Company Overview:
With 80,000 customers across 150 countries, UKG is the largest U.S.-based private software company in the world. And we're only getting started. Ready to bring your bold ideas and collaborative mindset to an organization that still has so much more to build and achieve? Read on.
At UKG, you get more than just a job. You get to work with purpose. Our team of U Krewers are on a mission to inspire every organization to become a great place to work through our award-winning HR technology built for all. Here, we know that you're more than your work. That's why our benefits help you thrive personally and professionally, from wellness programs and tuition reimbursement to U Choose - a customizable expense reimbursement program that can be used for more than 200+ needs that best suit you and your family.
About the role:
This is a full-time, hybrid position based in our Kilkenny, Ireland office.
As a Lead Incident Response Analyst, you will be part of UKG's Global Security Operations Center (GSOC) team investigating events of interest and incidents as they are validated, prioritized, and categorized by UKG's 24x7 L1 and L2 analyst teams. You will facilitate and follow UKG's standard processes to investigate, contain, eradicate, and respond in a continued and unified effort to protect the confidentiality, integrity, and availability of UKG, our partners' and customers' data and services.
You will be an escalation point for all incidents, either regionally or during shift assignment; analyzing, confirming, re-prioritizing if necessary and/or escalating/remediating those identified threats within the UKG computing environment. You will work closely with UKG's GSOC teams in the US, Singapore, and India to promote an integrated, uniform, and holistic threat detection and response capability to facilitate and enable a robust and proactive security posture.
You will leverage your skills, experience, and creativity to perform initial, forensically sound collection and analysis, methodologies to contain, eradicate, and recover from realized threats such as zero-day, ransomware, malware and other APT's. You will be responsible for leading incident response activities as the Cyber Incident Commander (CIC), as the Cyber Incident Response Lead (CIRL) or as a subject matter expert on the Cyber Incident Response Team (CIRT).
You will lead and/or participate in post-incident reporting including developing and validating After Action Reports (AAR) and Root Cause Analysis (RCA) and using your experience, knowledge, and creativity to identify and offer continuous improvement recommendations to enhance UKG's security posture through process development, tool rationalization, detection technique, and automation enhancement opportunities.
Due to the nature of the work, you are required to have occasional on-call duties on weekends and/or holidays. Additional work hours may also be required during an incident investigation.
Key Responsibilities:
1. Identify, develop, and operationalize security operations metrics to assist in maturing and enhancing UKG's visibility and global security capabilities.
2. Continuously improve UKG's incident response processes through automations, standardizations, and tools development.
3. Collaborate with cross-functional and geographically dispersed teams to identify, develop, and implement containment, eradication, and recovery strategies.
4. Lead and provide subject matter expertise during active investigations of events of interest and security incidents escalated to and as identified within the regional Security Operations Center.
5. Escalate tickets as required to GSOC Director for additional scrutiny and incident declaration.
6. Identify, approve, and implement blocking, listing and other mechanisms to promote a robust security posture.
7. Keep up to date with the latest security and technology developments, research/evaluate emerging cyber security threats and ways to manage them to proactively enhance UKG's security posture.
8. Participate in threat hunts, blue team/purple team activities by simulating real-world cyber-attacks to evaluate the effectiveness of security defenses and recommend improvements.
9. Be the escalation point for all junior analysts to aid and facilitate the accurate and expedient identification, verification, and remediation of security incidents.
10. Mentor, coach and facilitate enablement opportunities to develop and enhance UKG's junior security analysts.
Qualifications:
1. Bachelor's degree in computer science or a related discipline.
2. CISSP, CCSP, GIAC or other relevant cyber security certifications.
3. Working professional with 6+ years of relevant Security/SOC experience.
4. Practical experience in leading incident response investigations, performing analysis, and implementing containment strategies.
5. Experience in conducting investigations involving network forensics, malware analysis, and disk and memory forensics.
6. Experience conducting incident response and forensic investigations in major Cloud Service Providers (CSP).
7. Experience with tools such as Splunk, Elastic Search, EDR solutions.
8. Excellent verbal and written communication skills.
9. Experience working in a global organization is a plus.
Preferred Qualifications:
1. Knowledge of the common attack vectors on the network layer, different classes of attacks.
2. Knowledge of cyber attackers and cyber-attack stages.
3. Thorough understanding of system and application security threats and vulnerabilities.
Where we're going:
UKG is on the cusp of something truly special. Worldwide, we already hold the #1 market share position for workforce management and the #2 position for human capital management. Tens of millions of frontline workers start and end their days with our software, with billions of shifts managed annually through UKG solutions today. Yet it's our AI-powered product portfolio designed to support customers of all sizes, industries, and geographies that will propel us into an even brighter tomorrow!
UKG is proud to be an equal opportunity employer and is committed to promoting diversity and inclusion in the workplace, including the recruitment process.
Disability Accommodation:
For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com. #J-18808-Ljbffr