×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Vulnerability Management Analyst- AI Automation Security Researcher

Job in Atlanta, Fulton County, Georgia, 30383, USA
Listing for: UKG (Ultimate Kronos Group)
Full Time position
Listed on 2026-07-06
Job specializations:
  • Security
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 115100 - 165450 USD Yearly USD 115100.00 165450.00 YEAR
Job Description & How to Apply Below
Position: Staff Vulnerability Management Analyst- AI Automation Security Researcher

Why UKG:

At UKG, the work you do matters. The code you ship, the decisions you make, and the care you show a customer all add up to real impact. Today, tens of millions of workers start and end their days with our workforce operating platform. Helping people get paid, grow in their careers, and shape the future of their industries. That’s what we do.

We never stop learning. We never stop challenging the norm. We push for better, and we celebrate the wins along the way. Here, you’ll get flexibility that’s real, benefits you can count on, and a team that succeeds together. Because at UKG, your work matters—and so do you.

About the Team

The research and innovation team within Global Security is a high-impact, automation-first security organization responsible for vulnerability management, security research, and red team operations. This team has an exceptional automation culture — all team members build production automation to find and remediate vulnerabilities, with the goal to reduce manual work at scale.

Role Summary

We are seeking a Vulnerability Management engineer to join our team as both a vulnerability management practitioner and an automation builder. This role combines traditional vulnerability analysis and remediation coordination with a strong emphasis on developing AI-powered tools and automations that scale the team's effectiveness. You will analyze vulnerabilities across infrastructure, cloud, and application layers, coordinate remediation with engineering teams, and build automation that makes the entire program faster and smarter.

Key Responsibilities Vulnerability Discovery & Security Research (40%)
  • Conduct deep-dive source code audits of UKG products (Java, .NET, Python, JavaScript) to discover novel vulnerabilities — examples could be hardcoded secrets, authentication bypasses, injection flaws, cryptographic weaknesses, access control gaps, unsafe deserialization, etc.
  • Develop working proof-of-concept exploits that demonstrate real impact — not theoretical risk, but provable exploitation with clear data exposure or access escalation
  • Perform variant analysis: when you find a bug, systematically search the entire codebase for every instance of the same root cause pattern
  • Triage and validate findings from automated scanners (SAST, DAST, SCA) — separate real vulnerabilities from false positives using source-level analysis
  • Investigate and reproduce externally reported vulnerabilities (bug bounty, CVEs, vendor advisories) to assess actual exploitability in UKG's environment
  • Collaborate with engineering teams on remediation — not just filing tickets, but working with developers to design, validate fixes, and drive to remediation.
AI-Powered Vulnerability Automation (35%)
  • Build AI-assisted vulnerability discovery tools using automation (Claude, MCP servers, custom models, etc.) for automated source code analysis, vulnerability pattern matching, and exploit generation
  • Develop autonomous security scanning agents that can analyze codebases, identify vulnerability patterns, and produce validated findings with minimal human intervention
  • Create AI-powered remediation tools — automation that generates fix recommendations, patches, and pull requests for discovered vulnerabilities, accelerating the path from finding to fix
  • Build automated vulnerability lifecycle pipelines: intake from scanners, AI-assisted triage and deduplication, intelligent ticket routing, SLA tracking, and remediation verification
  • Contribute to the team's shared automation repositories and Claude Code skills store — every tool you build should be reusable by the rest of the team
Vulnerability Management & Remediation Driving (20%)
  • Own vulnerability remediation outcomes for assigned product areas — track findings from discovery through verified fix, holding engineering teams accountable to SLAs
  • Produce clear, actionable vulnerability reports that engineering teams can act on immediately — root cause, impact, reproduction steps, and recommended fix
  • Drive mean time to remediate (MTTR) down through better automation, better reports, and direct collaboration with development teams
  • Support vulnerability management program metrics and dashboards —…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary