Providing security incident management for industrial environments at Telefónica Tech. Utilizing various monitoring platforms to enhance security posture.
About the role
- Technical security lead managing security operations for Kong Cloud. Architecting advanced security solutions and mentoring engineers in a fast-paced environment.
Responsibilities
- Act as the lead subject matter expert for the Kong Cloud Security Operations.
- Architect and implement next-generation WAF, IDS, and IPS capabilities at the gateway level to protect against OWASP Top 10, zero-day exploits, and sophisticated API abuse.
- Design and implement "Zero Trust" security models that operate seamlessly across hybrid and multi-cloud environments (AWS, Azure, GCP, On-prem).
- Partner with Product and Architecture leads to define the multi-year security roadmap for Kong Gateway, balancing the needs of the OSS community with Enterprise requirements.
- Lead the response to complex, multi-faceted security challenges—from supply chain vulnerabilities in open-source dependencies to high-stakes CVE remediations.
- Champion a "Security-First" culture by mentoring engineers on secure coding practices and influencing the long-term cybersecurity maturity of the entire organization.
Requirements
- 8+ years’ experience in Cybersecurity Engineering, with a focus on high-traffic infrastructure or API management.
- Extensive experience with Kong Gateway, Nginx, eBPF, or similar technologies.
- Expert-level knowledge of multi-cloud solution design, specifically securing traffic across disparate cloud providers and Kubernetes environments.
- Proven track record in designing/deploying WAF, IDS, and IPS systems at scale, with an understanding of signature-based vs. ML-based detection.
- Programming proficiency in Python, Go or Rust.
- Experience contributing to or maintaining open-source security projects is a significant asset.
- Ability to produce high-quality, high-performance security designs that do not compromise the "millisecond-latency" promise of the gateway.
Benefits
- Health insurance
- 401(k) matching
- Flexible work hours
- Paid time off
- Professional development opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Information Security Manager responsible for steering InfoSec programs globally at ZEISS. Leading cross - functional initiatives and risk management strategies in a high - tech environment.
Senior Cybersecurity Incident Responder at ZEISS handling technical incident response activities. Collaborating with cyber defense teams to ensure effective incident management and resolution.
Endpoint Security Engineer at Booz Allen designing and operationalizing data protection controls. Safeguarding sensitive data across enterprise systems and leading technical operations.
Senior Security Adviser handling governance and US integration tasks at Boeing. Liaising with US - based partners and coordinating crisis management for international security operations.
Lead Industrial Security Specialist at Boeing assessing compliance with security programs and implementing corrective actions. Involves extensive travel and oversight of security protocols across multiple locations.
Senior Manager of IT overseeing operational security services for Xcel Energy. Leading teams to ensure compliance and effective risk management across enterprise security operations.
IT Security Administrator managing access control and audit evidence across systems at Xcel Energy. Involves training security staff and handling incident investigations.
Senior ML Security Engineer developing security tools and frameworks for ML workflows. Ensuring proactive vulnerability detection and compliance with ML security standards at NXP.
Lead a multidisciplinary team at NXP focused on the proactive identification and analysis of security vulnerabilities in semiconductor products. Drive innovative approaches to security testing and team management.