Sr. Staff Security Analyst- Eng
UKG (Ultimate Kronos Group)
Role Overview As a Senior Staff SOC Analyst, you will be part of UKG’s Global Security Operations team. This team is responsible for detecting, investigating, responding to, and leading containment of sophisticated cyber threats and major security incidents. Your role will involve using a variety of tools, forensic techniques, threat hunting methods, and incident command practices to proactively investigate, respond to, and drive resolution for emerging and/or persistent threats impacting UKG and its customers. Responsibilities Leverage digital forensics and incident response expertise across endpoint disk, memory, network, cloud, Windows, Linux, and runtime environments. Lead major cyber incident command activities, including coordinating technical response, guiding investigative workstreams, tracking actions, briefing stakeholders, and driving incidents through containment and recovery. Perform hands‑on keyboard threat hunting with and without GenAI assistance across SIEM, EDR, cloud, identity, network, and forensic data sources. Support and lead complex incident response investigations as a technical contributor and collaborator across Security Operations Center, Threat Intelligence, Detection Engineering, Cloud Security, Infrastructure, Legal, Privacy, and business stakeholder teams. Guide, mentor, and train analysts during active incidents, post‑incident reviews, tabletop exercises, and proactive hunting engagements. Create and present incident strategies, investigation plans, findings, timelines, and technical summaries to technical and executive audiences. Develop and maintain training materials, playbooks, procedures, and practical exercises for incident command, digital forensics, incident response, and threat hunting capabilities. Use mid‑level scripting and automation to accelerate investigations, enrich forensic analysis, standardize response actions, and improve repeatability across the SOC. Support continuous improvement of incident handling processes, forensic collection methods, threat hunting tradecraft, and analyst readiness. Partner with Detection Engineering and Threat Intelligence teams to convert investigative findings into durable detections, response logic, hunting hypotheses, and operational improvements. Support reverse engineering or malware analysis activities when needed, including triage of suspicious binaries, scripts, payloads, and attacker tooling where skill sets apply. Qualifications Lead complex security incidents, guide technical teams, influence response direction, and support building strategic and technical SOC initiatives. 5+ years of direct hands‑on digital forensics and incident response experience supporting major enterprise environments. Advanced knowledge of forensic artifact areas across network, cloud, Windows, Linux, endpoint, identity, and runtime environments. Demonstrated leadership in major cyber incident command, including technical coordination, action tracking, decision support, stakeholder updates, and post‑incident improvement activities. Deep hands‑on experience performing endpoint disk, memory, cloud, and host‑based forensic analysis in active incident response scenarios. Hands‑on threat hunting experience using SIEM, EDR, cloud telemetry, identity logs, network data, and forensic artifacts. Experience applying GenAI‑assisted workflows to investigation, summarization, hunt development, scripting, or analyst enablement while maintaining strong technical validation and judgment. Lead, mentor, train, and influence technical analysts during investigations, hunting activities, and operational readiness efforts. Proficient scripting skills in Python, PowerShell, Bash, or similar for investigation, automation, parsing, enrichment, and response workflows. Strong understanding of SOC operations, incident response lifecycle, forensic collection standards, evidence handling, investigation documentation, and executive‑ready incident reporting. Develop practical training content for incident command, digital forensics, incident response, and threat hunting programs. Experience with one or more major public cloud service provider environments. Reverse engineering and malware analysis experience preferred, including static or dynamic triage of malware, scripts, payloads, or attacker tooling. Hands‑on keyboard investigative analysis experience with one or more major SIEM, EDR, SOAR, cloud security, case management, and forensic tooling platforms. Compensation & Benefits The pay range for this position is $145,600 to $209,300. The actual base pay offered may vary depending on skills, experience, job‑related knowledge and work location. In addition to base pay, employees may be eligible to participate in a performance‑based bonus plan and to receive restricted stock unit awards as part of total compensation. Benefits include health, dental, vision, retirement, paid time off, and other standard corporate benefits. For more information, visit ukg.com/careers/benefits. Equal Opportunity Employer UKG is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, disability, religion, sex, age, national origin, veteran status, genetic information, and other legally protected categories. EEO & Accessibility Information View the EEO Know Your Rights poster: UKG participates in E‑Verify. View the E‑Verify posters here: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. Disability Accommodation in the Application and Interview Process: For individuals with disabilities that need additional assistance at any point in the application and interview process, please email View email address on click.appcast.io. #J-18808-Ljbffr UKG (Ultimate Kronos Group)
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Sr. Staff Security Analyst- Eng. Be the first to apply!
- entry level information security analyst Des Moines, IA
- senior information security analyst Des Moines, IA
- security analyst remote Des Moines, IA
- security advisor Des Moines, IA
- security coordinator Des Moines, IA
- security specialist Des Moines, IA
- network security consultant Des Moines, IA
- security consultant Des Moines, IA
- senior app developer Des Moines, IA
- senior magento developer Des Moines, IA
