Job Description
**Lead Security Analyst** **Protecting Global Data and Services** As a key member of UKG's Global Security Operations Center (GSOC) team, you will investigate events of interest and incidents, collaborating with 24×7 analyst teams to validate, prioritize, and categorize threats. **Key Responsibilities:** * Facilitate and follow standard processes to investigate, contain, eradicate, and respond to security incidents * Analyze and confirm threats, re-prioritizing and escalating as necessary * Work closely with GSOC teams in the US, Singapore, and India to promote integrated threat detection and response * Leverage skills and experience to perform initial collection and analysis, containment, and eradication of threats * Lead incident response activities as Cyber Incident Commander (CIC), Cyber Incident Response Lead (CIRL), or subject matter expert on the Cyber Incident Response Team (CIRT) * Participate in post-incident reporting, developing and validating After Action Reports (AAR) and Root Cause Analysis (RCA) **Qualifications:** * Bachelor's degree in computer science or related discipline * CISSP, CCSP, GIAC, or other relevant cyber security certifications * 6+ years of relevant Security/SOC experience * Practical experience in leading incident response investigations, performing analysis, and implementing containment strategies * Experience conducting investigations involving network forensics, malware analysis, and disk and memory forensics * Experience with tools such as Splunk, Elastic Search, EDR solutions * Excellent verbal and written communication skills **Preferred Qualifications:** * Knowledge of common attack vectors on the network layer and different classes of attacks * Thorough understanding of system and application security threats and vulnerabilities * Experience working in a global organization **About the Role:** As a Lead Security Analyst, you will play a critical role in protecting UKG's global data and services from cyber threats. You will work closely with cross-functional teams to identify, develop, and implement containment, eradication, and recovery strategies. Your expertise will be essential in leading incident response activities and participating in post-incident reporting.