Sr Security and Threat Monitoring Analyst

About the Team

As a Senior Security and Threat Monitoring Analyst, you will be part of UKG's Global Security Operations Center (GSOC) team investigating events of interest and incidents within UKG's FedRAMP authorized computing environments.

About the Role

You will facilitate and follow UKG's standard processes to investigate, contain, eradicate, and respond in a continued and unified effort to protect the confidentiality, integrity, and availability of UKG, our partners' and customers' data and services.
You will be an escalation point for all incidents, analyzing, confirming, re-prioritizing if necessary and remediating those identified threats within the UKG FedRAMP authorized computing environments. You will leverage your skills, experience, and creativity to perform initial, forensically sound collection and analysis, methodologies to contain, eradicate, and recover from realized threats such as zero-day, ransomware, malware and other APT's.

Additionally, you will be responsible for participating in incident response activities as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL), providing strong technical and environmental knowledge during the incident. You will lead efforts, post incident, in reporting and continuous improvement recommendations to enhance UKG's security posture through process development, tool rationalization, detection technique and automation enhancement opportunities and enablement/training possibilities.

Due to the nature of the work, you are required to have occasional on-call duties on weekends and/or holidays. Additional work hours may also be required during an incident investigation.

Responsibilities:
• Review tickets escalated from junior analysts to confirm the priority, category and accuracy of the details and conditions.
• Pivot to additional security tools to obtain and ascertain context or information and any other pertinent information to inform on the most effective and efficient mitigation/remediation actions.
• Escalate tickets as required to GSOC Director for additional scrutiny and incident declaration.
• Collaborate with UKG internal and external groups to develop and execute containment, eradication, and recovery strategies for lower priority incidents.
• Identify, approve, and implement blocking, listing and other mechanisms to promote a robust security posture.
• Participate in the Cyber Incident Response Plan (CIRP) process as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL) to lead and/or support mitigating and/or remediating critical incidents.
• Participate in post-incident activities including coordinating and providing input within the requisite reports and identifying areas for continuous improvements within the GSOC enablement, processes or technology.
• Provide mentoring and enablement of junior analysts globally to expand and extend UKG's GSOC capabilities and experiential capacities.

Basic Qualifications:

• Working professional with 4-6 years of relevant Security/SOC experience
• 4-6 years of experience with common attack vectors on the network layer, different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
• 4-6 years of experience with cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored) and cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
• Working knowledge of FedRAMP requirements, processes and procedures
• Bachelor's degree in computer science or a related discipline
• CISSP, CCSP, GIAC or other relevant cyber security certifications

Preferred Qualifications:

• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Knowledge of cybersecurity, incident response methodologies, privacy principles, cyber threats, vulnerabilities, and detection methodologies and techniques for detecting intrusions.
• Experience with Splunk, ServiceNow SIR, EDR solutions, email security tools, and cloud environments (GCP, Azure).
• Knowledge and experience in reverse engineering to understand how an information asset works and analyzing system components to identify potential vulnerabilities.
• Knowledge and experience in developing automations using scripting languages like Python and PowerShell to automate various tasks and improve accuracy, enhance task consistency, and increase scalability.
• Knowledge and experience in conducting and participating in security audits and assessments.
• Understanding and experience in developing and delivering relevant and value-add operational metrics to support and provide visibility into the GSOC program.
• Knowledge of new and emerging cybersecurity technologies, threats, and threat vectors.
• Knowledge and experience in designing, executing, and reporting threat hunting activities.
• Knowledge and experience around offensive security (ethical hacking) techniques to identify and mitigate/remediate vulnerabilities in the UKG environment.
• Knowledge and experience in cyber forensic procedures and how to extract information and generate reports in support of incident response and other advanced requirements.

Where we're going

UKG is on the cusp of something truly special. Worldwide, we already hold the #1 market share position for workforce management and the #2 position for human capital management. Tens of millions of frontline workers start and end their days with our software, with billions of shifts managed annually through UKG solutions today. Yet it's our AI-powered product portfolio designed to support customers of all sizes, industries, and geographies that will propel us into an even brighter tomorrow!

Equal Opportunity Employer

UKG is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws.

View The EEO Know Your Rights poster

UKG participates in E-Verify. View the E-Verify posters here.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

The pay range for this position is $99,800.00 to $143,450.00 USD, however, base pay offered may vary depending on skills, experience, job-related knowledge and location. This position is also eligible for a short-term incentive and a long-term incentive as part of total compensation. Information about UKG's comprehensive benefits can be reviewed on our careers site at https://www.ukg.com/careers