Sr. Cyber Risk Analyst

General Information

Ref #:

20240038523

Travel Amount Required:

None

Job Type:

Regular-Full Time

Location:

Noida - India - India

Company Overview

Here at UKG, our purpose is people™. Our HR, payroll, and workforce management solutions help organizations unlock happier outcomes for all. And our U Krewers, who build those solutions and support our business, are talented, collaborative, and innovative problem-solvers. We strive to create a culture of belonging and an employee experience that empowers our people – both at work and at home. Our benefits show that we care about the whole you, from adoption and surrogacy assistance to tuition reimbursement and wellness programs. Our employee resource groups provide a welcoming place to land, learn, and connect with those who share your passions and interests. What are you waiting for? Learn more at www.ukg.com/careers #WeAreUKG

Description & Qualifications

Description

This position works as part of the Governance, Risk and Compliance (GRC) department, which is responsible for management of cyber risk across the enterprise.  The role offers the opportunity to be engaged in all facets of cyber risk including security, privacy, risk management, as well as security and compliance program development.  As a member of the department, the individual will be committed to overall data protection, risk management and its role in the company's continued success.  This position serves as an internal risk consultant and will be the subject matter expert responsible for designing, implementing, and supporting a security control framework for a multi-tenant software-as-a-service product. Primary responsibilities include assisting with audits of SSAE18 SOC 1, SOC 2, and ISO compliance exams and monitoring control activities in certified environments. This position demands an organized, detail-oriented team player with the ability to prioritize daily work and support multiple initiatives simultaneously; strong communication and customer focus is required.

RESPONSIBILITIES

• Provide support to internal business partners and stakeholders with strategic projects, process design, and systems implementation as part of the Corporate Risk Management program. Contribute risk and compliance expertise to assist in the achievement of cloud audit/compliance programs.

• Work with subject matter experts to perform risk assessments, which includes gathering supporting information, assessing existing controls, identifying control gaps, and quantifying risks associated with processes, technologies, and projects. Collaborate with process, technology, and control owners to communicate results of risk assessments, including the identification of risks, control gaps, and recommended remediation activities.

• Serve as an advisor to stakeholders to build action plans and design and implement controls to address the gaps identified. Monitor action plans as agreed upon with stakeholders to ensure remediation activities are completed according to the plan to help mitigate risks identified.

• Produce high-quality assessment documents that clearly articulate risk in a meaningful way to stakeholders, ensuring risks are understood for appropriate corrective action plans to be built.

• Utilize industry experience and knowledge to provide expertise and support to ensure company’s security framework remains in compliance with applicable regulations including evolving data privacy regulations. Ensures processes and technologies are designed and implemented to support compliance obligations to the organization against international standards.

• Serve as an internal risk management consultant to the organization, responding to inquiries and requests for assistance. Participate in risk assessments in SSAE18 SOC 1, SOC 2, ISO environments and collect evidence in support of audits. Perform additional duties and projects as assigned by management.

Qualifications: -

• Good understanding of risk management principles and practices.

• Ability to perform risk assessments and communicate results effectively.

• Ability to produce high-quality assessment documents.

• Experience in SSAE18 SOC 1, SOC 2, ISO environments is a plus

Qualifications

MCA/B Tech

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws.

View The EEO Know Your Rights poster (https://www.eeoc.gov/sites/default/files/2022-10/EEOC_KnowYourRights_screen_reader_10_20.pdf) and its supplement .

View the Pay Transparency Nondiscrimination Provision (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf)

UKG participates in E-Verify. View the E-Verify posters here (https://www.e-verify.gov/sites/default/files/everify/posters/EVerifyParticipationPoster.pdf) .

Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com.