Sr Information Security Architect

Company Overview
With 80,000 customers across 150 countries, UKG is the largest U.S.-based private software company in the world. And we're only getting started. Ready to bring your bold ideas and collaborative mindset to an organization that still has so much more to build and achieve? Read on.

At UKG, you get more than just a job. You get to work with purpose. Our team of U Krewers are on a mission to inspire every organization to become a great place to work through our award-winning HR technology built for all.

Here, we know that you're more than your work. That's why our benefits help you thrive personally and professionally, from wellness programs and tuition reimbursement to U Choose — a customizable expense reimbursement program that can be used for more than 200+ needs that best suit you and your family, from student loan repayment, to childcare, to pet insurance. Our inclusive culture, active and engaged employee resource groups, and caring leaders value every voice and support you in doing the best work of your career. If you're passionate about our purpose — people —then we can't wait to support whatever gives you purpose. We're united by purpose, inspired by you.

About The Role
Job Location: Noida

As a Proactive Security - Security Architect, you will be part of UKG's forward-thinking Global Security team, focused on continuously strengthening our security posture through innovation and collaboration. This global role is dedicated to proactive security identifying gaps before adversaries do—leveraging advanced techniques like breach and attack simulation, technical control validation , threat intelligence, and proactive detection strategies to stay ahead of evolving threats. Work cross-functionally to simulate, assess, and harden defenses, enabling secure-by-design principles across our enterprise.

We're not just defending—we're redefining what proactive security looks like in the HCM SaaS space. With your analytical mindset and collaborative spirit, you'll help us lead the way in building a security-first culture that protects our customers and empowers innovation.

Key Responsibilities

• Proactively Anticipate Threats - Conduct proactive threat hunting and analysis using threat intelligence, tactics, techniques and procedures (TTPs) as per MITRE ATT&CK framework. Also if needed collaborate with Threat Intel teams to emulate MITRE ATT&CK and threat actor behaviors relevant to the organization /business environment.
• Proactively validate Defenses and Technical Security Controls with Adversary-Informed Testing - Lead and execute Breach and Attack Simulations (BAS) end to end using industry-leading BAS platforms such as SafeBreach, Mandiant Security Validation , AttackIQ, Picus Security, or custom-built scripts to test control efficacy.
• Map defenses and detections to MITRE ATT&CK to uncover blind spots and improve control resiliency.
• Integrate BAS outcomes with EDR, SIEM, SOAR, Identity, Cloud layers and security telemetry to validate detection capabilities and security stack effectiveness.
• Analyze BAS results to identify control gaps and ensure timely mitigation or remediation via required tools.
• Proactive Remediation via Engineering and Hardening - Further, recommend control enhancements and help harden detection rules, prevention policies, response playbooks, and security configurations.
• Work Cross functionally and collaborate with teams including SOC, Identity & Access Management, Detection Engineering, Security Architecture, Infrastructure, and Application teams to validate technical controls and enhance detection and response capabilities against simulated threats and draft playbooks.
• Automate false positive reduction in BAS Tool and evolve detection logic based on real-world threat trends.
• Provide strategic input in secure architecture controls validation, completeness and incident response planning across cloud, on-prem, and hybrid infrastructure.
• Lead implementation and optimization of tools across endpoint, network, identity, and cloud security domains basis BAS or purple teaming outcomes.
• Drive BAS results remediation end to end for identified detection, prevention, and response control gaps.
• Proactive Security Metrics, Reporting & Communication- Define and track metrics/KPIs (for e.g. - % MITRE ATT&CK techniques validated, detection coverage improvements before and after, control drift remediation rate etc.) and prepare reports to track—attack surface coverage, control completeness, effectiveness, and detection gaps closed.
• Stay current with emerging threats, vulnerabilities, and industry trends.

Required Skills & Qualifications

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 8+ years of professional experience in cybersecurity, with a focus on:
• MITRE ATT&CK Framework and TTPs
• Security Operations Center (SOC)
• Threat Intelligence, Detection Engineering
• Breach and Attack Simulation (BAS) tools, Purple Teaming
• Endpoint Detection and Response (EDR)
• Security Information and Event Management (SIEM), SOAR
• Vulnerability Management
• Identity and Access Management (IAM)
• Information Security Architecture
• Experience with threat hunting, log analysis, alert tuning, and BAS tools.
• In depth knowledge of attack lifecycle, MITRE ATT&CK, cyber kill chain, and modern threat actors.
• Deep understanding of enterprise security architecture, including cloud (AWS/Azure/GCP) and hybrid environments.
• Proficiency with tools like Splunk, Sentinel, CrowdStrike, EDR/XDR platforms, Network NDR , Firewall , WAF and security APIs.
• Excellent verbal and written communication skills, stakeholder management skills with the ability to convey complex technical concepts to diverse audiences across.
• Share knowledge, mentor others, and help drive a culture of curiosity, technical depth, and continuous improvement.
• Strong scripting skills in Python, PowerShell, or Bash and Exposure to Agile, CI/CD, or IaC pipelines are a plus.

Preferred Certifications (Not Mandatory)

• CISSP (Certified Information Systems Security Professional)
• OSCP/OSCE/Red/Purple Team certifications
• GIAC, CCSP, or other relevant cybersecurity certifications
• Vendor-specific: Mandiant (MSV) Certified Professional, SafeBreach Certified, MITRE ATT&CK Defender credentials.

Why This Role Is Different – What You'll Gain

• Global Impact: Your work will directly harden defenses across a complex, distributed enterprise.
• Innovation Playground: You'll work with bleeding-edge BAS tools, detection frameworks, and automation platforms.
• Strategic Visibility: Your threat findings will shape executive decision-making and security investment.
• Trusted Seat at the Table: Be part of a high-credibility security team that advises architecture, engineering, and leadership.

Where we're going

UKG is on the cusp of something truly special. Worldwide, we already hold the #1 market share position for workforce management and the #2 position for human capital management. Tens of millions of frontline workers start and end their days with our software, with billions of shifts managed annually through UKG solutions today. Yet it's our AI-powered product portfolio designed to support customers of all sizes, industries, and geographies that will propel us into an even brighter tomorrow

UKG is proud to be an equal opportunity employer and is committed to promoting diversity and inclusion in the workplace, including the recruitment process.

Disability Accommodation in the Application and Interview Process

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email