Information Security Manager

COMPANY OVERVIEW

KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR’s insurance subsidiaries offer retirement, life and reinsurance products under the management of Global Atlantic Financial Group. References to KKR’s investments may include the activities of its sponsored funds and insurance subsidiaries.

POSITION SUMMARY 

KKR is seeking an experienced Information Security Engineer. This role offers exciting opportunities for growth and impact as KKR scales its business and continues to innovate. As a Security Engineer, you will be responsible for designing, implementing, and maintaining security measures across our environment. You must be proficient in troubleshooting, have a deep understanding of a wide range of systems, and be capable of leading other teams in these efforts. You will work closely with IT and other business units to ensure our security posture remains strong, aligned with industry best practices, and compliant with regulatory requirements. You will also be looking over the horizon, identifying future needs and exploring leading edge solutions.

RESPONSIBILITIES:

Network Security:

• Design, implement, and manage network security solutions, including firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and network access control (NAC).
• Analyze network traffic for potential security threats and vulnerabilities.
• Develop and enforce network security policies, procedures, and standards.

 Email Security:

• Configure and manage secure email gateways to protect against phishing, spam, malware, and other email based threats.
• Implement and maintain email encryption protocols.
• Conduct regular security assessments and audits of email systems.

 Endpoint Security:

• Deploy and manage endpoint security solutions, including antivirus, antimalware, EDR (Endpoint Detection and Response), and DLP (Data Loss Prevention) tools.
• Ensure endpoint devices are compliant with security policies and have the latest security patches and updates.
• Respond to and mitigate endpoint security incidents.

 Vulnerability Management:

• Develop and manage vulnerability management programs, including regular scanning, assessment, and remediation.
• Collaborate with IT teams to prioritize and address vulnerabilities based on risk and impact.
• Track and report on the status of vulnerability remediation efforts.

 Cloud Security:

• Implement and manage security controls across various cloud platforms (e.g., AWS, Google Cloud, Microsoft Azure).
• Ensure the security of cloud based infrastructure, applications, and services.

 QUALIFICATIONS

• 6 to 10 years of combined work experience in networking/infrastructure/security, ideally in companies of different sizes with experience working in different roles with different technologies and products.
• Understanding of core principles of how modern infrastructure technologies operate (such as virtualization of computing and networking, containers, cloud computing, SaaS, PaaS etc) and the security aspects of these technologies
• Solid understanding of the operation of LAN/WAN IP-based networks (TCP/IP, routing/switching, VLANs, NAT, DNS, DHCP);
• Understanding of principles of applied cryptography - symmetric/asymmetric encryption, hashing, SSL/TLS, SSH, PKI, IPSec, site-to-site/remote access VPN, disk encryption, HSM
• Understanding of attack vectors against modern enterprises: phishing, ransomware, malware, DoS/DDoS, drive-by, MITM, various type of injection (i.e. SQL), cross-site scripting, etc.; methods of defense from these attacks
• Knowledge of common security principles, concepts, and methods (authentication, authorization, single sign-on, network segregation, DMZ, Zero Trust, defense-in-depth, penetration testing, sandboxing etc.)
• Ability and desire to code, script and automate in order to improve own and team's operational efficiency
• Understanding of aspects of application delivery in principle and firewalling/load balancing in particular
• Understanding of HTTP operation and associated concepts (its methods, cookies, sessions, caching, CDNs, HTTP-based applications and protocols etc)
• Understanding of principles of operation of NextGen/L7 firewalls and experience with one of the market-leading vendors
• Practical knowledge of Windows (including AD) and Linux
• Knowledge of SSL/TLS traffic handling and encrypt/decrypt policies.
• Team-player who enjoys working in a collaborative and collegial environment and is an active contributor as part of a global team
• Ability to work calmly under pressure and meet deadlines and solve problems requiring creativity, initiative and drive; self-motivated and enjoys a sense of pride in their accomplishments
• Ability to present ideas in a user-friendly, business-friendly and technical language
• Strategic self-starter with an innovative mindset and outstanding attention to detail

KKR is an equal opportunity employer.  Individuals seeking employment are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, sexual orientation, or any other category protected by applicable law.