Job Details

Why UKG?At UKG, the work you do matters. The code you ship, the decisions you make, and the care you show a customer all add up to real impact. Today, tens of millions of workers start and end their days with our workforce operating platform. Helping people get paid, grow in their careers, and shape the future of their industries. That's what we do.We never stop learning. We never stop challenging the norm. We push for better, and we celebrate the wins along the way. Here, you'll get flexibility that's real, benefits you can count on, and a team that succeeds together. Because at UKG, your work matters—and so do you.About the TeamThe Security Research & Innovation (SRI) team within Global Security is a high-impact, automation-first security organization responsible for vulnerability management, security research, and red team operations. This team has an exceptional automation culture — all team members build production automation that eliminates manual work at scale.The Red Team conducts various styles of external or assume breach exercises, purple team engagements, and offensive security research to identify systemic risks before attackers do. Successful engagements deliver results that lead to executive-level engagement to drive immediate remediation across the enterprise.Role SummaryWe are seeking a Sr. Staff Offensive Security Operator to lead and execute red team engagements across UKG's multi-cloud enterprise environment. This role combines deep technical expertise in offensive security with a strong emphasis on AI-powered automation, autonomous testing frameworks, and scalable attack simulation. You will design and execute complex attack scenarios, develop AI-enhanced offensive tooling, and deliver findings that drive measurable risk reduction across the organization.Key ResponsibilitiesOffensive Operations (30%)Plan and execute full-scope red team engagements (network, application, cloud, social engineering) against UKG's production and corporate environmentsConduct assume-breach exercises targeting multi-tenant infrastructure to validate cross-tenant isolation and breakout resistancePerform adversary emulation aligned with MITRE ATT&CK framework, simulating nation-state and criminal threat actor TTPs relevant to the HCM/payroll industryExecute purple team exercises with the SOC to validate detection coverage and response capabilitiesConduct M&A security assessments for newly acquired companies and integrationsDeliver executive-level readouts and technical reports that translate offensive findings into business risk languageAI-Powered Offensive Automation (40%)Design, build, and maintain autonomous security testing frameworks that leverage AI/ML for vulnerability discovery, exploit chain generation, and attack path analysisDevelop AI-assisted reconnaissance and target enumeration tools using LLMs (Claude) and custom agents for scalable attack surface analysisBuild and operate continuous automated red teaming pipelines that test UKG's defenses without manual interventionCreate AI-powered C2 frameworks, payload generators, and evasion tools that adapt to defensive controls in real-timeIntegrate offensive tooling with Claude, MCP servers, and enterprise AI infrastructure for AI-assisted security operationsDevelop automation that generates findings, routes tickets, and tracks remediation — reducing the gap between discovery and fixStrategic Leadership (20%)Drive the red team's technical strategy and roadmap, identifying high-value targets and emerging attack surfaces (Product, Custom AI, and cloud-native services)Mentor and develop junior offensive security operators, building team capability in AI-augmented offensive techniquesRepresent the red team in cross-functional security initiatives, architecture reviews, and incident response when offensive expertise is neededMaintain awareness of emerging threats, zero-day vulnerabilities, and adversary tradecraft relevant to UKG's technology stackResearch & Knowledge Sharing (10%)Publish internal research on novel attack techniques, AI-assisted exploitation, and cloud security assessment methodologyContribute to the team's Claude Code skills store and shared automation repositoriesDevelop and maintain red team infrastructure (honeypots, C2, phishing platforms) using infrastructure-as-codeStay current on offensive security conferences, findings, etc - and incorporate new techniques into operationsRequired Qualifications8+ years of experience in offensive security, red teaming, or penetration testing in enterprise environments5+ years conducting red team engagements against cloud environments including multi-tenant architecturesDeep expertise in at least 3: network exploitation, web application security, Active Directory attacks, cloud infrastructure attacks, social engineering, physical securityStrong proficiency in AI, Python, Go, or C/C++ for offensive tool development and automationDemonstrated experience building automated security testing tools, frameworks, or pipelinesExperience with Kubernetes, container security, and cloud-native attack techniquesExperience with C2 frameworks and adversary simulation platformsKnowledge of MITRE ATT&CK framework and adversary emulation methodologyExperience with AI/ML security — attacking AI systems, prompt injection, model poisoning, or building AI-powered offensive toolsExperience developing autonomous security testing agents using LLMsExcellent written and verbal communication skills — ability to translate technical findings into business risk for executive audiencesBachelor's degree in Computer Science, Cybersecurity, or equivalent experiencePreferred QualificationsPublished CVEs, security research papers, or conference presentations (DEF CON, Black Hat, etc.)Experience in SaaS/multi-tenant environments processing sensitive data (HCM, payroll, healthcare, financial)OSCP, OSCE, OSEP, CRTO, GXPN, or equivalent offensive security certificationsFamiliarity with .NET, Java/Kotlin, and legacy application security assessmentExperience building infrastructure-as-code (Terraform, Pulumi) for red team operationsPrior experience in a Sr. Staff / Principal level role with cross-team technical leadershipWhat Sets This Role ApartThis is not a traditional red team role. We are building the future of offensive security through AI-augmented automation. You will:Work on a team where all of members build production automation — this is an engineering-first security teamHave access to enterprise AI infrastructure to build next-generation offensive toolsOperate against one of the largest HCM/payroll platforms in the world — protecting tens of thousands of customer organizationsHave direct impact — your findings directly prevent issues across UKG's entire customer baseLead the integration of AI into offensive security operations, pioneering techniques that scale red team impact beyond headcountCompensation & BenefitsUKG offers a comprehensive total rewards package including competitive base salary, annual bonus, equity, full medical/dental/vision, 401(k) match, unlimited PTO, and professional development budget. This role is eligible for remote work anywhere in the US.Company OverviewUKG is the Workforce Operating Platform that puts workforce understanding to work. With the world's largest collection of workforce insights, and people-first AI, our ability to reveal unseen ways to build trust, amplify productivity, and empower talent, is unmatched. It's this expertise that equips our customers with the intelligence to solve any challenge in any industry — because great organizations know their workforce is their competitive edge. Learn more at ukg.com.Equal Opportunity EmployerUKG is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, disability, religion, sex, age, national origin, veteran status, genetic information, and other legally protected categories.View The EEO Know Your Rights poster ( participates in E-Verify. View the E-Verify posters here ( .It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.Disability Accommodation in the Application and Interview ProcessFor individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com .The pay range for this position is $145,600 to $209,300. The actual base pay offered may vary depending on skills, experience, job-related knowledge and work location. In addition to base pay, employees may be eligible to participate in a performance-based bonus plan and to receive restricted stock unit awards as part of total compensation. Learn more about UKG's benefits and rewards at is the policy of Ultimate Software to promote and assure equal employment opportunity for all current and prospective Peeps without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status entitled to protection under federal, state, or local anti-discrimination laws. This policy governs all matters related to recruitment, advertising, and initial selection of employment. It shall also apply to all other aspects of employment, including, but not limited to, compensation, promotion, demotion, transfer, lay-offs, terminations, leave of absence, and training opportunities.#J-18808-Ljbffr