Company Overview

With 80,000 customers across 150 countries, UKG is the largest U.S.-based private software company in the world. And we’re only getting started. Ready to bring your bold ideas and collaborative mindset to an organization that still has so much more to build and achieve? Read on.

At UKG, you get more than just a job. You get to work with purpose. Our team of U Krewers are on a mission to inspire every organization to become a great place to work through our award-winning HR technology built for all.

Here, we know that you’re more than your work. That’s why our benefits help you thrive personally and professionally, from wellness programs and tuition reimbursement to U Choose — a customizable expense reimbursement program that can be used for more than 200+ needs that best suit you and your family, from student loan repayment, to childcare, to pet insurance. Our inclusive culture, active and engaged employee resource groups, and caring leaders value every voice and support you in doing the best work of your career. If you’re passionate about our purpose — people —then we can’t wait to support whatever gives you purpose. We’re united by purpose, inspired by you.

As a Level 2 (L2) Security and Threat Monitoring Analyst, you will be part of UKG’s Global Security Operations Center (GSOC) team investigating events of interest and incidents as they are validated, prioritized, and categorized. You will facilitate and follow UKG’s standard processes to investigate, contain, eradicate, and respond in a continued and unified effort to protect the confidentiality, integrity, and availability of UKG, our partners’ and customers’ data and services.

You will be the initial escalation point for all incidents, either regionally or during shift assignment; analyzing, confirming, re-prioritizing if necessary and/or escalating/remediating those identified threats within the UKG computing environment. You will work closely with UKG’s GSOC teams in the US, Europe, and India to promote an integrated, uniform, and holistic threat detection and response capability to facilitate and enable a robust and proactive security posture.

Additionally, you will be responsible for participating in incident response activities as part of the Cyber Incident Response Team (CIRT), post incident reporting and continuous improvement recommendations to enhance UKG’s security posture through process development, tool rationalization, detection technique and automation enhancement opportunities and enablement/training possibilities.

Shift Schedule:

• Flexibility to work different shifts (morning, afternoon, and night) on a rotational basis.

• Willingness to be on-call for emergency situations outside of regular hours.

Due to the nature of the work, you are required to have on-call duties on weekends. Additional work hours may also be required during an incident investigation. 

Primary/Essential Duties and Key Responsibilities:

• Review tickets escalated from L1 analysts to confirm the priority, category and accuracy of the details and conditions.

• Pivot to additional security tools to obtain and ascertain context or additional information.

• Collaborate with UKG internal and external groups to develop and execute containment, eradication, and recovery strategies for lower priority incidents.

• Identify and implement blocking, listing and other mechanisms to promote a robust security posture.

• Escalate tickets as required to L3 for additional scrutiny or for further escalations.

• Participate in the Cyber Incident Response Plan (CIRP) process as part of the Cyber Incident Response Team (CIRT) for mitigating and/or remediating critical incidents.

• Participate in post-incident activities including coordinating and providing input within the requisite reports and identifying areas for continuous improvements within the GSOC enablement, processes or technology.

• Provide mentoring and enablement of junior analysts globally to expand and extend UKG’s GSOC capabilities and experiential capacities.

Qualification (Experience, Education, Certification, License and Training):

• Bachelor's degree in computer science or a related discipline

• CISSP, CCSP, GIAC or other relevant cyber security certifications (preferred)

• Working professional with 3+ years of relevant Security/SOC experience

Required Qualifications:

• Knowledge of the common attack vectors on the network layer, different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).

• Knowledge of cybersecurity, incident response methodologies, privacy principles, cyber threats, vulnerabilities, and detection methodologies and techniques for detecting intrusions.

• Knowledge of or functional experience with Splunk, EDR solutions, email security tools, MS Azure security portfolio, and cloud environments (GCP, Azure).

• Communicate in English: write clearly and speak authoritatively to different audiences (business leaders and engineers).

Preferred Qualifications:

• Knowledge of new and emerging cybersecurity technologies, threats, and threat vectors.

• Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored) and cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).

• Knowledge and experience in developing automations using scripting languages like Python and PowerShell to automate various tasks and improve accuracy, enhance task consistency, and increase scalability.

• Knowledge and experience in conducting and participating in security audits and assessments.

Where we’re going

UKG is on the cusp of something truly special. Worldwide, we already hold the #1 market share position for workforce management and the #2 position for human capital management. Tens of millions of frontline workers start and end their days with our software, with billions of shifts managed annually through UKG solutions today. Yet it’s our AI-powered product portfolio designed to support customers of all sizes, industries, and geographies that will propel us into an even brighter tomorrow!

UKG is proud to be an equal opportunity employer and is committed to promoting diversity and inclusion in the workplace, including the recruitment process.     

Disability Accommodation 

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com

It is the policy of Ultimate Software to promote and assure equal employment opportunity for all current and prospective Peeps without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status entitled to protection under federal, state, or local anti-discrimination laws. This policy governs all matters related to recruitment, advertising, and initial selection of employment. It shall also apply to all other aspects of employment, including, but not limited to, compensation, promotion, demotion, transfer, lay-offs, terminations, leave of absence, and training opportunities.