Information Security Governance & Risk Professional
Join to apply for the Information Security Governance & Risk Professional role at KKR
Position Summary
KKR is seeking an Information Security Risk Analyst to join the Information Security Governance, Risk, and Compliance (GRC) organization. This role offers exciting opportunities for growth and impact as KKR scales its business and continues to innovate. This role will assist in identifying, assessing, and tracking cybersecurity risk across the organization. You will help manage risk issues, collaborate with business and IT stakeholders, and support ongoing risk and compliance initiatives. This is an excellent opportunity for candidates looking to grow their career in information security and risk management. You will also be looking over the horizon, identifying future needs and exploring leading edge solutions.
Responsibilities
* Assist in conducting cyber risk assessments on internal systems, third-party vendors, and emerging technologies.
* Help document and track identified risks, mitigation plans, and risk acceptances.
* Monitor remediation efforts and follow up on open risk issues with stakeholders.
* Stakeholder Engagement - Participate in meetings with business and technical stakeholders to gather information, identify risk issues, and support decision-making processes. Collaborate with internal teams to communicate risk findings and support risk-based decision-making in projects, operations, and vendor engagements.
* Risk Documentation & Reporting - Maintain accurate risk registers and documentation using GRC tools or tracking systems. Contribute to the development of risk reports and dashboards for management and audit purposes.
* Compliance & Policy Support - Help ensure alignment with internal security policies, standards, and applicable regulatory requirements (e.g., SOX, GDPR, NIS2 etc.).
* Continuous Improvement - Identify opportunities for improving risk processes, tools, and reporting. Stay current on cybersecurity trends, threats, and regulatory developments.
Qualifications
* Bachelor's degree in Information Security, Information Systems, Computer Science, or a related field—or equivalent work experience.
* Foundational understanding of cybersecurity principles and risk management concepts.
* Strong written and verbal communication skills, especially with non-technical audiences.
* Ability to present ideas in a user- and business-friendly manner.
* Detail-oriented with outstanding organizational and documentation skills.
* Ability to work effectively in a team environment and build positive relationships.
* Team-player who enjoys working in a collaborative and collegial environment and is an active contributor as part of a global team.
* Ability to work calmly under pressure and meet deadlines and solve problems requiring creativity, initiative and drive; self-motivated and enjoys a sense of pride in their accomplishments.
* Strategic self-starter with an innovative mindset.
KKR is an equal opportunity employer. Individuals seeking employment are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, sexual orientation, or any other category protected by applicable law.
Seniority level
* Entry level
Employment type
* Full-time
Job function
* Information Technology
#J-18808-Ljbffr