Technology - Information Security - Security Operations Analyst

COMPANY OVERVIEW

KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR’s insurance subsidiaries offer retirement, life and reinsurance products under the management of Global Atlantic Financial Group. References to KKR’s investments may include the activities of its sponsored funds and insurance subsidiaries.

KKR's Gurugram office provides best in class services and solutions to our internal stakeholders and clients, drive organization wide process efficiency and transformation, and reflect KKR's global culture and values of teamwork and innovation. The office will contain multifunctional business capabilities and will be integral in furthering the growth and transformation of KKR. 
      
TECHNOLOGY ORGANIZATION OVERVIEW 

KKR’s Technology team is responsible for building and supporting the firm’s technological foundation including a globally distributed infrastructure, information security, and the application and data platforms. The team drives a culture of technology excellence across the firm through efficient workflow automation, democratization of data through modern data and collaboration platforms, and more recently through research and development of Generative AI based tools and services. Technology is regarded as a key business enabler at KKR and is an important accelerator to drive towards global scale creation and business process transformation. The Technology team consists of highly technical and business-centric technologists with the ability to form strong partnerships across all of our businesses. A dedicated Program Management function along with the Product Managers drive execution discipline across multiple technology teams with a goal to consistently deliver excellence serving our business needs.

POSITION SUMMARY

We are seeking a motivated Security Operations Analyst to join our global Blue Team within the Threat Detection & Response (TD&R) function. This role is central to our front-line defense operations, with a primary focus on triaging security alerts and incidents across multiple log sources, including those escalated by our Managed Security Service Provider (MSSP), ReliaQuest, and internal detection platforms.

The ideal candidate has hands-on experience in SOC environments, identifies alert trends and opportunities for effective tuning to minimize alert fatigue, and thrives in high-tempo operations. Over time, we encourage proactive development in threat hunting, detection engineering, and threat emulation based on interest and capacity. This position is a full-time position and will be onsite in our Gurugram office. We are operating in a 4 day in office, 1 day flexible work arrangement.

ROLE AND RESPONSIBILITIES

•    Act as a first- and second-line triage analyst for incoming alerts from ReliaQuest and internal systems.
•    Prioritize, validate, and escalate security events following established playbooks and risk thresholds.
•    Maintain strong working relationships with our MSSP, ensuring high-quality hand-offs and timely follow-ups.
•    Work closely with other TD&R functions, including the wider Blue Team, to escalate suspicious incidents and collaborate on complex investigations.
•    Collaborate with Cyber Threat Intelligence (CTI) for situational awareness and contextual enrichment of alerts.
•    Coordinate with the Analytics team to understand and improve logging, detection coverage, and visibility.
•    Perform basic forensic investigation (e.g., log review, endpoint telemetry, cloud artifact analysis).
•    Document incident timelines, response actions, and lessons learned with clarity and consistency.
•    Contribute to the evolution of triage and escalation procedures based on operational feedback.
•    Participate in cross-training opportunities and threat hunting projects as time allows

QUALIFICATIONS 

•    2-4 years of experience in a SOC, MSSP, or Incident Response function with direct exposure to alert triage.
•    Familiarity with SIEM platforms (e.g., Splunk, Sentinel) and EDR tools (e.g., Defender, CrowdStrike).
•    Strong analytical and troubleshooting skills for endpoint, network, and cloud environments.
•    Ability to understand and follow documented SOPs, runbooks, and escalation criteria.
•    Comfortable with working across a global geographically diverse team.
•    Familiarity with threat intelligence and MITRE ATT&CK framework is a plus.
•    Interest in developing skills in detection engineering, threat hunting, and adversary emulation.

CANDIDATE PROFILE

•    Detail-oriented with a passion for continuous learning and improving operational maturity.
•    Calm under pressure and able to distinguish between noise and true positive threats.
•    Collaborative mindset with strong communication skills—especially in fast-moving incident contexts.    

Why Join Us?

This is a pivotal role in a fast-scaling TD&R function at a global investment firm. You’ll gain hands-on experience with real-world threats, cutting-edge detection technologies, and a hybrid SOC model that leverages both in-house expertise and a high-performing MSSP. We offer career growth opportunities into more advanced security domains.

KKR is an equal opportunity employer.  Individuals seeking employment are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, sexual orientation, or any other category protected by applicable law.