Company Overview
KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR’s insurance subsidiaries offer retirement, life and reinsurance products under the management of Global Atlantic Financial Group. References to KKR’s investments may include the activities of its sponsored funds and insurance subsidiaries.KKR's Gurugram office provides the best-in-class services and solutions to our internal stakeholders and clients, drives organization wide process efficiency and transformation, and reflects KKR's global culture and values of teamwork and innovation. The office contains multifunctional business capabilities and is integral in furthering the growth of KKR globally.
Position Summary
We are seeking a motivated Security Operations Analyst to join our global Blue Team within the Threat Detection & Response (TD&R) function. This role is central to our front-line defense operations, with a primary focus on triaging security alerts and incidents across multiple log sources, including those escalated by our Managed Security Service Provider (MSSP), ReliaQuest, and internal detection platforms.The ideal candidate has hands-on experience in SOC environments, identifies alert trends and opportunities for effective tuning to minimize alert fatigue, and thrives in high-tempo operations. Over time, we encourage proactive development in threat hunting, detection engineering, and threat emulation based on interest and capacity.
Key Responsibilities
- Act as a first- and second-line triage analyst for incoming alerts from ReliaQuest and internal systems.
- Prioritize, validate, and escalate security events following established playbooks and risk thresholds.
- Maintain strong working relationships with our MSSP, ensuring high-quality hand-offs and timely follow-ups.
- Work closely with other TD&R functions, including the wider Blue Team, to escalate suspicious incidents and collaborate on complex investigations.
- Collaborate with Cyber Threat Intelligence (CTI) for situational awareness and contextual enrichment of alerts.
- Coordinate with the Analytics team to understand and improve logging, detection coverage, and visibility.
- Perform basic forensic investigation (e.g., log review, endpoint telemetry, cloud artifact analysis).
- Document incident timelines, response actions, and lessons learned with clarity and consistency.
- Contribute to the evolution of triage and escalation procedures based on operational feedback.
- Participate in cross-training opportunities and threat hunting projects as time allows.
Preferred Qualifications & Experience
- 2-4 years of experience in a SOC, MSSP, or Incident Response function with direct exposure to alert triage.
- Familiarity with SIEM platforms (e.g., Splunk, Sentinel) and EDR tools (e.g., Defender, CrowdStrike).
- Strong analytical and troubleshooting skills for endpoint, network, and cloud environments.
- Ability to understand and follow documented SOPs, runbooks, and escalation criteria.
- Comfortable with working across a global geographically diverse team.
- Familiarity with threat intelligence and MITRE ATT&CK framework is a plus.
- Triage experience across hybrid environments, including traditional on-prem infrastructure and cloud-native ecosystems with CI/CD and code-to-cloud workflows.
- Familiarity with cloud-native architectures such as containerized and serverless systems, and the unique challenges they pose during investigations.
- Understanding of identity-centric security models, including federated identity systems and IAM-based attack surfaces in cloud environments.
- Interest in developing skills in detection engineering, threat hunting, and adversary emulation.
Candidate Profile
- Detail-oriented with a passion for continuous learning and improving operational maturity.
- Calm under pressure and able to distinguish between noise and true positive threats.
- Collaborative mindset with strong communication skills—especially in fast-moving incident contexts.
Why Join Us?
This is a pivotal role in a fast-scaling TD&R function at a global investment firm. You’ll gain hands-on experience with real-world threats, cutting-edge detection technologies, and a hybrid SOC model that leverages both in-house expertise and a high-performing MSSP. We offer career growth opportunities into more advanced security domains.KKR is an equal opportunity employer. Individuals seeking employment are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, sexual orientation, or any other category protected by applicable law.
