← back to jobs
> job detail
U
👽Other

Sr. Staff Security Analyst- Eng

Ukg · Lowell, MA,US; Atlanta, GA,US; Sunrise, FL,US
// classified as
Other (Adjacent or hard to classify.)
posted
1d ago
location
Lowell, MA,US; Atlanta, GA,US; Sunrise, FL,US
languages
bash, python
tools
> stack
bashpython
> description
Why UKG: At UKG, the work you do matters. The code you ship, the decisions you make, and the care you show a customer all add up to real impact. Today, tens of millions of workers start and end their days with our workforce operating platform. Helping people get paid, grow in their careers, and shape the future of their industries. That’s what we do. We never stop learning. We never stop challenging the norm. We push for better, and we celebrate the wins along the way. Here, you’ll get flexibility that’s real, benefits you can count on, and a team that succeeds together. Because at UKG, your work matters—and so do you. Description: As a Senior Staff SOC Analyst, you will be part of UKG’s Global Security Operations team. This global team is responsible for detecting, investigating, responding to, and leading containment of sophisticated cyber threats and major security incidents. In your role you will leverage a variety of tools, forensic techniques, threat hunting methods, and incident command practices to proactively investigate, respond to, and drive resolution for emerging and/or persistent threats impacting UKG and/or its customers. Responsibilities: · You will provide hands-on digital forensics and incident response expertise across endpoint disk, memory, network, cloud, Windows, Linux, and runtime environments · You will lead major cyber incident command activities, including coordinating technical response, guiding investigative workstreams, tracking actions, briefing stakeholders, and driving incidents through containment and recovery · You will perform hands-on keyboard threat hunting with and without GenAI assistance across SIEM, EDR, cloud, identity, network, and forensic data sources · You will support and lead complex incident response investigations as a technical contributor and collaborator across Security Operations Center, Threat Intelligence, Detection Engineering, Cloud Security, Infrastructure, Legal, Privacy, and business stakeholder teams · You will guide, mentor, and train analysts during active incidents, post-incident reviews, tabletop exercises, and proactive hunting engagements · You will create and present incident strategies, investigation plans, findings, timelines, and technical summaries to audiences of technical and executive leadership levels when asked · You will develop and maintain training materials, playbooks, procedures, and practical exercises for incident command, digital forensics, incident response, and threat hunting capabilities · You will use mid-level scripting and automation to accelerate investigations, enrich forensic analysis, standardize response actions, and improve repeatability across the SOC · You will support continuous improvement of incident handling processes, forensic collection methods, threat hunting tradecraft, and analyst readiness · You will partner with Detection Engineering and Threat Intelligence teams to convert investigative findings into durable detections, response logic, hunting hypotheses, and operational improvements · You will support reverse engineering or malware analysis activities when needed, including triage of suspicious binaries, scripts, payloads, and attacker tooling where skillsets apply Qualifications: · The ability to lead complex security incidents, guide technical teams, influence response direction, and support building strategic and technical SOC initiatives · 5+ years of direct hands-on digital forensics and incident response experience supporting major enterprise environments · Advanced knowledge of forensic artifact areas across network, cloud, Windows, Linux, endpoint, identity, and runtime environments · Demonstrated experience leading or supporting major cyber incident command, including technical coordination, action tracking, decision support, stakeholder updates, and post-incident improvement activities · Deep hands-on experience performing endpoint disk, memory, cloud, and host-based forensic analysis in active incident response scenarios · Demonstrated hands-on threat hunting experience using SIEM, EDR, cloud telemetry, identity logs, network data, and forensic artifacts · Experience applying GenAI-assisted workflows to investigation, summarization, hunt development, scripting, or analyst enablement, while maintaining strong technical validation and judgment · Ability to lead, mentor, train, and influence technical analysts during investigations, hunting activities, and operational readiness efforts · Demonstratable hands-on skills in a scripting language such as Python, PowerShell, Bash, or similar for use in investigation, automation, parsing, enrichment, and response workflows · Strong understanding of SOC operations, incident response lifecycle, forensic collection standards, evidence handling, investigation documentation, and executive-ready incident reporting · Ability to develop practical training content for incident command, digital forensics, incident response, and threat hunting programs · Experience with one or more major public cloud service provider environment required · Reverse engineering and malware analysis experience preferred, including static or dynamic triage of malware, scripts, payloads, or attacker tooling · Hands-on keyboard investigative analysis experience with one or more major SIEM, EDR, SOAR, cloud security, case management, and forensic tooling platforms Company Overview: UKG is the Workforce Operating Platform that puts workforce understanding to work. With the world's largest collection of workforce insights, and people-first AI, our ability to reveal unseen ways to build trust, amplify productivity, and empower talent, is unmatched. It's this expertise that equips our customers with the intelligence to solve any challenge in any industry — because great organizations know their workforce is their competitive edge. Learn more at ukg.com. Equal Opportunity Employer UKG is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, disability, religion, sex, age, national origin, veteran status, genetic information, and other legally protected categories. View The EEO Know Your Rights poster UKG participates in E-Verify. View the E-Verify posters here. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Disability Accommodation in the Application and Interview Process For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com. The pay range for this position is $145,600 to $209,300. The actual base pay offered may vary depending on skills, experience, job-related knowledge and work location. In addition to base pay, employees may be eligible to participate in a performance-based bonus plan and to receive restricted stock unit awards as part of total compensation. Learn more about UKG’s benefits and rewards at https://www.ukg.com/about-us/careers/benefits