Automatic Data Processing (ADP)
The CIRC (Critical Incident Response Center) for ADP's Global Security Organization is hiring a Cyber Security expert for in either Augusta GA or Roseland NJ. We are seeking strong experience with Cyber Security, Incident Response, Intrusion Protection, Malicious Code, Endpoint Defense, Technical Investigations and Forensic Analysis.
Lead Cyber Security / Fraud Analyst
*** Ideal candidates may be experienced in technical security skills such as:
• Incident Response • Intrusion Detection
• Endpoint Defense • Malware Analysis
• Malicious Code • CISSP, GCIA, GCIH, GREM
Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and availability at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients.
We strive for every interaction to be driven by our CORE values: Insightful Expertise, Integrity is Everything, Service Excellence, Inspiring Innovation, Each Person Counts, Results-Driven, Social Responsibility.
• One ADP Drive, Augusta, GA 30909
• 1 ADP Blvd., Roseland, NJ 07068
Providing around-the-clock protection and cyber defense of ADP’s global network of applications and data from threats from cyberspace is pivotal to the success of ADP’s globally recognized brand and the continued growth of ADP’s $10B market share.
The Critical Incident Response Center (CIRC) provides monitoring, investigation, forensic analysis, and incident response. CIRC Analysts are responsible for detection and response for ADP worldwide across a broad set of security disciplines – including cyber operations, fraud prevention, physical security, and operational risk management. Liaise with Legal, Privacy, Communications, Public Relations and the Business Units teams to triage any and all potential consumer, client or other issues related to incidents. Executes, tests, and verifies company response including the ability to rapidly gather information to enable an investigation and direct effective response.
- • Be an escalation point for analysts engaged in monitoring, managing, and coordinating the information collection and cataloging of activities from a variety of public and private security related information sources.
- • Understand and provide initial analysis of vulnerability reports and how they may relate to ADP.
- • Review reporting from various intelligence sources and identify any indicators of attacks that may be focused on ADP or identify any activities from threat actors that may have an interest in ADP.
- • Conduct technical analysis and assessments of security related incidents, including malware analysis, packet level analysis, and system level forensic analysis. Conduct analysis of network traffic and output from various network centric technologies. Analyze disk & memory images with the intent of recovering information related to a security incident. The analysis can include malicious or suspicious files, logs, registry entries or indications of lateral movement or data exfiltration.
- • Initiate and manage incident response Facilitate the escalation process and interactions with external teams. This includes prioritizing incidents during activity time frames and including advanced teams when necessary.
- • Assist in the development and maintenance of new process and documentation including newly developed correlation rules. Help our analysts continually improve to engage the current threat.
- • Utilizing the intelligence from various sources and coordinating with internal teams, Define, build, test and implement detections that support the monitoring and enforcement of the ADP security policies
- • Provide leadership and/or mentoring of junior CIRC security analysts
- • Collaborate effectively with cross-functional entities across the enterprise.(Skills & Abilities)
- • Organizational direction, time management, problem-solving, prioritization, goal setting, leadership and motivation, negotiation, interpersonal relations, verbal/written communications and human resource management. (Skills & Abilities)
- • General understanding of the client lifecycle functions, including sales, implementation and ongoing services.(Skills & Abilities)
- • Travel <10%
- Qualifications Required:
- • B.S. Degree in Computer Systems Engineering, Computer Science, Computer Information Systems or equivalent education and experience required. Specialized training in information security helpful.
- • CISSP, GCIA, GCIH, GREM or applicable experience in the Information Security field
- • 8 to 12 Years Directly Related Experience
- • The Analyst must have a holistic understanding of the modern physical and cyber security landscape. This position will be responsible for performing tasks related to the further development of our converged SIEM monitoring platform which includes writing reports and correlation rules. The Analyst will primarily be responsible for analyzing advanced security related information from a variety of sources to create actionable intelligence from this disparate date within the SIEM platform. The candidate must have strong skills in conducting technical analysis of security threats, as well as the ability to document and train individual members of the CIRC staff on new processes/procedures for other junior analysts to respond to in the SIEM platform.
- • Networking Skills - Strong experience in Windows and *nix environments. Excellent understanding of TCP/IP and network communications. Strong network administration skills. Packet-level behavioral familiarity with most major TCP/IP application protocols ( DNS, SMTP, HTTP, BGP, LDAP, IMAP, SSH, FTP, KRB5, DHCP, CIFS). General understanding of key components of internet architecture.
- • Incident Handling - Excellent computer security incident handling, analytical and communication skills. Familiarity with interpreting the log output of a wide selection of device classes including networking and host Infrastructure devices. In depth knowledge of computer security forensics and security vulnerabilities. Broad knowledge of business-impacting security scenarios and viable methods to detect these scenarios (Cross device log correlation)
- • Operating Systems - Strong systems administration skills. Conceptual knowledge of operating system internals (file handles, threads, semaphores, stack, heap, entry points). Implementation experience with general enterprise core service types (web/mail/dns/file servers)
- • Security Tools & Technologies - Well versed in multiple security technologies such as SIEM, DPI, GRC, Antivirus, Intrusion Detection Systems, HIPS, Web Proxy/Content Filtering, Active Directory, PKI, Radius, RSA SecureID
- • Malware Analysis - Reverse-engineering and executable analysis skills. Experience in reverse-engineering script content in multiple formats. Knowledge of how to operate a debugger. Knowledge of basic packing and obfuscation techniques. Broad knowledge of data and executable file types and extracting information from them. Functional knowledge of Shellcode fundamentals
- • Scripting / Development - Enough SQL familiarity to generate nested queries and joins in a major SQL dialect. General experience with systems automation in a major scripting language. General knowledge of web content scripting languages. Functional experience with text and data representation and manipulation (XML, HTML, Regular Expressions, Wiki Markup, SQL)
- Req #190120
- SUBMIT RESUME TO ADP HERE: https://recruiting.adp.com/srccar/public/RTI.home?c=1046545&d=External&r=5000592651306