TEAM OVERVIEW

KKR's Technology organization is a group of passionate technologists and product managers, unified by a shared mission to deliver exceptional products and solutions that drive value for our stakeholders, clients, and investors. Our passion for technology and innovation fuels our commitment to creating high-quality, impactful solutions that address complex challenges and meet the evolving needs of our sophisticated businesses.

Teamwork is at the core of the organization’s success. We thrive on open collaboration and continuous learning, driving a culture that values diversity of thought and collective achievement. Our global footprint fosters the integration of a diverse set of ideas and viewpoints in product and solution delivery, allow us to design more comprehensive solutions that are adaptable and scalable. We optimize for impact, prioritizing and delivering solutions with excellence while remaining agile in response to the evolving needs of our businesses.

POSITION OVERVIEW

KKR is seeking a network security engineer to join our information security team in New York, or Boston. This is an in-person role with expectations to be on-site 5 days a week.

This role is ideal for an engineer with 6+ years of experience developing, and building solutions with expertise across network, email, endpoint and cloud security. Experience in financial systems, cloud (AWS/Azure), or AI security is highly valued.

RESPONSIBILITIES

Network Security:

• Design, implement, and manage network security solutions, including firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and network access control (NAC).
• Analyze network traffic for potential security threats and vulnerabilities.
• Develop and enforce network security policies, procedures, and standards.

Email Security:

• Configure and manage secure email gateways to protect against phishing, spam, malware, and other email-based threats.
• Implement and maintain email encryption protocols.
• Conduct regular security assessments and audits of email systems.

Endpoint Security:

• Deploy and manage endpoint security solutions, including antivirus, antimalware, EDR (Endpoint Detection and Response), and DLP (Data Loss Prevention) tools.
• Ensure endpoint devices are compliant with security policies and have the latest security patches and updates.
• Respond to and mitigate endpoint security incidents.

Vulnerability Management:

• Develop and manage vulnerability management programs, including regular scanning, assessment, and remediation.
• Collaborate with IT teams to prioritize and address vulnerabilities based on risk and impact.
• Track and report on the status of vulnerability remediation efforts.

Cloud Security:

• Implement and manage security controls across various cloud platforms (e.g., AWS, Google Cloud, Microsoft Azure).
• Ensure the security of cloud-based infrastructure, applications, and services.

QUALIFICATIONS

• Experienced security professional with a strong background in networking, infrastructure, and security, ideally gained in organizations of various sizes and through working in multiple roles with diverse technologies and products.
• Understanding of core principles of how modern infrastructure technologies operate (such as virtualization of computing and networking, containers, cloud computing, SaaS, PaaS etc) and the security aspects of these technologies
• Solid understanding of the operation of LAN/WAN IP-based networks (TCP/IP, routing/switching, VLANs, NAT, DNS, DHCP)
• Understanding of principles of applied cryptography - symmetric/asymmetric encryption, hashing, SSL/TLS, SSH, PKI, IPSec, site-to-site/remote access VPN, disk encryption, HSM
• Understanding of attack vectors against modern enterprises: phishing, ransomware, malware, DoS/DDoS, drive-by, MITM, various type of injection (i.e. SQL), cross-site scripting, etc.; methods of defense from these attacks
• Knowledge of common security principles, concepts, and methods (authentication, authorization, single sign-on, network segregation, DMZ, Zero Trust, defense-in-depth, penetration testing, sandboxing etc.)
• Ability and desire to code, script and automate in order to improve own and team's operational efficiency
• Understanding of aspects of application delivery in principle and firewalling/load balancing in particular
• Understanding of HTTP operation and associated concepts (its methods, cookies, sessions, caching, CDNs, HTTP-based applications and protocols etc)
• Understanding of principles of operation of NextGen/L7 firewalls and experience with one of the market-leading vendors
• Practical knowledge of Windows (including AD) and Linux
• Knowledge of SSL/TLS traffic handling and encrypt/decrypt policies.
• Team-player who enjoys working in a collaborative and collegial environment and is an active contributor as part of a global team
• Ability to work calmly under pressure and meet deadlines and solve problems requiring creativity, initiative and drive; self-motivated and enjoys a sense of pride in their accomplishments
• Ability to present ideas in a user-friendly, business-friendly and technical language
• Strategic self-starter with an innovative mindset and outstanding attention to detail