This position will build a working leader reporting to the security manager, who is responsible for creating a collaborative environment between Kong Inc. Security and all impacted business/engineering teams by working together in the effective incident detection, response, recovery, identification, and protection. Stakeholder management and clean thinking under pressure are critical requirements for the role, together with a strong passion for Cyber Security and its fantastic ability to make a real difference in protecting customers, partners and employees.

This role will build a comprehensive base of knowledge around how Kong functions on a technical and process level and will play a role in keeping Kong secure and compliant, bringing security to our company's forefront.

What you’ll be doing:

• Execute, develop and document incident handling guides and processes for Kong
• Prioritizes events using existing tools to correlate data to reduce false positives and detect threats
• Analyze and tune security alerts and interpret events, as well as create new signals based on signatures and behavioral activities
• Respond to security incidents and perform forensics on IT systems as necessary.
• Guide/lead mitigation strategies for identified vulnerabilities and threats
• Design, automate and maintain a portfolio of security alerts, automated actions, and escalation workflows supporting a high-performing 24/7 incident response capability.
• Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors.
• Assist with implementation of counter-measures or mitigating controls
• Develop and maintain Incident Response capabilities in public cloud environments
• Prepare incident reports of analysis methodology and results.
• Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
• Partner with key stakeholders and communicate effectively to improve preparation, identification, analysis, containment, and post-mortem activities feedback loop.
• Develop monthly reporting dashboards and metrics on incidents and response capabilities
• Prepare executive summaries and conduct briefings on significant investigations.