Automatic Data Processing, Inc.
Sr. Security Analyst
Automatic Data Processing, Inc., Roseland, New Jersey, us, 07068
ADP is Hiring a Sr Security Analyst - Hybrid role in Roseland, NJUnlock Your Career Potential: Global Security Organization at ADP.Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data.We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients.Ideal candidates should be experienced in multiple technical security skills such as:Incident ResponseIntrusion DetectionEndpoint DefenseMalware AnalysisMalicious CodeAutomation / CodingPosition Summary:Providing around-the-clock protection and cyber defense of ADP's global network of applications and data from threats from cyberspace is pivotal to the success of ADP's globally recognized brand and the continued growth of ADP's $10B market share.The
Critical Incident Response Center (CIRC)
Analysts are responsible for detect and response activities for ADP globally across a broad set of security disciplines -- including cyber operations, fraud prevention, physical security, and operational risk management.Analysts must have a holistic understanding of the modern physical and cyber security landscape and will liaise with other Business and Security Teams, Legal, Privacy, Communications, Public Relations and the Business Units teams to triage any and all ADP internal, potential consumer, client or other issues related to Security Incidents.Analysts will rapidly gather information to investigate alerts, determine criticality, risk, and business impact in order to take appropriate measures for containment and assist with or recommend remediation efforts.Responsibilities:As a key member of a Critical Incident Response Center the Senior Analyst will investigate security alerts from multiple sources, determines their criticality and promptly apply appropriate containment and mitigation measuresLead complex investigations working with cross-functional, geo-dispersed teams in large enterprise environmentsTake ownership of alert investigations and drive them to resolution, demonstrate technical leadership and serve as a mentor to junior analysts on the teamPerform Event Monitoring and Log Analysis for all Cyber Alerts in a centralized and prioritized queueEnrich and Correlate IOC’s from active investigations to identify other potential security incidentsCollaborate with multiple GSO teams to support their investigations as necessaryReview intel from various intelligence sources and identify any indicators of attacks that may be focused on ADP or identify any activities from threat actors that may have an interest in ADPConduct technical analysis and assessments of security related incidents, including malware analysis, packet level analysis, and system level forensic analysisConduct analysis of network events from various device types and vendors from multiple technologies and productsCapture files, artifacts, logs, registry entries or other host-based evidenceInitiate, Support and Lead various investigative incident response tasks during an incident at various stages of the incidentDocument the Analysis and activities as it pertains to the alert details, the response performed for containment and remediation steps along with the supporting artifacts and evidence for justificationFacilitate the escalation process and interactions with external teams. This includes prioritizing incidents during activity time frames and including advanced teamsAssist in the development and maintenance of new processes and documentation including newly developed correlation rules to help our analysts continually improve to engage the current threats.Utilizing the intelligence from various sources and coordinating with internal teams, help test new alert detections that support the monitoring and enforcement of the ADP security policies while helping improve existing alerts to reduce False positive ratesManage multiple alerts and investigations simultaneously while participating in adhoc CIRC Projects and Operational Improvement activitiesParticipate in Purple team exercises and post-exercise activitiesTo Succeed in This Role:Bachelor’s degree or equivalent.Specialized training in information security helpful.Security Certifications are a plus, but not required. CISSP, GSEC, GCIA, GCIH, GREMQualifications:Similar Security roles with relevant analysis experience in a large corporate environment is highly recommended6 Years combined actual Security Analysis and Incident Response ExperienceNetworking Skills
- Strong experience in Windows and *nix environments. Excellent understanding of TCP/IP and network communications. Strong network administration skills. Packet-level behavioral familiarity with most major TCP/IP application protocols. General understanding of key components of internet architecture.Incident Handling
- Excellent computer security incident handling, analytical and communication skills. Familiarity with interpreting the log output of a wide selection of device classes including networking and host Infrastructure devices. In depth knowledge of computer security forensics and security vulnerabilities. Broad knowledge of business-impacting security scenarios and viable methods to detect these scenarios (Cross device log correlation)Operating Systems
- Strong system admin skills. Experience with multiple OS's and versions is required.Security Tools & Technologies
- Well versed in multiple security technologies such as SIEM, DPI, GRC, Antivirus, Intrusion Detection & Prevention Systems, Cloud/AWS, EDR, XDR, UBA, Web Proxy/Content Filtering, Active Directory, PKI, Radius, RSA SecurID, MFAMalware Analysis
- Reverse-engineering and executable analysis skills. Experience in reverse-engineering script content in multiple formats. Knowledge of how to operate a debugger. Knowledge of basic packing and obfuscation techniques. Broad knowledge of data and executable file types and extracting information from them. Functional knowledge of Shellcode fundamentalsScripting / Development
- Enough
SQL
familiarity to generate
nested queries and joins
in a major SQL dialect. General experience with systems automation in a major scripting language. General knowledge of web content scripting languages. Functional experience with text and data representation and manipulation (XML, HTML, Regular Expressions, Wiki Markup, SQL)YOU'LL LOVE WORKING HERE BECAUSE YOU CAN:Have courageous team collaboration.
Courage comes from how associates are willing to have difficult conversations, speak up, be an owner, and challenge one another's ideas to net out the best solution.Deliver at epic scale.
We deliver real user outcomes using strong judgment and good instincts. We're obsessed with the art of achieving simplicity with a focus on client happiness and productivity.Be surrounded by curious learners.
We align ourselves with other smart people in an environment where we grow and elevate one another to the next level. We encourage our associates to listen, stay agile, and learn from mistakes.Act like an owner & doer.
Mission-driven and committed to leading change, you will be encouraged to take on any challenge and solve complex problems. No tasks are beneath or too great for us. We are hands-on and willing to master our craft.Give back to others.
Always do the right thing for our clients and our community and humbly give back to the community where we live and work. Support our associates in times of need through ADP's Philanthropic Foundation.Join a company committed to equality and equity.
Our goal is to impact lasting change through our actions.What are you waiting for? Apply today!
#J-18808-Ljbffr
Critical Incident Response Center (CIRC)
Analysts are responsible for detect and response activities for ADP globally across a broad set of security disciplines -- including cyber operations, fraud prevention, physical security, and operational risk management.Analysts must have a holistic understanding of the modern physical and cyber security landscape and will liaise with other Business and Security Teams, Legal, Privacy, Communications, Public Relations and the Business Units teams to triage any and all ADP internal, potential consumer, client or other issues related to Security Incidents.Analysts will rapidly gather information to investigate alerts, determine criticality, risk, and business impact in order to take appropriate measures for containment and assist with or recommend remediation efforts.Responsibilities:As a key member of a Critical Incident Response Center the Senior Analyst will investigate security alerts from multiple sources, determines their criticality and promptly apply appropriate containment and mitigation measuresLead complex investigations working with cross-functional, geo-dispersed teams in large enterprise environmentsTake ownership of alert investigations and drive them to resolution, demonstrate technical leadership and serve as a mentor to junior analysts on the teamPerform Event Monitoring and Log Analysis for all Cyber Alerts in a centralized and prioritized queueEnrich and Correlate IOC’s from active investigations to identify other potential security incidentsCollaborate with multiple GSO teams to support their investigations as necessaryReview intel from various intelligence sources and identify any indicators of attacks that may be focused on ADP or identify any activities from threat actors that may have an interest in ADPConduct technical analysis and assessments of security related incidents, including malware analysis, packet level analysis, and system level forensic analysisConduct analysis of network events from various device types and vendors from multiple technologies and productsCapture files, artifacts, logs, registry entries or other host-based evidenceInitiate, Support and Lead various investigative incident response tasks during an incident at various stages of the incidentDocument the Analysis and activities as it pertains to the alert details, the response performed for containment and remediation steps along with the supporting artifacts and evidence for justificationFacilitate the escalation process and interactions with external teams. This includes prioritizing incidents during activity time frames and including advanced teamsAssist in the development and maintenance of new processes and documentation including newly developed correlation rules to help our analysts continually improve to engage the current threats.Utilizing the intelligence from various sources and coordinating with internal teams, help test new alert detections that support the monitoring and enforcement of the ADP security policies while helping improve existing alerts to reduce False positive ratesManage multiple alerts and investigations simultaneously while participating in adhoc CIRC Projects and Operational Improvement activitiesParticipate in Purple team exercises and post-exercise activitiesTo Succeed in This Role:Bachelor’s degree or equivalent.Specialized training in information security helpful.Security Certifications are a plus, but not required. CISSP, GSEC, GCIA, GCIH, GREMQualifications:Similar Security roles with relevant analysis experience in a large corporate environment is highly recommended6 Years combined actual Security Analysis and Incident Response ExperienceNetworking Skills
- Strong experience in Windows and *nix environments. Excellent understanding of TCP/IP and network communications. Strong network administration skills. Packet-level behavioral familiarity with most major TCP/IP application protocols. General understanding of key components of internet architecture.Incident Handling
- Excellent computer security incident handling, analytical and communication skills. Familiarity with interpreting the log output of a wide selection of device classes including networking and host Infrastructure devices. In depth knowledge of computer security forensics and security vulnerabilities. Broad knowledge of business-impacting security scenarios and viable methods to detect these scenarios (Cross device log correlation)Operating Systems
- Strong system admin skills. Experience with multiple OS's and versions is required.Security Tools & Technologies
- Well versed in multiple security technologies such as SIEM, DPI, GRC, Antivirus, Intrusion Detection & Prevention Systems, Cloud/AWS, EDR, XDR, UBA, Web Proxy/Content Filtering, Active Directory, PKI, Radius, RSA SecurID, MFAMalware Analysis
- Reverse-engineering and executable analysis skills. Experience in reverse-engineering script content in multiple formats. Knowledge of how to operate a debugger. Knowledge of basic packing and obfuscation techniques. Broad knowledge of data and executable file types and extracting information from them. Functional knowledge of Shellcode fundamentalsScripting / Development
- Enough
SQL
familiarity to generate
nested queries and joins
in a major SQL dialect. General experience with systems automation in a major scripting language. General knowledge of web content scripting languages. Functional experience with text and data representation and manipulation (XML, HTML, Regular Expressions, Wiki Markup, SQL)YOU'LL LOVE WORKING HERE BECAUSE YOU CAN:Have courageous team collaboration.
Courage comes from how associates are willing to have difficult conversations, speak up, be an owner, and challenge one another's ideas to net out the best solution.Deliver at epic scale.
We deliver real user outcomes using strong judgment and good instincts. We're obsessed with the art of achieving simplicity with a focus on client happiness and productivity.Be surrounded by curious learners.
We align ourselves with other smart people in an environment where we grow and elevate one another to the next level. We encourage our associates to listen, stay agile, and learn from mistakes.Act like an owner & doer.
Mission-driven and committed to leading change, you will be encouraged to take on any challenge and solve complex problems. No tasks are beneath or too great for us. We are hands-on and willing to master our craft.Give back to others.
Always do the right thing for our clients and our community and humbly give back to the community where we live and work. Support our associates in times of need through ADP's Philanthropic Foundation.Join a company committed to equality and equity.
Our goal is to impact lasting change through our actions.What are you waiting for? Apply today!
#J-18808-Ljbffr