Staff Cyber Security Engineer

Department: All Cost Center

Location: Milan

Employment Type: FullTime

Are you ready to power the World's connections?

If you don’t think you meet all of the criteria below but are still interested in the job, please apply. Nobody checks every box - we’re looking for candidates that are particularly strong in a few areas, and have some interest and capabilities in others.

About the Role:

As a Staff Security Engineer, you will serve as the technical security lead for securing the world’s most popular API gateway. You will apply deep expertise in high-performance networking and distributed systems to shape the security posture of the Kong Cloud. You’ll spend your time architecting the evolution of our security capabilities—specifically focused on leveraging Open Source (OSS) and building state of the art network and application security solutions..

What you'll do:

• Domain Expertise: Act as the lead subject matter expert for the Kong Cloud Security Operations.

• Threat Defense Leadership: Architect and implement next-generation WAF, IDS, and IPS capabilities at the gateway level to protect against OWASP Top 10, zero-day exploits, and sophisticated API abuse.

• Multi-Cloud Security: Design and implement "Zero Trust" security models that operate seamlessly across hybrid and multi-cloud environments (AWS, Azure, GCP, On-prem).

• Strategic Roadmap: Partner with Product and Architecture leads to define the multi-year security roadmap for Kong Gateway, balancing the needs of the OSS community with Enterprise requirements.

• Incident Resolution: Lead the response to complex, multi-faceted security challenges—from supply chain vulnerabilities in open-source dependencies to high-stakes CVE remediations.

• Mentorship & Influence: Champion a "Security-First" culture by mentoring engineers on secure coding practices and influencing the long-term cybersecurity maturity of the entire organization.

What you'll bring:

• 8+ years’ experience in Cybersecurity Engineering, with a focus on high-traffic infrastructure or API management.

• Extensive experience with Kong Gateway, Nginx, eBPF, or similar technologies.

• Cloud-Native & Multi-Cloud: Expert-level knowledge of multi-cloud solution design, specifically securing traffic across disparate cloud providers and Kubernetes environments.

• Security Domain Specialist: Proven track record in designing/deploying WAF, IDS, and IPS systems at scale, with an understanding of signature-based vs. ML-based detection.

• Programming Proficiency:Python, Go or Rust

• Open Source Contributor: Experience contributing to or maintaining open-source security projects is a significant asset.

• Design Excellence: Ability to produce high-quality, high-performance security designs that do not compromise the "millisecond-latency" promise of the gateway.

#LI-BR2

About Kong:

Kong Inc., a leading developer of API and AI connectivity technologies, is building the infrastructure that powers the agentic era. trusted by the Fortune 500 and startups alike, Kong's unified API and AI platform, Kong Konnect, enables organizations to secure, manage, accelerate, govern, and monetize the flow of intelligence across APIs and AI models. For more information, visit www.konghq.com.