Experienced in security incident detection and response.
Strong knowledge of computer security forensics and security vulnerabilities
Strong knowledge of interpreting and correlating log outputs
Strong documentation and presentation skills.
Excellent analytical skills
The candidate should have experience in Networking, Windows and *nix environments
Some experience providing training and mentoring.
Enough SQL familiarity to generate nested queries and joins in a major SQL dialect
Financial fraud detection and response experience
General knowledge of web content scripting languages (perl, python)
3-5 years’ experience.
GSO CIRC Manager
· GCIH, GCIA, CISSP, GREM, GCFA, GIAC, CEH
The ADP-Critical Incident Response Team (CIRC) team within ADP’s Global Security Organization (GSO) is responsible for monitoring multiple sources of analytical computer and physical security related information. The CIRC’s main focus is to take this disparate information, and turn it into strategic and tactical intelligence that is relevant to protecting ADP’s lines of business from cyber threats and financial crimes. The output of this analysis will be used to ensure a consistent and coordinated response to ongoing security threats ensuring ADP can continue to operate safely and securely.
This analyst must have a holistic understanding of the modern cyber threat and fraud landscape with a strong background in incident response and process documentation. They will handle high complexity security threats generated by ADP's automated detection systems, 3rd party and internal intelligence, and manual identification by ADP associates and clients. The analyst will review current processes, refine, document, and formalize incident response processes for all incidents types to include those originating in the BUs. The analyst will be required to develop and maintain a liaison relationship with BSOs, BUs, Risk Assessment, and other CIRC teams. This analyst will have moderate technical skills in some of the following areas: network forensics / deep packet inspection, host forensics, malware analysis, ability to effectively manage critical incidents.
Analysts must have the requisite knowledge to lead an incident, provide high level communications, manage assigned analysts, develop and document procedures, and ensure appropriate reporting.
Conduct technical analysis and assessments of security related incidents, including frauds, Advanced Persistent Threats, malware propagations, virus infections, misuse of technology, exploitation of vulnerabilities…
Liaise with other ADP organizations.
Assist in the development and maintenance of new procedural documentation including newly developed correlation rules. This also includes the training of appropriate security analysts.
Coordination of incident response activities (escalations, notifications, etc.).
Monitoring, managing, and coordinating the information collection and cataloging of activities from a variety of public and private security related information sources, as well as documenting the initial analysis of vulnerability reports and how they may relate to ADP.
We are a comprehensive global provider of cloud-based Human Capital Management (HCM) solutions that unite HR, payroll, talent, time, tax and benefits administration, and a leader in business outsourcing services, analytics and compliance expertise. Our unmatched experience, deep insights, and cutting-edge technology have transformed human resources from a back-office administrative function to a strategic business advantage. ADP serves more than 610,000 clients around the world today and helps organizations of all types and sizes unlock their business potential. For 60 years, we’ve led the way in defining the future of business outsourcing solutions and we remain one of the world’s most innovative, diverse and admired companies to work for today.