Skip to content

Senior Security Analyst (Incident Management Analyst; DFIR, Threat Hunters, Crisis Mgmt)

General Information

Ref #:


Travel Amount Required:

Up to 25%

Job Type:

Regular-Full Time


Noida - India - India

Company Overview

Here at UKG, our purpose is people™. Our HR, payroll, and workforce management solutions help organizations unlock happier outcomes for all. And our U Krewers, who build those solutions and support our business, are talented, collaborative, and innovative problem-solvers. We strive to create a culture of belonging and an employee experience that empowers our people – both at work and at home. Our benefits show that we care about the whole you, from adoption and surrogacy assistance to tuition reimbursement and wellness programs. Our employee resource groups provide a welcoming place to land, learn, and connect with those who share your passions and interests. What are you waiting for? Learn more at  #WeAreUKG 

Description & Qualifications


This position works as part of a Global Security team responsible for managing and leading cyber and information security incidents, as well as maintaining the incident management program. This position demands a candidate who is technically hands-on, organized, action-oriented team player with the ability to prioritize daily work and support on multiple initiatives simultaneously; strong communication and customer focus is required.


• Leads and supports UKG’s incident response process, quickly responding to security incidents across the organization that will vary in scope and severity.
• Supports the development and advancement of the organization’s incident response program, executing strategic projects and initiatives including table-top exercises to help advance the incident response maturity level.
• Coordinates teams with key business stakeholders as part of the incident response process to ensure the appropriate individuals are involved in incident remediation, containment, and recovery.
• Oversees incident response tasks to ensure thorough analysis is being performed in accordance with incident playbooks while providing guidance if potential workflow gaps are found.
• Maintains leadership communication with other stakeholder teams and orchestrates activities needed during incidents.
• Serve as the on-call Incident Commander, which includes being the primary point of contact during incidents, overseeing and coordinating the resolution process with efficiency and accuracy, and fosters collaboration among diverse stakeholders.
• Identifies and assesses incidents based on their impact on customers and operations.
• Effectively conveys technical matters to both engineering teams and executive management, ensuring a thorough comprehension at all organizational levels.
• Promotes teamwork and fosters connections with all stakeholders associated with post-incident tasks and initiatives for effective incident response. This includes organizing and managing post-incident review meetings to analyze and identify gaps and opportunities for improvement.
• Provides/maintains technical reports and documentation relevant to the incident management process.


• 5+ years related hands-on experience in a DFIR, SOC or blue team role where major incidents were handled, and technical analysis was conducted including breach response.
• In-depth experience in security incident response and management including analysis of events, review of suspected malicious activity, identification of indicators of compromise and providing guidance on resolution and remediation activities. Must be able to coordinate with IT and business owners to formulate strategic plans for incident management.
• Preferred experience in an incident commander role, handling incidents that are on-premises and in a major cloud service provider (CSP).
• Ability to identify risks, identify actions for remediation, communicate risk and detailed remediation needs to stakeholders.
• Experience with common information security management frameworks such as SOC 2, ISO, ITIL, CobiT, and NIST to include supporting prior initiatives to recommend hardening guidelines and gathering details for audit purposes.
• Technical hands-on experience with system configuration hardening, Enterprise or Open Source forensic and response automation tools.
• One or more industry certifications (GCIH, GCFA, GREM, GSE, or CISSP), or related security certification highly desired.
• Excellent verbal and written communication skills to develop positive relationships and effectively communicate with employees, customers, auditors, business partners, and all levels of management.
• Excellent analytical skills to identify security risks and appropriate measures needed to help mitigate those risks. Must be comfortable in conducting independent research of issues and inquiries to provide guidance when requested.

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws. 

View The EEO Know Your Rights poster and its supplement. 

View the Pay Transparency Nondiscrimination Provision

UKG participates in E-Verify. View the E-Verify posters here.

Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email