Skip to content

Senior Security Analyst/Incident Responder - SOC

General Information

Ref #:


Travel Amount Required:

Up to 25%

Job Type:

Regular-Full Time


Alpharetta - Georgia - United States, Atlanta - Georgia - United States, Lowell - Massachusetts - United States, Weston - Florida - United States

Company Overview

Here at UKG, our purpose is people™. Our HR, payroll, and workforce management solutions help organizations unlock happier outcomes for all. And our U Krewers, who build those solutions and support our business, are talented, collaborative, and innovative problem-solvers. We strive to create a culture of belonging and an employee experience that empowers our people – both at work and at home. Our benefits show that we care about the whole you, from adoption and surrogacy assistance to tuition reimbursement and wellness programs. Our employee resource groups provide a welcoming place to land, learn, and connect with those who share your passions and interests. What are you waiting for? Learn more at  #WeAreUKG 

Description & Qualifications


About the Team:

As a Senior Security Analyst, you will be part of UKG’s Global Security Operations Center (GSOC) team investigating events of interest and incidents as they are validated, prioritized, and categorized by UKG’s 24x7 security analyst teams. You will facilitate and follow UKG’s standard processes to investigate, contain, eradicate, and respond in a continued and unified effort to protect the confidentiality, integrity, availability of UKG, our partners’ and customers’ data and services.

You will be responsible for participating in incident response activities as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL), post incident reporting and continuous improvement recommendations to enhance UKG’s security posture through process development, tool rationalization, detection technique and automation enhancement opportunities and enablement/training possibilities.

Due to the nature of the work, you are required to have occasional on-call duties on weekends and/or holidays. Additional work hours may also be required during an incident investigation. 

About the Role:

• Collaborate with UKG internal and external groups to develop and execute containment, eradication, and recovery strategies for lower priority incidents
• Participate in the Cyber Incident Response Plan (CIRP) process as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL) to lead and/or support mitigating and/or remediating critical incidents
• Leverage your skills, experience, and creativity to perform initial, forensically sound collection and analysis, methodologies to contain, eradicate, and recover from realized threats such as zero-day, ransomware, malware and other APT’s
• Review tickets escalated from L1 or L2 analysts to confirm the priority, category and accuracy of the details and conditions
• Identify, approve, and implement blocking, listing and other mechanisms to promote a robust security posture.
• Participate in post-incident activities including coordinating and providing input within the requisite reports and identifying areas for continuous improvements within the GSOC enablement, processes or technology
• Mentor, coach and facilitate enablement for junior resources



About You:

Basic Qualifications:
• Working professional with a minimum of 6+ years of relevant Security/SOC experience
• Knowledge of cybersecurity, incident response methodologies, privacy principles, cyber threats, vulnerabilities, and detection methodologies and techniques for detecting intrusions
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
• Bachelor's degree in computer science or a related discipline
• CISSP, CCSP, GIAC or other relevant cyber security certifications
• Experience with Splunk, Google Chronicle, Elastic Search, EDR solutions, email security tools, and cloud environments (GCP, Azure)

Preferred Qualifications:
• Knowledge of new and emerging cybersecurity technologies, threats, and threat vectors
• Knowledge and experience around offensive security (ethical hacking) techniques to identify and mitigate/remediate vulnerabilities in the UKG environment
• Knowledge and experience in cyber forensic procedures and how to extract information and generate reports in support of incident response and other advanced requirements

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws. 

View The EEO Know Your Rights poster and its supplement. 

View the Pay Transparency Nondiscrimination Provision

UKG participates in E-Verify. View the E-Verify posters here.

Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email