StaffSecurityEngineer

Are you ready to unlock intelligence? If you don’t think you meet all of the criteria below but are still interested in the job, please apply. Nobody checks every box - we’re looking for candidates that are particularly strong in a few areas, and have some interest and capabilities in others. About the Role: As a Staff Security Engineer, you will serve as the technical security lead for securing the world’s most popular API gateway. You will apply deep expertise in high-performance networking and distributed systems to shape the security posture of the Kong Cloud. You’ll spend your time architecting the evolution of our security capabilities—specifically focused on leveraging Open Source (OSS) and building state of the art network and application security solutions.. What you'll do: - Domain Expertise: Act as the lead subject matter expert for the Kong Cloud Security Operations. - Threat Defense Leadership: Architect and implement next-generation WAF, IDS, and IPS capabilities at the gateway level to protect against OWASP Top 10, zero-day exploits, and sophisticated API abuse. - Multi-Cloud Security: Design and implement "Zero Trust" security models that operate seamlessly across hybrid and multi-cloud environments (AWS, Azure, GCP, On-prem). - Strategic Roadmap: Partner with Product and Architecture leads to define the multi-year security roadmap for Kong Gateway, balancing the needs of the OSS community with Enterprise requirements. - Incident Resolution: Lead the response to complex, multi-faceted security challenges—from supply chain vulnerabilities in open-source dependencies to high-stakes CVE remediations. - Mentorship & Influence: Champion a "Security-First" culture by mentoring engineers on secure coding practices and influencing the long-term cybersecurity maturity of the entire organization. What you'll bring: - 8+ years’ experience in Cybersecurity Engineering, with a focus on high-traffic infrastructure or API management. - Extensive experience with Kon