Key skills
Security OperationsSIEMSOARAutomationCloud Service ProviderMLOpsScripting/ProgrammingThreat ModelingProject LeadershipTechnical DocumentationAISplunkLeadership
About this role
UKG is a company that focuses on workforce management and operational platforms. They are seeking a Sr. Staff Detection Engineer to be part of their Global Security Detection Engineering team, responsible for detecting and responding to cyber threats using various tools and resources.
Responsibilities:
- You will be providing hands-on solutions, customization and tuning, automation, and use case development for the SIEM, SOAR, Agentic AI and other stakeholder requirements for threat informed defense strategies
- You will support leading production level projects to completion as a contributor and a collaborator between multiple stakeholder teams including the Security Operations Center (SOC), Threat Intelligence, Incident Response, and Incident Response
- You will be working on a globally distributed team and expected to create and present strategies, technical plans, and architecture to audiences of technical and executive leadership levels when asked
- You will also maintain existing internal code, use cases, and further extend SIEM and SOAR integrations aligned to the Detection Engineering program efforts
- You will design and engineer Security Operations focused integrations and automations including diagrams, documentation, and threat modeling of what is built
- You will support the Director of Detection Engineering in directly enhancing the strategic capabilities of the program through complex technical projects
Requirements:
- The ability to lead complex projects, other team members, and support building strategic and technical initiatives
- 8+ years of security and hands on technical automation experience, with 5 or more of those years focused on creating use cases and detection focused automation
- 5-7 years of operational experience working directly with or in security operational teams including: SOC, Threat Intelligence, and Incident Response
- Deep understanding of SIEM, SOAR, Agentic AI development, or MLOps and other engineering best practices, limitations, and ways of extending or customizing threat detection automation related use cases
- Demonstrable hands-on skills in a major scripting/programming language or a search query language for use in security operations and threat detection
- Experience with a major public cloud service provider (CSP) required
- Google SecOps (Chronicle) or Splunk Experience