ADP is Hiring a Sr Security Analyst - Hybrid role in Roseland, NJ
Unlock Your Career Potential: Global Security Organization at ADP.
Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data.
We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients.
Ideal candidates should be experienced in multiple technical security skills such as:
* Incident Response
* Intrusion Detection
* Endpoint Defense
* Malware Analysis
* Malicious Code
* Automation / Coding
We strive for every interaction to be driven by our CORE values: Insightful Expertise, Integrity is Everything, Service Excellence, Inspiring Innovation, Each Person Counts, Results-Driven, Social Responsibility.
Position Summary:
Providing around-the-clock protection and cyber defense of ADP's global network of applications and data from threats from cyberspace is pivotal to the success of ADP's globally recognized brand and the continued growth of ADP's $10B market share.
The Critical Incident Response Center (CIRC) Analysts are responsible for detect and response activities for ADP globally across a broad set of security disciplines -- including cyber operations, fraud prevention, physical security, and operational risk management.
Analysts must have a holistic understanding of the modern physical and cyber security landscape and will liaise with other Business and Security Teams, Legal, Privacy, Communications, Public Relations and the Business Units teams to triage any and all ADP internal, potential consumer, client or other issues related to Security Incidents.
Analysts will rapidly gather information to investigate alerts, determine criticality, risk, and business impact in order to take appropriate measures for containment and assist with or recommend remediation efforts.
Like what you see? Apply now!
Learn more about ADP at tech.adp.com/careers
A little about ADP: We are a global leader in HR technology, offering the latest AI and machine learning-enhanced payroll, tax, HR, benefits, and much more. We believe our people make all the difference in cultivating an inclusive, down-to-earth culture that welcomes ideas, encourages innovation, and values belonging. ADP has a deep commitment to diversity, equity, and inclusion as a global Best Places to Work, DiversityInc® Top 50 Company, Best CEO and company for women, LGBTQ+, multicultural talent, and more. Learn more about ADP's commitment on our YouTube channel:
Responsibilities:
- As a key member of a Critical Incident Response Center the Senior Analyst will investigate security alerts from multiple sources, determines their criticality and promptly apply appropriate containment and mitigation measures
- Lead complex investigations working with cross-functional, geo-dispersed teams in large enterprise environments
- Take ownership of alert investigations and drive them to resolution, demonstrate technical leadership and serve as a mentor to junior analysts on the team
- Perform Event Monitoring and Log Analysis for all Cyber Alerts in a centralized and prioritized queue
- Enrich and Correlate IOC’s from active investigations to identify other potential security incidents
- Collaborate with multiple GSO teams to support their investigations as necessary
- Review intel from various intelligence sources and identify any indicators of attacks that may be focused on ADP or identify any activities from threat actors that may have an interest in ADP
- Conduct technical analysis and assessments of security related incidents, including malware analysis, packet level analysis, and system level forensic analysis
- Conduct analysis of network events from various device types and vendors from multiple technologies and products
- Capture files, artifacts, logs, registry entries or other host-based evidence
- Initiate, Support and Lead various investigative incident response tasks during an incident at various stages of the incident
- Document the Analysis and activities as it pertains to the alert details, the response performed for containment and remediation steps along with the supporting artifacts and evidence for justification
- Facilitate the escalation process and interactions with external teams. This includes prioritizing incidents during activity time frames and including advanced teams
- Assist in the development and maintenance of new processes and documentation including newly developed correlation rules to help our analysts continually improve to engage the current threats.
- Utilizing the intelligence from various sources and coordinating with internal teams, help test new alert detections that support the monitoring and enforcement of the ADP security policies while helping improve existing alerts to reduce False positive rates
- Manage multiple alerts and investigations simultaneously while participating in adhoc CIRC Projects and Operational Improvement activities
- Participate in Purple team exercises and post-exercise activities
To Succeed in This Role:
- Bachelor’s degree or equivalent.
- Specialized training in information security helpful.
- Security Certifications are a plus, but not required. CISSP, GSEC, GCIA, GCIH, GREM
Qualifications:
- Similar Security roles with relevant analysis experience in a large corporate environment is highly recommended
- 6 Years combined actual Security Analysis and Incident Response Experience
- Networking Skills - Strong experience in Windows and *nix environments. Excellent understanding of TCP/IP and network communications. Strong network administration skills. Packet-level behavioral familiarity with most major TCP/IP application protocols. General understanding of key components of internet architecture.
- Incident Handling - Excellent computer security incident handling, analytical and communication skills. Familiarity with interpreting the log output of a wide selection of device classes including networking and host Infrastructure devices. In depth knowledge of computer security forensics and security vulnerabilities. Broad knowledge of business-impacting security scenarios and viable methods to detect these scenarios (Cross device log correlation)
- Operating Systems - Strong system admin skills. Experience with multiple OS's and versions is required.
- Security Tools & Technologies - Well versed in multiple security technologies such as SIEM, DPI, GRC, Antivirus, Intrusion Detection & Prevention Systems, Cloud/AWS, EDR, XDR, UBA, Web Proxy/Content Filtering, Active Directory, PKI, Radius, RSA SecurID, MFA
- Malware Analysis - Reverse-engineering and executable analysis skills. Experience in reverse-engineering script content in multiple formats. Knowledge of how to operate a debugger. Knowledge of basic packing and obfuscation techniques. Broad knowledge of data and executable file types and extracting information from them. Functional knowledge of Shellcode fundamentals
- Scripting / Development - Enough SQL familiarity to generate nested queries and joins in a major SQL dialect. General experience with systems automation in a major scripting language. General knowledge of web content scripting languages. Functional experience with text and data representation and manipulation (XML, HTML, Regular Expressions, Wiki Markup, SQL)
What are you waiting for? Apply today!