Skip to content

Senior Cyber Risk Analyst

General Information

Ref #:


Travel Amount Required:

Up to 25%

Job Type:

Regular-Full Time


Lowell - Massachusetts - United States

Description & Qualifications


Job Summary:

This position works as part of the Governance, Risk and Compliance (GRC) department, which is responsible for management of cyber risk across the enterprise.  The role offers the opportunity to be engaged in all facets of cyber risk including security, privacy, and risk management, and security and compliance program development.  As a member of the department, the individual will be committed to overall data protection risk management and its role in the company's continued success.  The Sr Cyber Risk Analyst is a highly visible role that interfaces with key stakeholders in the organization and may also support UKG customers and Partners. The position demands an organized, action-oriented team player with the ability to prioritize daily work and support multiple initiatives simultaneously; strong communication and customer focus is required.

Primary/Essential Duties and Key Responsibilities:

- Assist in maintaining and improving UKG’s Information Security Management System (ISMS)

- Coordinate with internal/external auditors, prepare controls owners, review, and collect required evidence as needed to meet compliance requirements

- Support the development, implementation, and updating of relevant documentation (e.g. narratives, policies, standards, etc.)

- Assist in risk management activities – risk assessments and risk treatment plans

- Identify potential risks to the environment and/or organization based on existing processes

- Assist in the evaluation and implementation of new and evolving technologies, frameworks, and certification programs

- Provide expertise in support of new product development activities to ensure products comply with information security and privacy standards

- Utilize industry experience and knowledge to identify and recommend business process changes resulting in strengthened internal controls

- Collaborate with control owners to remediate control gaps and track the remediation efforts

- Communicate progress, escalations, and issues to management and team on a timely basis

- Assist in readiness assessments of products/services for certification and/or audit

- Perform additional duties and projects as assigned by management


Required Qualifications:

- Bachelor’s Degree in Management Information Systems or related fields

- 3 to 5 years of work experience in information security governance and/or related functions (such as IT audit or IT Risk Management)

- Substantial working experience with ISO27001, ISO 27017, ISO 27018 and other information security and audit frameworks including SOC 2.

- Prior experience working with internal and external auditors

- Experience leading compliance initiatives

- Experience with Risk Management frameworks

- Strong business acumen to include strong verbal and written communication skills

- ISO 27001 Lead Implementer preferred

- CISA, CISSP, CISM, CRISC or similar security certification preferred

Company Overview

Here at UKG, Our Purpose Is People. UKG combines the strength and innovation of Ultimate Software and Kronos, uniting two award-winning, employee-centered cultures. Our employees are an extraordinary group of talented, energetic, and innovative people who care about more than just work. We strive to create a culture of belonging and an employee experience that empowers our people. UKG has more than 13,000 employees around the globe and is known for its inclusive workplace culture. Ready to be inspired? Learn more at

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws. 

View The EEO is the Law poster and its supplement. 

View the Pay Transparency Nondiscrimination Provision

UKG participates in E-Verify. View the E-Verify posters here.

Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email