Principal Threat Hunting Analyst

General Information

Ref #:

20230032239

Travel Amount Required:

Up to 25%

Job Type:

Regular-Full Time

Location:

Weston - Florida - United States

Description & Qualifications

Description

UKG is standing up a centralized Threat Hunting Team within our Cyber Defense Center. This team analyzes and investigates whether specific threat activity has come in contact with our environment, mitigated or otherwise, and advises improvements to any detection or defensive gaps that are discovered in regard to said threat. The Principal Threat Hunting Analyst is responsible for creating, improving, and executing Threat Hunting tasks in support of the Threat Hunting team's analytic and operational objectives. They are also responsible for training and mentoring junior members of the Threat Hunt team.

Responsibilities:

- Perform pre-hunt analysis and active hunt investigations across the UKG enterprise for a wide range of malicious cyber activity informed by threat intelligence, data analytics, and situational awareness

- Perform threat hunts based on a combination of IOCs, TTPs, and behavioral or anomalous activity

- Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks

- Document the hunt process and findings, including True/False positives, protection coverage, visibility gaps, and detection tuning recommendations

- Escalate findings of active malicious activity to the Incident Response team for Containment, Eradication, Recovery and Lessons Learned

- Collaborate with data science, threat intelligence, and detection engineering teams to identify opportunities to develop analytical methods and signatures to detect threat actors who use emerging tactics and techniques.

- Continually improve threat hunting processes and documentation

- Participate in Purple Team exercises from a Threat Hunting point of view

- Occasionally support Incident Response on High Severity incidents that may involve APT or other novel activity

- Use a combination of citable sources and personal expertise to make judgements regarding ambiguous results

- Consume Threat Intelligence reports of varying length and complexity and occasionally formulate new methods of hunting

- Train and mentor Junior Threat Hunt colleagues

Qualifications

Required

- 8+ years of experience in a technical role in the areas of Security Operation, Incident Response, Detection Engineering, Offensive Security/Red Team, or Cyber Threat Intelligence

- 4+ years direct experience performing threat hunting

- Knowledge of and experience with digital forensic processes, chain of custody, and evidence preservation to include disk, file, memory, and network capture, imaging, and analysis

- Deep knowledge of digital forensics, computer operating systems, and enterprise network infrastructure, including network analysis

- Knowledge and experience working with the Cyber Kill Chain Model and MITRE ATT&CK Matrix

- Working knowledge of Advanced Persistent Threats and cyber-crime TTPs

- Strong working knowledge of EDR and SOAR solutions

- Strong experience with Splunk and Splunk Enterprise security and possess the ability to apply analytical techniques to large data sets

- Strong usage of scripting languages for automation, such as Python, PowerShell, Bash

Preferred

- Strong experience with critical thinking and structured analytic techniques

- Familiarity with offensive security strategies and assessment methodology

- Knowledge of basic Data Science concepts and processes

- Experience with offensive security tools such as Cobalt Strike/Metasploit, techniques such as OSINT, and the methods used to compromise large enterprise networks

Company Overview

Here at UKG, Our Purpose Is People. UKG combines the strength and innovation of Ultimate Software and Kronos, uniting two award-winning, employee-centered cultures. Our employees are an extraordinary group of talented, energetic, and innovative people who care about more than just work. We strive to create a culture of belonging and an employee experience that empowers our people. UKG has more than 13,000 employees around the globe and is known for its inclusive workplace culture. Ready to be inspired? Learn more at www.ukg.com/careers

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws.

View The EEO Know Your Rights poster and its supplement.

View the Pay Transparency Nondiscrimination Provision

UKG participates in E-Verify. View the E-Verify posters here .

Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email [email protected].