COMPANY OVERVIEW
KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR’s insurance subsidiaries offer retirement, life and reinsurance products under the management of Global Atlantic Financial Group. References to KKR’s investments may include the activities of its sponsored funds and insurance subsidiaries.
POSITION SUMMARY
KKR is seeking an Information Security Risk Analyst to join the Information Security Governance, Risk, and Compliance (GRC) organization. This role offers exciting opportunities for growth and impact as KKR scales its business and continues to innovate. This role will assist in identifying, assessing, and tracking cybersecurity risk across the organization. You will help manage risk issues, collaborate with business and IT stakeholders, and support ongoing risk and compliance initiatives. This is an excellent opportunity for candidates looking to grow their career in information security and risk management. You will also be looking over the horizon, identifying future needs and exploring leading edge solutions.
RESPONSIBILITIES:
Support Cyber Risk Management Activities
- Assist in conducting cyber risk assessments on internal systems, third-party vendors, and emerging technologies.
- Help document and track identified risks, mitigation plans, and risk acceptances.
- Monitor remediation efforts and follow up on open risk issues with stakeholders.
Stakeholder Engagement
- Participate in meetings with business and technical stakeholders to gather information, identify, communicate risk issues, and support decision-making processes.
- Collaborate with internal teams to communicate risk findings and support risk-based decision-making in projects, operations, and vendor engagements.
Risk Documentation & Reporting
- Maintain accurate risk registers and documentation using GRC tools or tracking systems.
- Contribute to the development of risk reports and dashboards for management and audit purposes.
Compliance & Policy Support
- Help ensure alignment with internal security policies, standards, and applicable regulatory requirements (e.g., SOX, GDPR, NIS2 etc.).
- Assist in documenting and maintaining security governance artifacts including policies, procedures, and control mappings.
Continuous Improvement
- Identify opportunities for improving risk processes, tools, and reporting.
- Stay current on cybersecurity trends, threats, and regulatory developments.
QUALIFICATIONS
- Bachelor's degree in Information Security, Information Systems, Computer Science, or a related field—or equivalent work experience.
- Foundational understanding of cybersecurity principles and risk management concepts.
- Strong written and verbal communication skills, especially with non-technical audiences.
- Ability to present ideas in a user and business-friendly manner
#LI-Onsite
- Detail-oriented with outstanding organizational and documentation skills.
- Ability to work effectively in a team environment and build positive relationships.
- Team-player who enjoys working in a collaborative and collegial environment and is an active contributor as part of a global team
- Ability to work calmly under pressure and meet deadlines and solve problems requiring creativity, initiative and drive; self-motivated and enjoys a sense of pride in their accomplishments
- Strategic self-starter with an innovative mindset
KKR is an equal opportunity employer. Individuals seeking employment are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, sexual orientation, or any other category protected by applicable law.
