Skip to content

Cyber Risk Analyst (GRC, IT Risk Management, ISO27001, SOC1, SOC2- Standards)

General Information

Ref #:


Travel Amount Required:


Job Type:

Regular-Full Time


Noida - India - India

Company Overview

Here at UKG, our purpose is people™. Our HR, payroll, and workforce management solutions help organizations unlock happier outcomes for all. And our U Krewers, who build those solutions and support our business, are talented, collaborative, and innovative problem-solvers. We strive to create a culture of belonging and an employee experience that empowers our people – both at work and at home. Our benefits show that we care about the whole you, from adoption and surrogacy assistance to tuition reimbursement and wellness programs. Our employee resource groups provide a welcoming place to land, learn, and connect with those who share your passions and interests. What are you waiting for? Learn more at  #WeAreUKG 

Description & Qualifications


This position works as part of the Enterprise Risk department, which is responsible for management of cyber risk across the enterprise.  As a member of the department, the individual will be committed to overall security risk management and its role in the company's continued success.  The Cyber Risk Analyst is a highly visible role that interfaces with key stakeholders in the organization and may also support UKG customers and Partners. The position demands an organized, action-oriented team player with the ability to prioritize daily work and support multiple initiatives simultaneously; strong communication and customer focus is required.

Responsible for participating in maintaining compliance, and/or building and executing a compliance program which is aligned with SOC1, SOC2, ISO27001, ISO27017 or ISO 27018 This includes but is not limited to the following activities:

• Participate in security risk assessments, analysis, and mitigation planning.
• Document systems, processes and controls using narratives.
• Evaluate design and operating effectiveness of security controls to identify and recommend process changes resulting in strengthened controls.
• Collaborate with security control owners to remediate control gaps and track the remediation efforts.
• Support business teams with establishing new procedures/policies and ensure alignment with regulations/standards.
• Drive internal assessment and compliance of our controls with the implementation of control monitoring.
• Work closely with internal stakeholders to educate them and achieve security over technology control environment.
• Develop, maintain, report on key security risk metrics.
• Communicate progress, escalations, and issue resolution to management and team stakeholders.


• 3+ years of security/IT Governance, Risk, and Compliance or equivalent experience
• Hands-on experience with auditing security frameworks such as SOC 1, SOC 2, and/or ISO27001
• BA or BS in a technical field or equivalent experience
• Ability to accomplish outcomes effectively and autonomously across cross-functional teams in ambiguous situations with minimal supervision
• Outstanding written and spoken communication skills
• Ability to multitask, prioritize work and meet deadlines in a fast-paced environment
• General knowledge of cloud technologies such as AWS, Microsoft Azure, and GCP, (GCP preferred)
• General knowledge of information security concepts and technologies

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws. 

View The EEO Know Your Rights poster and its supplement. 

View the Pay Transparency Nondiscrimination Provision

UKG participates in E-Verify. View the E-Verify posters here.

Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email