Skip to content

Senior Information Security Engineer-SIEM (Hybrid)

General Information

Ref #:

20220025746

Travel Amount Required:

Up to 25%

Job Type:

Regular-Full Time

Location:

USA - USA - Remote

Description & Qualifications

Description

At UKG, security is at the core of everything we do. In the continuous pursuit of improving our application and infrastructure security, we are looking for a Security Engineer to join our team. The Security Engineer will be responsible for the implementation of the security event data collection for the Enterprise Information Security organization related to incident response, threat monitoring, threat intelligence, and operations across SIEM platforms. This will include building and maintaining security systems. Tasks will include installing, configuring, and updating hardware and software; establishing and managing user accounts; overseeing or conducting backup and recovery tasks; implementing operational and technical security controls; and adhering to organizational security policies and procedures.



Design, Build, install, configure, test and deploy changes to existing observability (SIEM) solution in support of Security, IT operations analysts and data scientists.

Implement, manage, and maintain event and log collection, reporting and compliance requirements.

Design and build SIEM dashboards and reporting tools required by technical teams.

Act as contact for the security operations center (SOC) and incident response team

Ensure all systems security operations and maintenance activities are properly documented and updated.

Content development within the SIEM platform which includes use case creation, dashboard design, tuning of use cases to minimize false positives, development of reporting metrics and Log source configuration.

Tune the SIEM with threat intelligence sources (e.g., premium, open-source and other), and correlate event indicators and threats.

Review and enhance logging information flow strategies and technical information flow required for log onboarding

Working with the SOC and business to define work/scope for log onboarding and assistance with determining the technical details.

Monitor and maintain SIEM cluster performance for potential bottlenecks, identify possible solutions, and work with consumers to implement those fixes.

Develop and maintain solutions for operational administration, system/data backups, disaster recovery, and security/performance monitoring.

Automate manual tasks for improved efficiencies.

Automate the response to certain alarms via SOAR tool for orchestration or data enrichment.

Qualifications

4-8 years' experience with proficiency in one or more SIEM (e.g., QRadar, Splunk, LogRhythm, ArcSight, Securonix, Sumo Logic, Exabeam, ElasticSearch)

Administering servers from command line and working with configuration files.

Knowledge of operating system configuration (Windows, Unix, Linux) and networking (DNS, DHCP, routing protocols).

Comfortable working with at least one scripting Languages such as bash, PowerShell, batch scripts.

Experience with data onboarding and ensuring appropriate time stamping and data parsing.

Experience in configuring field extractions, GROK Patterns, RegEx for various data sources.

Ability to monitor measures or indicators of system performance and availability.

Experience with Public Cloud provider infrastructure, system deployments and product release operations.

Working knowledge of cloud platforms such as AWS, Azure and GCP.

Experience with and usage of metrics systems (e.g. Elastic Stack, Graphana, Prometheus, Influx) to diagnose issues and quantify impacts preferred.

Familiarity with SLAs, SLOs, and SLIs.

Bachelors or Masters in Information Systems or Information Security preferred but not required.

This is a Hybrid role employee would be required to be within 50 miles of one of the following locations to attend the occasional meeting.
- Montreal & Toronto & Kelowna (Canada)
- Alpharetta & Atlanta, GA
- Cleburne, TX
- Irvine & San Francisco & Santa Ana, CA
- Lowell
- Weston
- Branchburg, NJ
#LI-Hybrid

Company Overview

Here at UKG, Our Purpose Is People. UKG combines the strength and innovation of Ultimate Software and Kronos, uniting two award-winning, employee-centered cultures. Our employees are an extraordinary group of talented, energetic, and innovative people who care about more than just work. We strive to create a culture of belonging and an employee experience that empowers our people. UKG has more than 13,000 employees around the globe and is known for its inclusive workplace culture. Ready to be inspired? Learn more at www.ukg.com/careers

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws. 

View The EEO is the Law poster and its supplement. 

View the Pay Transparency Nondiscrimination Provision

UKG participates in E-Verify. View the E-Verify posters here.

Colorado Pay Law

If you are a Colorado resident and this role is available in Colorado or remote, you may be eligible to receive additional information about the compensation and benefits for this role, which we will provide upon request.  Please send an email to UKGcareers@ukg.com 

Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com or please call 1 (978) 250 9800.

Apply