The API gateway for modern microservices
Kong is a leading provider of API and service lifecycle management solutions, headquartered in The East Cut, San Francisco, CA. With over 500 employees, Kong has raised $344.1 million in Series D funding and serves Global 5000 enterprises, enabling them to securely connect and orchestrate microservi...
Kong offers flexible time off to prioritize personal well-being, stock options for employees to share in the company's success, and U-First Fridays fo...
Kong fosters a culture focused on innovation and flexibility, emphasizing the importance of modern architectures like microservices and serverless env...
Kong • India-Karnataka
Kong is seeking a GRC Program Manager to oversee compliance programs and ensure audit readiness. You'll work closely with various teams to manage compliance frameworks like ISO 27001 and SOC 2 Type II. This role requires strong experience in compliance management.
You have a strong background in compliance management, with a focus on frameworks such as ISO 27001 and SOC 2 Type II. Your experience includes acting as an internal auditor, continuously assessing the effectiveness of security and compliance controls across products. You are skilled at identifying control gaps and weaknesses, and you can document findings, risks, and recommendations in a clear and actionable manner. You thrive in collaborative environments, working closely with Customer Assurance, Security, Engineering, and Product teams to drive remediation efforts and maintain certifications.
You understand the importance of compliance in the tech industry and are passionate about ensuring that products meet regulatory requirements. You have a proactive approach to compliance monitoring activities and are adept at planning and executing internal control reviews and readiness assessments. Your ability to provide clear guidance on compliance requirements and expectations makes you a valuable asset to any team.
Experience with additional compliance frameworks or certifications is a plus. Familiarity with cloud API technologies and their security implications will enhance your effectiveness in this role. You are also open to learning and adapting to new compliance requirements as they arise.
In this role, you will take end-to-end ownership of Kong’s compliance programs, ensuring ongoing audit readiness for compliance frameworks including ISO 27001 and SOC 2 Type II. You will act as an internal auditor, continuously assessing the effectiveness of security and compliance controls across Kong’s products. Your responsibilities will include planning and executing internal control reviews and readiness assessments, identifying control gaps, and collaborating closely with Customer Assurance SMEs to remediate identified compliance gaps.
You will document findings, risks, and recommendations clearly and actionable manner, ensuring that all stakeholders are informed and aligned. Your role will involve maintaining security policies and processes, and you will work closely with various teams to drive remediation efforts and obtain/maintain necessary certifications. You will also be responsible for ensuring that the organization is prepared for external audits, providing clear guidance on compliance requirements and expectations.
Kong offers a dynamic work environment where you can make a significant impact on the organization’s compliance posture. You will have the opportunity to work with a talented team of professionals dedicated to ensuring the highest standards of compliance and security. We encourage you to apply even if your experience doesn't match every requirement, as we value diverse perspectives and backgrounds. Join us in our mission to enable companies around the world to become “API-first” and securely accelerate AI adoption.
Apply now or save it for later. Get alerts for similar jobs at Kong.
