More jobs:
Sr. Security Analyst- Eng
Job in
Raleigh, Wake County, North Carolina, 27601, USA
Listed on 2026-07-13
Listing for:
UKG (Ultimate Kronos Group)
Full Time
position Listed on 2026-07-13
Job specializations:
-
IT/Tech
Cybersecurity
Job Description & How to Apply Below
Role Overview
As a Senior Staff SOC Analyst, you will be part of UKG’s Global Security Operations team. This team is responsible for detecting, investigating, responding to, and leading containment of sophisticated cyber threats and major security incidents. Your role will involve using a variety of tools, forensic techniques, threat hunting methods, and incident command practices to proactively investigate, respond to, and drive resolution for emerging and/or persistent threats impacting UKG and its customers.
Responsibilities- Leverage digital forensics and incident response expertise across endpoint disk, memory, network, cloud, Windows, Linux, and runtime environments.
- Lead major cyber incident command activities, including coordinating technical response, guiding investigative work streams, tracking actions, briefing stakeholders, and driving incidents through containment and recovery.
- Perform hands‑on keyboard threat hunting with and without GenAI assistance across SIEM, EDR, cloud, identity, network, and forensic data sources.
- Support and lead complex incident response investigations as a technical contributor and collaborator across Security Operations Center, Threat Intelligence, Detection Engineering, Cloud Security, Infrastructure, Legal, Privacy, and business stakeholder teams.
- Guide, mentor, and train analysts during active incidents, post‑incident reviews, tabletop exercises, and proactive hunting engagements.
- Create and present incident strategies, investigation plans, findings, timelines, and technical summaries to technical and executive audiences.
- Develop and maintain training materials, playbooks, procedures, and practical exercises for incident command, digital forensics, incident response, and threat hunting capabilities.
- Use mid‑level scripting and automation to accelerate investigations, enrich forensic analysis, standardize response actions, and improve repeatability across the SOC.
- Support continuous improvement of incident handling processes, forensic collection methods, threat hunting tradecraft, and analyst readiness.
- Partner with Detection Engineering and Threat Intelligence teams to convert investigative findings into durable detections, response logic, hunting hypotheses, and operational improvements.
- Support reverse engineering or malware analysis activities when needed, including triage of suspicious binaries, scripts, payloads, and attacker tooling where skill sets apply.
- Lead complex security incidents, guide technical teams, influence response direction, and support building strategic and technical SOC initiatives.
- 5+ years of direct hands‑on digital forensics and incident response experience supporting major enterprise environments.
- Advanced knowledge of forensic artifact areas across network, cloud, Windows, Linux, endpoint, identity, and runtime environments.
- Demonstrated leadership in major cyber incident command, including technical coordination, action tracking, decision support, stakeholder updates, and post‑incident improvement activities.
- Deep hands‑on experience performing endpoint disk, memory, cloud, and host‑based forensic analysis in active incident response scenarios.
- Hands‑on threat hunting experience using SIEM, EDR, cloud telemetry, identity logs, network data, and forensic artifacts.
- Experience applying GenAI‑assisted workflows to investigation, summarization, hunt development, scripting, or analyst enablement while maintaining strong technical validation and judgment.
- Lead, mentor, train, and influence technical analysts during investigations, hunting activities, and operational readiness efforts.
- Proficient scripting skills in Python, Power Shell, Bash, or similar for investigation, automation, parsing, enrichment, and response workflows.
- Strong understanding of SOC operations, incident response lifecycle, forensic collection standards, evidence handling, investigation documentation, and executive‑ready incident reporting.
- Develop practical training content for incident command, digital forensics, incident response, and threat hunting programs.
- Experience with one or more major public cloud service provider environments.
- Reverse engineering and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×