KKR

COMPANY OVERVIEW

KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR’s insurance subsidiaries offer retirement, life and reinsurance products under the management of Global Atlantic Financial Group. References to KKR’s investments may include the activities of its sponsored funds and insurance subsidiaries.

TEAM OVERVIEW

KKR Capstone is the portfolio operations and value creation arm of the global PE fund, KKR. We partner with our deal teams and portfolio company management teams to drive the most important operational issues on the CEO and Board of Directors’ agenda, including top-line growth, cost optimization, organizational structure and capability, capital investment, and strategic M&A initiatives. We work as owner-operators, not advisors, which means we have full accountability to drive change and deliver results at our portfolio companies.

POSITION SUMMARY

Position Type: Contractor

KKR Capstone is seeking an experienced Cybersecurity and Information Security Advisor to join the Portfolio Cybersecurity team, supporting KKR’s European portfolio companies. This is a senior, advisory contractor role focused on providing practical, risk-based cybersecurity and cyber defence guidance across a diverse portfolio of businesses. The role will work closely with portfolio company leadership teams, Capstone, and KKR deal teams to help improve cyber maturity, reduce risk, and meet regulatory and investor expectations.

The role is based in London and requires regular presence in the office.

This role offers the opportunity to:

• Influence cybersecurity outcomes across a diverse European private equity portfolio
• Operate at the intersection of cyber risk, regulation, and value creation
• Partner with senior leaders to drive meaningful, pragmatic improvements
• Work within the highly regarded KKR Capstone team

RESPONSIBILITIES

Portfolio Advisory & Engagement

• Provide cybersecurity and information security advisory support to KKR European portfolio companies across multiple sectors and levels of cyber maturity.
• Act as a trusted advisor to portfolio company executives, including, CISOs, and senior technology leaders.
• Support portfolio companies in identifying, prioritising, and managing cyber risks aligned to business objectives and value creation plans.
• Contribute to cyber-related aspects of the investment lifecycle, including onboarding, transformation initiatives, and exit readiness.

Cyber Defence & Risk Management

• Advise on core cyber defence capabilities, aligning to industries best practices
• Support the development of pragmatic security roadmaps tailored to each portfolio company.
• Provide senior-level guidance during cyber incidents or material security events, where required.

Regulatory & Framework Alignment

• Provide guidance aligned to relevant regulations and frameworks, including:
  • NIS / NIS2
  • GDPR and broader data protection requirements
  • ISO/IEC 27001
  • CIS18
  • NIST Cybersecurity Framework
• Help portfolio companies translate regulatory and framework requirements into practical, implementable controls.

Stakeholder Collaboration

• Work closely with KKR Capstone and investment teams to align cybersecurity priorities with broader business objectives.
• Contribute to portfolio-wide cybersecurity initiatives, benchmarking, and best-practice sharing.
• Support clear communication and reporting of cyber risk at a portfolio and executive level.

QUALIFICATIONS

KKR seeks to hire individuals who thrive in a fast-paced, team-oriented environment, demonstrate strong ownership, and have a proven ability to combine strategic thinking with disciplined execution. The successful candidate will have:

• Approximately 10 years’ experience in cybersecurity and information security roles.
• Previous experience in a senior consulting, advisory, or CISO-level role.
• Strong understanding of cyber defence principles and risk-based security decision-making.
• Proven ability to engage credibly with senior stakeholders and executives.
• Solid knowledge of European regulatory and data protection requirements.
• Ability to operate independently across multiple organisations in a federated environment.
• Right to work in the UK (no visa sponsorship available)

Desirable

• Experience working with private equity–owned businesses or investment portfolios.
• Additional European language skills, particularly French, Spanish, or German.
• Experience supporting organisations through transformation, integration, or rapid growth.

Personal Attributes

• Pragmatic and commercially focused
• Comfortable operating in complex, fast-paced environments
• Confident, credible, and collaborative
• Strong judgement with the ability to balance risk, cost, and business impact
• Clear and effective communicator

#LI-IN

KKR is an equal opportunity employer. Individuals seeking employment are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, sexual orientation, or any other category protected by applicable law.