Technology - Technology Risk - Incident Triage Security Operations Analyst

Technology Risk- Incident Triage Security Operations Analyst

KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR's insurance subsidiaries offer retirement, life and reinsurance products under the management of Global Atlantic Financial Group. References to KKR's investments may include the activities of its sponsored funds and insurance subsidiaries.

Position Summary

We are seeking a motivated Security Operations Analyst to join our global Blue Team within the Threat Detection & Response (TD&R) function, part of the overall Information Security team. This role is central to our front-line defense operations, with a primary focus on triaging security alerts and incidents across multiple log sources, including those escalated by our Managed Security Service Provider (MSSP), ReliaQuest, and internal detection platforms.

The ideal candidate has hands-on experience in SOC environments, identifies alert trends and opportunities for effective tuning to minimize alert fatigue, and thrives in high-tempo operations. Over time, we encourage proactive development in threat hunting, detection engineering, and threat emulation based on interest and capacity. This role is based onsite at our Gurugram office and we are currently operating in a 4 day a week in office and 1 day flexible hybrid working arrangement.

Key Responsibilities

• Act as a first- and second-line triage analyst for incoming alerts from ReliaQuest and internal systems.
• Prioritize, validate, and escalate security events following established playbooks and risk thresholds.
• Maintain strong working relationships with our MSSP, ensuring high-quality hand-offs and timely follow-ups.
• Work closely with other TD&R functions, including the wider Blue Team, to escalate suspicious incidents and collaborate on complex investigations.
• Collaborate with Cyber Threat Intelligence (CTI) for situational awareness and contextual enrichment of alerts.
• Coordinate with the Analytics team to understand and improve logging, detection coverage, and visibility.
• Perform basic forensic investigation (e.g., log review, endpoint telemetry, cloud artifact analysis).
• Document incident timelines, response actions, and lessons learned with clarity and consistency.
• Contribute to the evolution of triage and escalation procedures based on operational feedback.
• Participate in cross-training opportunities and threat hunting projects as time allows.

Preferred Qualifications & Experience

• 2-4 years of experience in a SOC, MSSP, or Incident Response function with direct exposure to alert triage.
• Familiarity with SIEM platforms (e.g., Splunk, Sentinel) and EDR tools (e.g., Defender, CrowdStrike).
• Strong analytical and troubleshooting skills for endpoint, network, and cloud environments.
• Ability to understand and follow documented SOPs, runbooks, and escalation criteria.
• Comfortable with working across a global geographically diverse team.
• Familiarity with threat intelligence and MITRE ATT&CK framework is a plus.
• Interest in developing skills in detection engineering, threat hunting, and adversary emulation.

Candidate Profile

• Detail-oriented with a passion for continuous learning and improving operational maturity.
• Calm under pressure and able to distinguish between noise and true positive threats.
• Collaborative mindset with strong communication skills—especially in fast-moving incident contexts.

Why Join Us?

This is a pivotal role in a fast-scaling Threat Detection & Response function within the Information Security team at a global investment firm. You'll gain hands-on experience with real-world threats, cutting-edge detection technologies, and a hybrid SOC model that leverages both in-house expertise and a high-performing MSSP. We offer career growth opportunities into more advanced security domains.

KKR is an equal opportunity employer. Individuals seeking employment are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, sexual orientation, or any other category protected by applicable law.