Skip to content

Lead Digital Forensics Analyst

General information

Location:

Florida - Florida - Remote, Massachusetts - Massachusetts - Remote, USA - USA - Remote

Function:

Security

Ref #:

20210020190

Description & Requirements

Description

Ultimate Kronos Group (UKG) is seeking candidates for the senior/lead digital forensic analyst position. This is an exciting opportunity to be part of the global detection and response team at UKG.

As a digital forensic analyst, you will work with the team to develop our Digital Forensics & Incident Response (DFIR) capabilities, methodology and strategy within Global Security. You will help to establish forensic and investigative protocols, processes, procedures and tools. You will be investigating significant security events and confirmed incidents that may involve forensic analysis. You are expected to have strong knowledge in offensive security and common attack methods. You will apply this knowledge to hunt for threats or find traces of malicious activities in your forensic investigations.

You will be a key member of the incident response team responsible for orchestrating the analysis, containment, and recovery strategy during a response with the support from experienced security professionals. You will be part of our global security operations center that follows a follow-the-sun structure, working to ensure continuous monitoring, detection and response to security events affecting UKG and our customers. You will work closely with our security operations teams in Fort Lauderdale, Lowell, Honolulu, Singapore, and Paris.

Due to the nature of the work, it may require on-call duties and some weekend work. Additional work hours may also be required during an incident investigation.
Primary/Essential Duties and Key Responsibilities:
● Work with the team, with input from Legal, to establish forensic and investigative protocols. Define forensic processes and procedures such as chain of custody, computer acquisition techniques, and memory acquisition techniques.
● Establish relationships, if applicable, between the incident response team and other groups, both internal (e.g., legal department) and external (e.g., law enforcement agencies, vendors, public relations professionals).
● Respond to security incidents across the organization that will vary in scope and severity.
● Conduct analysis of log files, evidence, and other information to determine best methods for identifying the perpetrator(s) of a network intrusion.
● Collect and process electronically stored information from servers, desktops, mobile devices, mailbox, cloud environments, and other data sources.
● Conduct examination of digital media including hard drives, network traffic, and memory images.
● Review log-based data, both in raw form and utilizing SIEM or log aggregation platforms.
● Establish timelines and patterns of activities based on multiple data sources.
● Manage data on legal hold, document and maintain chain of custody, ensuring compliance with retention policies and audit requirements.
● Report and collaborate with different areas of business as required.
● Build reporting of technical findings, incident data, and investigation outcomes. Determine the extent of compromise to information systems.
● Co-leads evaluation of best practices and the introduction of tools introduced for improved forensic analysis.
● Work with the team to identify lessons learned and key risks after incident closure.

Qualifications

● Bachelor’s degree in computer science, computer security or related.
● In-depth knowledge of popular operating systems and information security concepts.
● Knowledge of cloud service models and how those models can limit incident response.
● Experience in using, deploying, and maintaining physical, local, and remote acquisition tools across multiple popular operating systems for the desktops, servers and mobile devices.
● Experience in performing forensic analysis on popular operating systems.
● Experience with handling APT (advanced persistent threat) actor group evidence including familiarity with indicators of compromise (IOCs) and tactics, techniques and procedures (TTPs).
● Experience in analyzing network traffic, firewall logs and host-based security appliance logs.
● Experience in investigating Microsoft 365 and popular cloud environments.
● Experience in programming languages such as Python.
● Strong analytical and problem-solving skills.
● Excellent communicator, written and verbal, ability to present to technical and non-technical audience.
● Ability to function in high stressed situations with professionalism and urgency to address incidents.
● Perform additional duties and projects as assigned by management.

Corporate overview

Here at UKG, Our Purpose Is People. UKG combines the strength and innovation of Ultimate Software and Kronos, uniting two award-winning, employee-centered cultures. Our employees are an extraordinary group of talented, energetic, and innovative people who care about more than just work. We strive to create a culture of belonging and an employee experience that empowers our people. UKG has more than 13,000 employees around the globe and is known for its inclusive workplace culture. Ready to be inspired? Learn more at www.ukg.com/careers

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws. 


View The EEO is the Law poster and its supplement. 

View the Pay Transparency Nondiscrimination Provision

UKG participates in E-Verify. View the E-Verify posters here.


Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com or please call 1 (978) 250 9800.

Apply