Senior Security Engineer

November 20

Apply Now

Receive Emails with Similar Jobs

Kong Inc.

WebsiteLinkedInAll Job Openings

API • SaaS • Enterprise

Kong Inc. is a company that provides a comprehensive API platform designed to facilitate API management, AI integration, and developer productivity. It offers solutions like Kong Gateway, Kong Konnect, and a variety of other tools targeted at managing and optimizing the API lifecycle. Kong's platform supports multi-cloud environments and is built to deliver high performance and security. It is notably recognized by Gartner as a leader in API management and supports innovations across industries like financial services, healthcare, and technology. The company emphasizes flexibility, security, and speed, making it a favored choice for enterprises looking to enhance their digital services through APIs. Kong also supports a robust community of developers and provides extensive integrations and plugins to streamline API management and operations.

201 - 500 employees

Founded 2017

🔌 API

☁️ SaaS

🏢 Enterprise

💰 $100M Series D on 2021-02

📋 Description

• Conduct both automated and manual testing to uncover vulnerabilities: • Static Analysis: Detect insecure coding patterns during development. • Dynamic Application Security Testing (DAST): Identify runtime vulnerabilities such as XSS or SQL Injection. • Fuzz Testing: Discover unknown vulnerabilities through randomized inputs. • Dependency Analysis: Identify vulnerabilities in third-party libraries and components. • Environment Simulation and Sandboxing: Test software in isolated environments to simulate real-world attacks. • Vulnerability Triage and Management: Identify, prioritize, and track vulnerabilities from multiple sources. • Manual Testing and Validation: Conduct in-depth manual testing to identify vulnerabilities not covered by automated tools. • Collaborate with Development Teams: Act as the primary security liaison for engineering teams. • Process Development and Metrics: Establish workflows for vulnerability triage, testing, and closure.

🎯 Requirements

• Hands-on experience performing binary analysis to identify vulnerabilities and security weaknesses. • Direct experience using debuggers (e.g., GDB, WinDbg) to analyze binaries and investigate potential security flaws. • Expertise in building and managing automated security testing pipelines in CI/CD workflows. • Strong knowledge of static and dynamic application security testing tools and methodologies. • Hands-on experience conducting manual security testing, including penetration testing and vulnerability validation. • Proficiency in typescript/javascript • Experience working with development teams to remediate vulnerabilities and ensure secure software delivery. • Familiarity with secure coding practices and common vulnerabilities (e.g., OWASP Top 10, CWE/SANS Top 25). • Knowledge of modern security frameworks such as MITRE ATT&CK and NIST CSF.

🏖️ Benefits

• Health insurance • 401(k) plan • Short and long term disability benefits • Basic life and AD&D insurance • Additional rewards including sales incentives