Assist with designing, testing, implementing, and supporting security solutions such as: Endpoint Security Detection, Response tools (eg.. Carbon Black, FireEye, CrowdStrike, SentinelOne, Sophos, McAfee, Symantec, Cylance, Windows Defender, or Cisco AMP) Data Loss Prevention Vulnerability scanning (eg.. Rapid7, Qualys, Tanium, Nessus, or Wiz) Cloud Security Posture Management (CSPM) Authentication, integrate security tools with IDP Public Cloud (eg.. AWS, Azure, or GCP) Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. Working with the observability team to integrate security application and system event logs into SIEM Maintain security configuration baselines to be used to harden systems Work with cross-functional teams to optimize and tune security system performance Implement and improve operational monitoring and alerting Ensure all systems operations and maintenance activities are properly documented and updated Create SSL/TLS certificates (internal and external) Support secrets management solutions Generate dashboards and reports on identity and security tools compliance Support GRC team on audits and compliance initiatives Assist in developing requirements and driving deliverables Knowledge, Skills and Abilities Basic knowledge of networking: routing and switching including subnetting Knowledge of security frameworks including NIST, CIS, etc Experience with common security controls such as Antimalware, Endpoint Detection and Response, GPOs, IPTables or NFTables Experience with Common Information Technology infrastructure such as SSO, SAML, DNS, Active Directory and Remote access solutions such as Citrix and VDI Experience with operating system (Windows, Linux, MacOS, COS) Knowledge of secrets management General knowledge of container technology Understanding of SSL/TLS certificates and implementation (Private and public key infrastructure) Knowledge of PowerShell or similar scripting languages Experience with Public Cloud provider infrastructure related to system deployments Excellent written and verbal communication skills Excellent teamwork and collaboration skills Results high energy, self-motivated, and oriented Required Qualifications: Minimum two (5-7) years of experience in a security engineering role with Malware Protection, PAM, EDR, FIM, Vulnerability Scanner tools, Certificate Management Bachelors in Information Security or related fields a plus Preferred Qualification: Cloud and system hardening Industry recognized Security certification such as CSSP, CISSP, etc It is the policy of Ultimate Software to promote and assure equal employment opportunity for all current and prospective Peeps without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status entitled to protection under federal, state, or local anti-discrimination laws. This policy governs all matters related to recruitment, advertising, and initial selection of employment. It shall also apply to all other aspects of employment, including, but not limited to, compensation, promotion, demotion, transfer, lay-offs, terminations, leave of absence, and training opportunities.