Security Engineer

Security Engineer

Boston or New York

KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR's insurance subsidiaries offer retirement, life and reinsurance products under the management of Global Atlantic Financial Group. References to KKR's investments may include the activities of its sponsored funds and insurance subsidiaries.

KKR's Technology organization is a group of passionate technologists and product managers, unified by a shared mission to deliver exceptional products and solutions that drive value for our stakeholders, clients, and investors. Our passion for technology and innovation fuels our commitment to creating high-quality, impactful solutions that address complex challenges and meet the evolving needs of our sophisticated businesses.

Teamwork is at the core of the organization's success. We thrive on open collaboration and continuous learning, driving a culture that values diversity of thought and collective achievement. Our global footprint fosters the integration of a diverse set of ideas and viewpoints in product and solution delivery, allowing us to design more comprehensive solutions that are adaptable and scalable. We optimize for impact, prioritizing and delivering solutions with excellence while remaining agile in response to the evolving needs of our businesses.

KKR is seeking a network security engineer to join our information security team in Boston or New York. This is an in-person role with expectations to be on-site 4 days a week in Boston or 5 days a week in New York.

This role is ideal for an engineer with 6+ years of experience developing, and building solutions with expertise across network, email, endpoint, data, identity and cloud security. Experience in financial systems, cloud (AWS/Azure), or AI security is highly valued.

Responsibilities

• Design, implement, and manage network security solutions, including firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and network access control (NAC).
• Analyze network traffic for potential security threats and vulnerabilities.
• Develop and enforce network security policies, procedures, and standards.

• Configure and manage secure email gateways to protect against phishing, spam, malware, and other email-based threats.
• Implement and maintain email encryption protocols.
• Conduct regular security assessments and audits of email systems.

• Deploy and manage endpoint security solutions, including antivirus, antimalware, EDR (Endpoint Detection and Response), and DLP (Data Loss Prevention) tools.
• Ensure endpoint devices are compliant with security policies and have the latest security patches and updates.
• Respond to and mitigate endpoint security incidents.

• Develop and manage vulnerability management programs, including regular scanning, assessment, and remediation.
• Collaborate with IT teams to prioritize and address vulnerabilities based on risk and impact.
• Track and report on the status of vulnerability remediation efforts.

• Implement and manage security controls across various cloud platforms (e.g., AWS, Google Cloud, Microsoft Azure).
• Ensure the security of cloud-based infrastructure, applications, and services.

Qualifications

• Experienced security professional with a strong background in networking, infrastructure, and security, ideally gained in organizations of various sizes and through working in multiple roles with diverse technologies and products.
• Understanding of core principles of how modern infrastructure technologies operate (such as virtualization of computing and networking, containers, cloud computing, SaaS, PaaS etc) and the security aspects of these technologies
• Solid understanding of the operation of LAN/WAN IP-based networks (TCP/IP, routing/switching, VLANs, NAT, DNS, DHCP)
• Understanding of principles of applied cryptography - symmetric/asymmetric encryption, hashing, SSL/TLS, SSH, PKI, IPSec, site-to-site/remote access VPN, disk encryption, HSM
• Understanding of attack vectors against modern enterprises: phishing, ransomware, malware, DoS/DDoS, drive-by, MITM, various type of injection (i.e. SQL), cross-site scripting, etc.; methods of defense from these attacks
• Knowledge of common security principles, concepts, and methods (authentication, authorization, single sign-on, network segregation, DMZ, Zero Trust, defense-in-depth, penetration testing, sandboxing etc.)
• Ability and desire to code, script and automate in order to improve own and team's operational efficiency
• Understanding of aspects of application delivery in principle and firewalling/load balancing in particular
• Understanding of operation and associated concepts (its methods, cookies, sessions, caching, CDNs, applications and protocols etc)
• Understanding of principles of operation of NextGen/L7 firewalls and experience with one of the market-leading vendors
• Practical knowledge of Windows (including AD) and Linux
• Knowledge of SSL/TLS traffic handling and encrypt/decrypt policies.
• Team-player who enjoys working in a collaborative and collegial environment and is an active contributor as part of a global team
• Ability to work calmly under pressure and meet deadlines and solve problems requiring creativity, initiative and drive; self-motivated and enjoys a sense of pride in their accomplishments
• Ability to present ideas in a user-friendly, business-friendly and technical language
• Strategic self-starter with an innovative mindset and outstanding attention to detail

This is the expected annual base salary range for this New York-based position. Actual salaries may vary based on factors, such as skill, experience, and qualification for the role. Employees may be eligible for a discretionary bonus, based on factors such as individual and team performance.

Base Salary Range

$125,000 - $150,000 USD

KKR is an equal opportunity employer. Individuals seeking employment are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, sexual orientation, or any other category protected by applicable law.

KKR will provide reasonable accommodations as required by applicable federal, state, and/or local laws. Individuals seeking an accommodation for the application or interview process should email View email address on click.appcast.io. Emails sent for unrelated issues, such as following up on an application, will not receive a response.

If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access because of your disability. You can request reasonable accommodations by sending an email to View email address on click.appcast.io. Only emails left for this purpose will be returned.

Massachusetts Applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. This notice applies only to applicants and employees who work or will work in Massachusetts, in accordance with applicable state law.