Senior Incident Response Engineer

Are you ready to unlock intelligence?

If you don’t think you meet all of the criteria below but are still interested in the job, please apply. Nobody checks every box - we’re looking for candidates that are particularly strong in a few areas, and have some interest and capabilities in others.

About the Role:

This position will build a working leader reporting to the security manager, who is responsible for creating a collaborative environment between Kong Inc. Security and all impacted business/engineering teams by working together in the effective incident detection, response, recovery, identification, and protection. Stakeholder management and clean thinking under pressure are critical requirements for the role, together with a strong passion for Cyber Security and its fantastic ability to make a real difference in protecting customers, partners and employees.

The company's leadership team, and a cross-functional team of skilled engineers from various perspectives, all working with a singular focus of maintaining our customer's trust. You'll be exposed to the reality of how Kong functions on a technical and process level and will build a comprehensive base of knowledge around how it all works together. In doing so, you'll be playing a role in keeping Kong secure and compliant, bringing security to our company's forefront.

What you’ll be doing:

• Execute, develop and document incident handling guides and processes for Kong.

• Prioritizes events using existing tools to correlate data to reduce false positives and detect threats.

• Analyze and tune security alerts and interpret events, as well as create new signals based on signatures and behavioral activities.

• Respond to security incidents and perform forensics on IT systems as necessary.

• Guide/lead mitigation strategies for identified vulnerabilities and threats.

• Design, automate and maintain a portfolio of security alerts, automated actions, and escalation workflows supporting a high-performing 24/7 incident response capability.

• Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors.

• Assist with implementation of counter-measures or mitigating controls.

• Develop and maintain Incident Response capabilities in public cloud environments.

• Prepare incident reports of analysis methodology and results.

• Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.

• Partner with key stakeholders and communicate effectively to improve preparation, identification, analysis, containment, and post-mortem activities feedback loop.

• Develop monthly reporting dashboards and metrics on incidents and response capabilities.

• Prepare executive summaries and conduct briefings on significant investigations.

What you’ll bring:

• Experience in crisis management, namely in preventing incidents from becoming a crisis.

• Insight of using incidents as opportunities by leveraging Incidents to drive innovation, situation awareness, and fixes.

• Passion for automation, delegation, and scalability via playbooks and highly effective processes.

• Drive for automating processes and workflows to detect, contain and eliminate active malicious agents.

• Expertise in building and operating security information/event management systems (SIEM), centralized logging, and enrichment solutions (Endpoint protection/detection, Panther, Crowdstrike, AWS Security Hub, codebase infrastructure, build infrastructure).

• Practical experience working with cloud technologies; ability to build and deploy a solution using Terraform.

• Experience with building and deploying solutions (Ansible, Terraform).

• Competency in Linux, windows;

• Ability to automate workflows via Python or javascript scripting languages.

#LI-BR2

About Kong:

Kong Inc., a leading developer of API and AI connectivity technologies, is building the infrastructure that powers the agentic era. Trusted by the Fortune 500 and startups alike, Kong's unified API and AI platform, Kong Konnect, enables organizations to secure, manage, accelerate, govern, and monetize the flow of intelligence across APIs and AI models. For more information, visit www.konghq.com.