Skip to main contentProvide guidance and recommendations on application security best practices.Maintain knowledge of the latest security trends, threats, and countermeasures.Participate in incident response and handling activities related to application security incidents.Conduct security awareness and training sessions for the development team to promote secure coding practices.Develop and maintain application security standards, policies, and procedures.Report and document security findings and remediation activities.Integrate security tools and practices into the continuous integration/continuous delivery (CI/CD) pipeline.Requirements
- Bachelor's degree in computer science, information technology, or a related field.
- Proven experience as an Application Security Engineer or similar role.
- Strong understanding of software development life cycle (SDLC) and secure coding practices.
- Proficiency in conducting security assessments and penetration tests.
- Experience with security tools and technologies such as firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and network access control (NAC).
- Knowledge of regulatory requirements and industry best practices related to application security.
- Experience with cloud security and DevSecOps practices.
- Familiarity with OWASP Top Ten and other security frameworks
- Team-player who enjoys working in a collaborative and collegial environment and is an active contributor as part of a global team
- Ability to work calmly under pressure and meet deadlines and solve problems requiring creativity, initiative and drive; self-motivated and enjoys a sense of pride in their accomplishments
- Ability to present ideas in a user-friendly, business-friendly and technical language
- Strategic self-starter with an innovative mindset and outstanding attention to detail
- #LI-ONSITE
- This is the expected annual base salary range for this Boston-based position. Actual salaries may vary based on factors, s
Benefits
Equity / stock options
Additional Information
COMPANY OVERVIEW
KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR's insurance subsidiaries offer retirement, life and reinsurance products under the management of Global Atlantic Financial Group. References to KKR's investments may include the activities of its sponsored funds and insurance subsidiaries.
TEAM OVERVIEW
KKR's Technology organization is a group of passionate technologists and product managers, unified by a shared mission to deliver exceptional products and solutions that drive value for our stakeholders, clients, and investors. Our passion for technology and innovation fuels our commitment to creating high-quality, impactful solutions that address complex challenges and meet the evolving needs of our sophisticated businesses.
Teamwork is at the core of the organization's success. We thrive on open collaboration and continuous learning, driving a culture that values diversity of thought and collective achievement. Our global footprint fosters the integration of a diverse set of ideas and viewpoints in product and solution delivery, allowing us to design more comprehensive solutions that are adaptable and scalable. We optimize for impact, prioritizing and delivering solutions with excellence while remaining agile in response to the evolving needs of our businesses.
POSITION SUMMARY
KKR is seeking an experienced Product Security Professional. This role offers exciting opportunities for growth and impact as KKR scales its business and continues to innovate. As a Security Analyst, you will be responsible for designing, implementing, and maintaining security measures across our environment specific to our internally developed applications and external facing applications. You must be proficient in troubleshooting, vulnerability management, cloud security, application security, and have a deep understanding of a wide range of systems and be capable of leading other teams in these efforts. You will work closely with IT and other business units to ensure our security posture remains strong, aligned with industry best practices, and compliant with regulatory requirements. You will also be looking over the horizon, identifying future needs and exploring leading edge solutions.
Your Match
How well this role fits your profile.
Interested in this role?
Apply on the company's website.
Stage · Boston