Architect and implement next-generation WAF, IDS, and IPS capabilities at the gateway level to protect against OWASP Top 10, zero-day exploits, and sophisticated API abuse.
Design and implement "Zero Trust" security models that operate seamlessly across hybrid and multi-cloud environments (AWS, Azure, GCP, On-prem).
Partner with Product and Architecture leads to define the multi-year security roadmap for Kong Gateway, balancing the needs of the OSS community with Enterprise requirements.
Lead the response to complex, multi-faceted security challenges—from supply chain vulnerabilities in open-source dependencies to high-stakes CVE remediations.
Champion a "Security-First" culture by mentoring engineers on secure coding practices and influencing the long-term cybersecurity maturity of the entire organization.

5+ years’ experience in Cybersecurity Engineering, with a focus on high-traffic infrastructure or API management.
Expert-level knowledge of multi-cloud solution design, specifically securing traffic across disparate cloud providers and Kubernetes environments.
Proven track record in designing/deploying WAF, IDS, and IPS systems at scale, with an understanding of signature-based vs. ML-based detection.
Programming Proficiency:Python, Go or Rust
Experience contributing to or maintaining open-source security projects is a significant asset.
Ability to produce high-quality, high-performance security designs that do not compromise the "millisecond-latency" promise of the gateway.

Senior Security Engineer

Key skills