Staff Vulnerability Management Analyst- AI Automation Security Researcher
$115.1k - $165.45kUKG (Ultimate Kronos Group)
Why UKG: At UKG, the work you do matters. The code you ship, the decisions you make, and the care you show a customer all add up to real impact. Today, tens of millions of workers start and end their days with our workforce operating platform. Helping people get paid, grow in their careers, and shape the future of their industries. That’s what we do. We never stop learning. We never stop challenging the norm. We push for better, and we celebrate the wins along the way. Here, you’ll get flexibility that’s real, benefits you can count on, and a team that succeeds together. Because at UKG, your work matters—and so do you. About the Team The research and innovation team within Global Security is a high-impact, automation-first security organization responsible for vulnerability management, security research, and red team operations. This team has an exceptional automation culture — all team members build production automation to find and remediate vulnerabilities, with the goal to reduce manual work at scale. Role Summary We are seeking a Vulnerability Management engineer to join our team as both a vulnerability management practitioner and an automation builder. This role combines traditional vulnerability analysis and remediation coordination with a strong emphasis on developing AI-powered tools and automations that scale the team's effectiveness. You will analyze vulnerabilities across infrastructure, cloud, and application layers, coordinate remediation with engineering teams, and build automation that makes the entire program faster and smarter. Key Responsibilities Vulnerability Discovery & Security Research (40%) Conduct deep-dive source code audits of UKG products (Java, .NET, Python, JavaScript) to discover novel vulnerabilities — examples could be hardcoded secrets, authentication bypasses, injection flaws, cryptographic weaknesses, access control gaps, unsafe deserialization, etc. Develop working proof-of-concept exploits that demonstrate real impact — not theoretical risk, but provable exploitation with clear data exposure or access escalation Perform variant analysis: when you find a bug, systematically search the entire codebase for every instance of the same root cause pattern Triage and validate findings from automated scanners (SAST, DAST, SCA) — separate real vulnerabilities from false positives using source-level analysis Investigate and reproduce externally reported vulnerabilities (bug bounty, CVEs, vendor advisories) to assess actual exploitability in UKG's environment Collaborate with engineering teams on remediation — not just filing tickets, but working with developers to design, validate fixes, and drive to remediation. AI-Powered Vulnerability Automation (35%) Build AI-assisted vulnerability discovery tools using automation (Claude, MCP servers, custom models, etc.) for automated source code analysis, vulnerability pattern matching, and exploit generation Develop autonomous security scanning agents that can analyze codebases, identify vulnerability patterns, and produce validated findings with minimal human intervention Create AI-powered remediation tools — automation that generates fix recommendations, patches, and pull requests for discovered vulnerabilities, accelerating the path from finding to fix Build automated vulnerability lifecycle pipelines: intake from scanners, AI-assisted triage and deduplication, intelligent ticket routing, SLA tracking, and remediation verification Contribute to the team's shared automation repositories and Claude Code skills store — every tool you build should be reusable by the rest of the team Vulnerability Management & Remediation Driving (20%) Own vulnerability remediation outcomes for assigned product areas — track findings from discovery through verified fix, holding engineering teams accountable to SLAs Produce clear, actionable vulnerability reports that engineering teams can act on immediately — root cause, impact, reproduction steps, and recommended fix Drive mean time to remediate (MTTR) down through better automation, better reports, and direct collaboration with development teams Support vulnerability management program metrics and dashboards — contribute to reporting that gives leadership real-time visibility into risk posture Support compliance-driven vulnerability management requirements, including FedRAMP continuous monitoring and POA&M processes, as UKG expands into federal markets Research & Knowledge Sharing (5%) Publish internal/external research on novel vulnerability classes, AI-assisted discovery techniques, and lessons learned from audits Stay current on emerging vulnerability classes, exploitation techniques, and defensive patterns relevant to UKG's technology stack Mentor other team members on vulnerability research methodology, source code analysis, and AI-augmented security tooling Required Qualifications 7+ years of hands‑on experience in vulnerability research, application security, or penetration testing — with a track record of finding real vulnerabilities in production software Demonstrated ability to read and audit source code in at least two of: Java, C#/.NET, Python, JavaScript/TypeScript, Go, C/C++ Experience developing working proof‑of‑concept exploits — not just scanning, but understanding root causes and proving exploitability Strong proficiency in Python for building security tools, automation pipelines, and integrations Experience with AI/ML tools for security — using LLMs for code analysis, building AI‑assisted security tooling, or developing autonomous security agents Deep understanding of common vulnerability classes: injection (SQL, command, LDAP), broken authentication, cryptographic failures, SSRF, deserialization, path traversal, access control, and their variants Experience with vulnerability management programs — triaging, tracking, and driving remediation of vulnerabilities across engineering organizations Ability to work directly with development teams — explaining vulnerabilities, reviewing proposed fixes, and validating remediations Excellent written communication — ability to produce clear vulnerability reports, technical documentation, and executive summaries Bachelor's degree in Computer Science, Cybersecurity, or equivalent experience Preferred Qualifications Published CVEs, security advisories, or bug bounty findings in production software Experience in SaaS/multi‑tenant environments processing sensitive data (HCM, payroll, healthcare, financial) Familiarity with SAST/DAST/SCA tooling and how to reduce false‑positive rates through source‑level validation Experience with cloud security assessment (AWS, GCP, Azure) including container and Kubernetes vulnerability analysis Familiarity with FedRAMP, NIST SP 800‑53, or federal compliance frameworks — enough to understand vulnerability remediation timelines and reporting requirements in regulated environments Security certifications that demonstrate hands‑on skill: OSCP, OSWE, GWAPT, GXPN, BSCP, or equivalent Conference presentations, published research, or open‑source security tool contributions Experience with reverse engineering, binary analysis, or firmware security What Sets This Role Apart Work on a team where every member builds production automation — this is an engineering‑first security team, not a compliance shop Have access to enterprise AI infrastructure (Claude Code, MCP servers, etc.) to build next‑generation vulnerability discovery and remediation tools Audit one of the largest HCM/payroll platforms in the world — protecting tens of thousands of customer organizations and millions of workers' sensitive data Have direct, measurable impact — your findings directly prevent issues across UKG's entire customer base Pioneer the use of AI for vulnerability discovery and automated remediation — building tools that change how security research is done at scale Grow your career in an environment that values builders and doers over process managers and policy writers Compensation & Benefits UKG offers a comprehensive total rewards package including competitive base salary, annual bonus, equity, full medical/dental/vision, 401(k) match, unlimited PTO, and professional development budget. This role is eligible for remote work anywhere in the US. Company Overview: UKG is the Workforce Operating Platform that puts workforce understanding to work. With the world's largest collection of workforce insights, and people‑first AI, our ability to reveal unseen ways to build trust, amplify productivity, and empower talent, is unmatched. It's this expertise that equips our customers with the intelligence to solve any challenge in any industry — because great organizations know their workforce is their competitive edge. Learn more at ukg.com. Equal Opportunity Employer UKG is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, disability, religion, sex, age, national origin, veteran status, genetic information, and other legally protected categories. View The EEO Know Your Rights poster ( UKG participates in E-Verify. View the E-Verify posters here ( . It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Disability Accommodation in the Application and Interview Process For individuals with disabilities that need additional assistance at any point in the application and interview process, please email View email address on click.appcast.io . The pay range for this position is $115,100.00 to $165,450.00. The actual base pay offered may vary depending on skills, experience, job‑related knowledge and work location. In addition to base pay, employees may be eligible to participate in a performance‑based bonus plan and to receive restricted stock unit awards as part of total compensation. Learn more about UKG’s benefits and rewards at It is the policy of Ultimate Software to promote and assure equal employment opportunity for all current and prospective Peeps without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status entitled to protection under federal, state, or local anti‑discrimination laws. This policy governs all matters related to recruitment, advertising, and initial selection of employment. It shall also apply to all other aspects of employment, including, but not limited to, compensation, promotion, demotion, transfer, lay‑offs, terminations, leave of absence, and training opportunities. #J-18808-Ljbffr UKG (Ultimate Kronos Group)
$191k - $273.6k
...Advanced Technology Group (ATG) ATG is the research division of the company. ATG’s mission is... ...and electrical engineering, such as AI/ML, algorithms, digital signal processing... ...strategy through collaboration with product managers, program managers, and engineering teams...SuggestedFull timeLocal areaWorldwideFlexible hours- ...incubating cutting‑edge AI and automation technology to... ...our Cybersecurity Analyst you won't just be... ...networks, identifying vulnerabilities, implementing security measures, threat... ...SOAR and IDS/IPS. Research, analyze and stay... ...and access management systems Security+,...Suggested
- FanDuel in Atlanta is looking for a Staff Security Engineer to spearhead security initiatives while defining... ...security engineering experience, hands-on AI/LLM security skills, and a proven track record in crafting automation for scalable security capabilities. The position...Suggested
- Greenlight Financial Technology is looking for a Staff Product Security Engineer in Atlanta to enhance the security of its products and digital platforms. You will lead security initiatives, manage vulnerability assessments, and drive the security culture within the company...SuggestedRemote job
$104k - $156k
...Overview The Advanced Security Engineer is a... ...implementation and optimization of AI-enabled security... ...the goal of enabling automated orchestration of... ...closely with the Senior Manager of Enterprise Security... ...security controls aligned to vulnerabilities, risks, issues and/or...SuggestedRemote work- FanDuel is seeking a Security Engineer to join its Software Security team in Atlanta... ...to identify and eliminate security vulnerabilities while creating tools for secure... ...include developing AI Agents for security automation and applying your expertise to meet...
$89.7k - $260.2k
...Americas Tax Technology Group - Security Architect - Senior Manager Location: Dallas,... ...optimization, analytics, automation, and artificial intelligence... ...as secrets protection, vulnerability gating, and policy enforcement... ...excellence to AI‑enabled delivery. If you...Work experience placementSummer holidayFlexible hours- Omaze is seeking a Staff Security Engineer to define and oversee multi-year security initiatives. You'll work closely with engineering teams... ...candidate has hands-on security engineering experience, understands AI/LLM security, and can establish scalable security practices....
- ...OVERVIEW The Senior Information Security Engineer - OT/IoT Security... ...implementation, and ongoing management of cybersecurity controls... ...cases and incident playbooks. Vulnerability & Risk Management Establish... ..., PowerShell, etc.) for automation and data analysis. Relevant...Remote work
- Capitolis is seeking a Staff Product Security Engineer to ensure the security of consumer products and platforms. You will lead security architecture and penetration testing, shaping AI security policies in a regulated financial setting. The ideal candidate should have...Remote job
$134k - $168k
...with your name on it As a Security Engineer on our Software... ..., and build the tooling and automation that make secure development... ...curiosity and growing expertise in AI/LLM security as that space... ..., model supply chain vulnerabilities, and data exposure, with an...Temporary workLocal areaWorldwide$121.4k - $218.6k
...hardware and software used. We build automation infrastructure for... ...development Have experience in managing and troubleshooting Juniper or... ...world work faster and stay more secure, making the internet a better... ...biggest moments without a glitch. AI: Enabling our customers to...Work experience placementWork at officeWorldwide$114k - $160k
Senior Vulnerability Management Analyst Location(s): Atlanta: 2300 Windy Ridge Pkwy SE, Suite750, Atlanta... ...vulnerability programs across SDLC (secure development lifecycle), external... ...threat‑intel integrations. Knowledge of automation platforms. #J-18808-Ljbffr Dormont...Full timeWork at officeShift work- ...supporting the THDCustomerIAM platform to ensure secure and scalable customer authentication. You... ...ForgeRock and Ping Identity and work on automation workflows for cybersecurity. Preferred qualifications include experience in AI/ML-based DevSecOps and cloud IAM solutions....Work experience placement
- Position/Title: Business Development Manager Hours: Full Time - Salaried Who are we?... ...solutions for your Smart Home, such as automation, security, entertainment, and lighting. Our... ...design teams. Conduct ongoing market research Design, organize and present budgets for...Full timeContract workLive inWork at officeAfternoon shift
- Inframark, LLC in Atlanta, GA is looking for a Business Development Manager for their Automation & Intelligence Division. The role focuses on driving strategic growth in municipal water systems, requiring a strong background in business development and technical consulting...
- ...Your Job Koch Technology is seeking a Business Systems Analyst to join our LIFT product team in a role focused on automation, applied analytics literacy, and AI enablement. This role sits at the intersection of business process understanding and technical enablement...Work at officeFlexible hoursShift work
$184k - $230k
...world ’s health data secure, accessible and... ...providers, health plans, researchers, and life sciences... ...to powering the AI revolution in... ...of practical risk management. Own and conduct... ...architectural feedback, vulnerability remediation,... ...safety of patients and staff, many of our...Remote work$400 per month
...seeking candidates for a role focused on evaluating and improving frontier AI coding models in a fast-paced project. Candidates will utilize their security engineering expertise to assess vulnerabilities in model-generated code and architectures. The position offers $400...Remote work$114.48k - $170.07k
...The AI Security Architect role will be a key delivery role for VOYA Financial focusing on a... ...governance frameworks, guardrails, and risk management practices aligned with enterprise... ...Leadership Develop, motivate and direct staff to create a team environment and enable...Part timeLocal areaFlexible hours$60k - $70k
DSV - Global Transport and Logistics is seeking a Business Analyst for Process Improvement & Automation. The role involves assisting with business analysis, enhancing operational efficiency, and partnering with various teams to identify improvement opportunities. Ideal...$184k - $241.5k
...has an opening with your name on it. As a Staff Security Engineer on our Product Security team,... ...engineering strategy. Set the direction for AI/LLM security architecture across FanDuel... ...products safely and at speed. Build automation and tooling that shifts our efforts into...Temporary workLocal areaShift work$134k - $176.4k
...seeking an experienced Enterprise Security Engineer with a passion for... ...will report to the Senior Manager, Enterprise Security Engineering... ...of security risk Leverage automation and development-based approaches... ...-wide security controls Use AI as a force multiplier for...Temporary workLocal areaWorldwide- ...provides a data and AI platform that... ...to control risk, manage costs and scale efficiently... ...built in such as security, compliance... ...Summary As a Staff Security Engineer... ...initiatives, build automation and tooling that multiplies... ..., drive vulnerability disclosure investigations...Remote work
- ...Team as an Identity and Security Engineer located in... ...Monitoring and Systems Management Supervisor. Position Summary... ...frameworks, drives automation and engineering best practices... ...understanding of AI model infrastructure and... ...levels of technology staff, management, and non‑technical...Work experience placementRemote workFlexible hours
- ...through the responsible use of data and AI. We believe that ensuring data is trusted... ...Platform, unifies regulatory intelligence, automation, and connected governance workflows so... ...to operationalize trust across privacy, security, data governance, GRC, third-party risk,...Work at officeLocal areaWorldwideFlexible hours3 days per week1 day per week
- ...Summary Responsible for analyzing vulnerability data, communicating risk to... ...of vulnerability management processes, tooling, and workflows... ...infrastructure, application, and security teams to ensure... ...workflows via scripting or automation (e.g., Python, PowerShell, APIs...
$100k
...services, and learning management solutions to education... ...product and UX researcher who turns questions into... ...standards, and a modern AI layer that lets a small... ...days alongside teachers, staff, administrators,... ...— building agents or automating parts of the research...Temporary workLocal area$100k - $120k
...Summary The Cybersecurity Analyst (Security & AI Governance) is... ...AI oversight, risk management, and continuous improvement... ...analysis. Conduct vulnerability assessments and... ...reporting requirements. Research emerging... ...Experience with scripting or automation tools such as Python...Temporary work$110k - $135k
First Advantage is seeking a Security Engineer based in Atlanta, Georgia, to implement security measures in AWS and Azure environments. You will play a crucial role in maintaining security throughout the software lifecycle and collaborate with various teams. The ideal...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Staff Vulnerability Management Analyst- AI Automation Security Researcher. Be the first to apply!
- vulnerability analyst Atlanta, GA
- penetration tester Atlanta, GA
- ethical hacker Atlanta, GA
- public sector business analyst Atlanta, GA
- senior data management analyst Atlanta, GA
- junior IT service management analyst Atlanta, GA
- configuration management analyst Atlanta, GA
- lead business analyst Atlanta, GA
- pega business analyst Atlanta, GA
- business development analyst Atlanta, GA

