Product Security Engineer
About The Position
KKR is seeking an experienced Product Security Professional. This role offers exciting opportunities for growth and impact as KKR scales its business and continues to innovate. As a Security Analyst, you will be responsible for designing, implementing, and maintaining security measures across our environment specific to our internally developed applications and external facing applications. You must be proficient in troubleshooting, vulnerability management, cloud security, application security, and have a deep understanding of a wide range of systems and be capable of leading other teams in these efforts. You will work closely with IT and other business units to ensure our security posture remains strong, aligned with industry best practices, and compliant with regulatory requirements. You will also be looking over the horizon, identifying future needs and exploring leading edge solutions.
Requirements
- Bachelor's degree in computer science, information technology, or a related field.
- Proven experience as an Application Security Engineer or similar role.
- Strong understanding of software development life cycle (SDLC) and secure coding practices.
- Proficiency in conducting security assessments and penetration tests.
- Experience with security tools and technologies such as firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and network access control (NAC).
- Knowledge of regulatory requirements and industry best practices related to application security.
- Experience with cloud security and DevSecOps practices.
- Familiarity with OWASP Top Ten and other security frameworks
- Team-player who enjoys working in a collaborative and collegial environment and is an active contributor as part of a global team
- Ability to work calmly under pressure and meet deadlines and solve problems requiring creativity, initiative and drive; self-motivated and enjoys a sense of pride in their accomplishments
- Ability to present ideas in a user-friendly, business-friendly and technical language
- Strategic self-starter with an innovative mindset and outstanding attention to detail
Responsibilities
- Conduct application security assessments and penetration tests to identify vulnerabilities and security issues.
- Work closely with the software development team to ensure that secure coding practices are implemented throughout the application development lifecycle.
- Design and implement security solutions to protect applications from potential threats.
- Provide guidance and recommendations on application security best practices.
- Maintain knowledge of the latest security trends, threats, and countermeasures.
- Participate in incident response and handling activities related to application security incidents.
- Conduct security awareness and training sessions for the development team to promote secure coding practices.
- Develop and maintain application security standards, policies, and procedures.
- Report and document security findings and remediation activities.
- Integrate security tools and practices into the continuous integration/continuous delivery (CI/CD) pipeline.
Benefits
- Discretionary bonus, based on factors such as individual and team performance.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
