Cybersecurity Analyst

Job Description

At ADP we are driven by your success. We engage your unique talents and perspectives. We welcome your ideas on how to do things differently and better. In your efforts to achieve, learn and grow, we support you all the way. If success motivates you, you belong at ADP.

Technology at ADP. It's the foundation of the products and services that have made us a world-wide leader in workforce solutions. With us, you can combine technical skills and business acumen, to effectively consult as well as solve technical challenges. You have the opportunity to train on leading-edge technologies that continually redefine what's possible in our industry.

The GSO Critical Incident Response Center (CIRC) CIRC Analyst within ADP's Global Security Organization (GSO) is responsible for monitoring multiple sources of analytical computer information related to cyber and e-Fraud alerts. The CIRC's main focus is to take this disparate information and turn it into strategic and tactical intelligence that is relevant to protecting ADP's lines of business. The output of this analysis will be used to ensure a consistent and coordinated response to ongoing security threats ensuring ADP can continue to operate safely and securely.

CIRC Analyst

The ideal candidate will be part of the EMEA CIRC team (Bucharest) and approach their responsibilities with a holistic understanding of the modern cyber-security and e-fraud landscape with a strong background in incident response and process documentation. They will handle security alerts generated by ADP's automated detection systems, 3rd party, internal data, and manual identification by ADP associates and clients. The successful candidate will also perform the first level triage of alerts for suspicious activities related to cyber events as well as transactions identified inside of ADP's money movement platforms. The successful candidate will process cyber alerts towards the resolution of critical incidents/events through standard applications and processes. The candidate must have the requisite knowledge to document procedures and ensure appropriate reporting, acquire full understanding of alerts, and, if needed, escalate to ADP's CIRC leads/managers for appropriate action. This role will be responsible for following detailed procedures for addressing high-risk activity and will be based on a follow-the-sun (FTS), 24x7 model. Candidate will be expected to work one week end per month and holidays on a rotating schedule.

Responsibilities:

• Monitoring of the cyber (and occasionally fraud alert queue); triage of cases to determine if escalation is required
• Perform analysis in order to determine true positive or false positive events/alerts disposition while performing remediation efforts and recommendations
• Qualify and identify Fraud Alert Impact/Validity by engaging the Line of Business Contact or other parts of ADP client operations
• Following documented technical and management escalation processes to escalate up to the CIRC-EMEA leads.
• Communicates critical cyber or fraud alerts progress status though the use of standard tool.
• Help develop, document, and formalize a standardized incident response processes across ADP organization.
• Help determine key stakeholders and gather current best practices
• Help define, build, test, and implement correlation rules that support the monitoring and enforcement of the ADP security policies.
• Determine critical support requirements needed to ensure ADP stakeholders are fully supported.
• Conduct technical analysis and assessments of security related incidents, including malware analysis, packet level analysis, and system level forensic analysis.
• Develop and maintain a liaison relationship with other CIRC teams, other units with the GSO, and the Business and other relevant parties
• Provide complete and detailed information to next shift during handoff. Ensure that next shift is fully equipped with information needed to handle the incident before disengaging. Introducing next shift team member to the technical support teams for proper hand over.
• Be part of the team to generate weekly and monthly reports and provide analysis of incidents and identify areas of improvement.
• Qualify and identify Cyber Alert Impact/Validity by engaging relevant ADP resources
• When required, escalate up to the leads and investigators.
• Communicates critical alerts progress status.
• Help develop, document, and formalize a global incident response processes across ADP
• Help define, build, test, and implement correlation for enforcement of the ADP security policies.
• Develop and maintain a liaison relationship with other teams, units and the Business
• Generate reports and provide analysis of incidents and identify areas of improvement.
• Perform other duties as assigned

PREFERRED QUALIFICATIONS

REQUIREMENTS

• BS degree in computer science/engineering/information technology or equivalent
• Familiarity or experience with fraud concepts and techniques
• Experience in cyber or fraud auditing in a large global organization is a plus
• Experience in security incident activities is preferred
• Must be familiar with or willing to learn advanced cyber security response and e-Fraud
• Analytical and documentation skills
• Familiarity with computer security forensics and security vulnerabilities
• Familiarity with multiple security technologies such as SIEM; Intrusion Detection Systems; End-point security; Web Proxy/Content Filtering; Active Directory, PKI, Log Analysis is preferred
• Enough SQL/PostgreSQL familiarity to generate queries
• Familiar with text and data representation and manipulation (XML, HTML Wiki Markup, SQL)
• General knowledge of basic packing and obfuscation techniques
• The candidate should be familiar with Networking and Windows OS
• Understanding of TCP/IP and network communications
• Knowledge of interpreting the log output of Windows and Unix logs
• Some exposure to collaborative workflow and documentation systems (Wiki documentation, project blogging)
• Familiarity with interpreting the log output of a wide selection of device classes, spanning Networking and host Infrastructure service devices
• Knowledge of business-impacting security scenarios and viable methods to detect these scenarios (Cross device log correlation).
• General understanding of key components of international internet architecture. Infrastructure and Authentication Systems
• Good teamwork, communication/information sharing, strong analytical skills and influencing skills
• Excellent verbal and written communication skills, exceptional interpersonal skills are required
• Sense of urgency required while maintaining a high degree of professionalism.
• The ability to multi-task, work with minimal supervision, and achieve results in a fast-paced environment.

COMPETENCIES

• Acting in ways that helps deliver results in a diverse and changing environment.
• Taking ownership of one's own professional growth and development to better contribute to ADP's goals.
• Maintaining focus to deliver results in a fast-pace and diverse environment.
• Holding self and others to the highest personal and professional standards, becoming a role model for ADP's vision and values.
• Uphold highest level of confidentiality.
• Acting in ways that helps deliver results in a diverse and changing environment.
• Sharing ideas and information across diverse audiences and identities.
• Solving day-to-day problems in a way that keeps the overall benefit to ADP in mind.
• Deliver world-class service and satisfaction to clients - internal, external, diverse and emerging.
• Develop professional growth and to contribute to ADP's goals.
• Working effectively with others throughout ADP to achieve shared goals and unmatched results.
• Maintaining focus to deliver results in a fast-pace and diverse environment.
• Demonstrate attention to detail, sense of urgency, and be self-motivated

#LI-TM1#LI-Hybrid

Diversity, Equity, Inclusion & Equal Employment Opportunity at ADP: ADP affirms that inequality is detrimental to our associates, our clients, and the communities we serve. Our goal is to impact lasting change through our actions. Together, we unite for equality and equity. ADP is committed to equal employment opportunities regardless of any protected characteristic, including race, color, genetic information, creed, national origin, religion, sex, affectional or sexual orientation, gender identity or expression, lawful alien status, ancestry, age, marital status, or protected veteran status and will not discriminate against anyone on the basis of a disability. We support an inclusive workplace where associates excel based on personal merit, qualifications, experience, ability, and job performance.

Ethics at ADP: ADP has a long, proud history of conducting business with the highest ethical standards and full compliance with all applicable laws. We also expect our people to uphold our values with the highest level of integrity and behave in a manner that fosters an honest and respectful workplace. Click https://jobs.adp.com/life-at-adp/ to learn more about ADP’s culture and our full set of values.