connections?

If you don’t think you meet all of the criteria below but are still interested in the job, please apply.  Nobody checks every box - we’re looking for candidates that are particularly strong in a few areas, and have some interest and capabilities in others.

About the role:

As a software security engineer at Kong, you will be a member of the information security team collaborating closely with our various product engineering teams to ensure our products are developed with security by design. Your responsibilities will include performing code reviews, investigating vulnerability reports, assessing software architecture for security considerations, proposing SDLC process improvements to enhance security, and committing code to fix security issues. You will also be a member of the security incident response team, reacting to security incident escalations relating to your product scope.

Why should you want to work at Kong?  

Market Opportunity - We are on a quest to build a $10b+ software company over the next few years and need YOUR help!
- APIs are driving innovation across every industry!
Strong VC team, Series D, strong year over year revenue growth!
Technical Leadership - We are recognized as the leader in innovation in the connectivity space.
- Marco, our CTO/co-founder - “We are the Cisco of L4 and L7” - CUBE Conversation, March 2021
We are the leading innovator in the connectivity space!
Amazing Team & Culture - Come be a "Konger" and find out what we mean.
- Great Place to Work Certified in 2020 & 2021
Kong employees discuss our culture at our 2020 Company Kickoff
Building Great Products - Learn why the world's largest companies love our tech!
- Kong Named a Leader in the 2020 Gartner Magic Quadrant
Over 250m+ downloads of our open source API gateway!  Over 40k+ stars on Github between Kong API and Kong Insomnia!

What you'll do:

    • Collaborate with members of a product engineering team to ensure design decisions and implementation details are security-aware.
    • Drive security architecture decisions and principles within the team.
    • Help to define and implement secure product development practices across Kong’s product engineering teams.
    • Contribute to the product codebase, especially in the form of security fixes and vulnerability mitigation.
    • Educate and mentor engineers on your team about good security practices.
    • Any additional tasks required by manager.

What you'll bring:

    • 5+ years of combined software engineering and infosec experience.
    • Deep familiarity with a programming language like Python, Javascript, or Golang.
    • Experience developing secure microservices architectures and distributed systems.
    • Demonstrated expertise in software security controls (e.g. OWASP, NIST).
    • Knowledge of at least one of the following:
    • Intrusion detection and mitigation.
    • Incident response and forensic analysis.
    • Applied cryptography & security protocols.
    • Authentication and Access Control.
    • Excellent verbal and written communication skills.
We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

What is a Konger? 

We are a group of makers, thinkers, and doers focused on helping today’s developers build tomorrow’s technology. Our teams work on the bleeding edge of API innovation to provide our users with a central nervous system for data and services.

We put design at the heart of everything we do, and we’re relentlessly focused on creating beautiful experiences for our customers. That’s why technology companies, major banks, e-commerce innovators, and government agencies put Kong in front of their most important web applications.

We believe in the power of Open Source and everything it stands for. That’s why developers around the world enthusiastically contribute on top of our open-source platform.

We are passionate about solving challenges that will fundamentally shape the future of technology, and we’re looking for the right people to join us on our mission. If you believe in taking ownership of your work, making an impact, and having fun along the way, we would love to talk to you.

Kong Core Values: 

Be Inclusive.  We work together from anywhere to achieve our common goals. Our differences make us stronger.

Be Authentic.  We are genuine, principled and confident without arrogance. Show respect and kindness, especially in tough moments.

Be Relentlessly Resourceful.  We work with purpose, obsession and grit. It takes muscle to do hard things and doing hard things build muscle.

Be Customer Obsessed.  We care. Customers are everything, we put them at the center of everything you do. We are all empowered to make an impact.

Be Curious.  We value ideas over hierarchy. Never accept the status quo. We make bold bets, fail, and learn everyday. There is always a way.

Be an Owner.  We are drivers not passengers and own the quality and outcomes of our work.

About Kong:

Kong creates software and managed services that connect APIs and microservices natively across and within clouds, Kubernetes, data centers and more using intelligent automation. Built on an open source core, Kong’s service connectivity platform enables digital innovation by allowing organizations to reliably and securely manage the full lifecycle of APIs and services for modern architectures, including microservices, serverless and service mesh. By providing developer teams with unprecedented architectural freedom, Kong accelerates innovation cycles, increases productivity, and seamlessly bridges legacy and modern systems and applications. For more information about Kong, please visit konghq.com or follow @thekonginc on Twitter.