GSO CIRC Tech Lead

Consistently named one of the ‘Most Admired Companies’ by FORTUNE® Magazine, and recognized by DiversityInc® as one of the ‘Top 50 Companies for Diversity’, ADP works with more than 740,000 organizations across the globe to help their people work smarter, embrace new challenges, and unleash their talent.

Experience/Skills:

English
Minimum of 8-10 years' experience in security or network architecture/engineering role including designing and deploying security solutions
Strong analytical and decision support skills
Dataflow, process, operational visualization and workflow documentation capabilities
Strong analytical skills and cross functional knowledge across multiple security disciplines
Strong knowledge and working experience with databases and data warehouse technologies and solutions
Familiar with interpreting the log output of a wide selection of network and host device classes (HIDS, NIDS, Firewalls, Proxies, Routers, Switches, WAF's, Servers, Desktop Controls, Endpoint Protection, etc.)
Functional experience with text and data representation and manipulation (XML, HTML, Regular Expressions, Wiki Markup, SQL)
Packet-level behavioral familiarity with most major TCP/IP application protocols ( DNS, SMTP, HTTP, BGP, LDAP, IMAP, SSH, FTP, KRB5, DHCP, CIFS)
Expert knowledge of systems automation in a major scripting language (Perl, Python, etc.)
Expert technical knowledge of MS Windows, Linux, and Unix operating systems
Strong interpersonal, verbal presentation and written communication skills
Ability to communicate security-related concepts to a broad range of technical and non-technical staff
Must possess a high degree of integrity, be trustworthy, and have the ability to work independent
Excellent analytical skills. Ability to analyze logs from multiple security technologies such as SIEM; Intrusion Detection Systems; End-point security; Web Proxy/Content Filtering; Active Directory, PKI, Radius, RSA SecureID.
Capability in performing first/second level triage of incidents to determine if alert is true positive, false-positive, or if escalation is required.
Good teamwork, communication/information sharing, strong analytical skills, and influencing skills.
Successful candidate must have a sense of urgency while maintaining a high degree of professionalism.
The ability to multi-task, work with minimal supervision, and achieve results in a fast-paced environment is a must.

Education:

BS in Information Systems or equivalent
CISSP, GSEC or GCIA
Any of the following are a plus: CISA, CRISC, CISM, PMP

Job description:

As Global Technical Lead for the Active Defense Programs of ADP's Critical Incident Response Center (CIRC), you will join a highly skilled team providing world-class security program engineering, security consultation and security technology implementation for ADP's Global Security Organization (GSO). This includes solution-ing next generation advanced threat detection, protection and monitoring across the GSO's global security platforms through advanced threat analytics and threat platform optimization techniques to ensure the best use of existing security, risk, and privacy controls, detection technologies, and threat management platforms. The CIRC Active Defense Technical Lead must have strong skills in conducting technical analysis of incidents and other security threats. This position requires previous experience in the analysis of advanced security related information, from a variety of sources to create actionable intelligence. The candidate must also have the ability to coordinate response actions, and disseminate technical information, as appropriate, in support of protecting ADP's critical infrastructure/assets.

Responsibilities Include:

Ability to assess complex cyber, fraud and converged threats, threat actors, threat vectors, defensive technical architecture, cyber defense controls, intelligence, and other related data points to develop a comprehensive threat profile and preventative / detective capability to reduce overall risk and exposure to technology, money movement, and converged security infrastructure.
Solution appropriate platform and application configurations that facilitate the advanced fraud and cyber detection use cases
Provide technical security leadership in usage of information security solutions in regards to emerging threat
Actively participation in Advanced Threat and Monitoring events.
Provide technical leadership to CIRC associates in US, Romania, Philippines and India.
Provide guidance to engineers and analysts regarding technical issues and special threat defense initiatives.
Instruct engineers and analysts in the use of new processes/procedures, operating instructions; troubleshoot technical or operational problems in order to help identify root cause of advanced threat incidents impacting ADP
Lead the technical assessments of computer, physical, fraud, risk, and threat related security incidents.
Perform as a incident handler and subject matter expert for full life cycle incident response.

We are a comprehensive global provider of cloud-based Human Capital Management (HCM) solutions that unite HR, payroll, talent, time, tax and benefits administration, and a leader in business outsourcing services, analytics and compliance expertise.
Our unmatched experience, deep insights, and cutting-edge technology have transformed human resources from a back-office administrative function to a strategic business advantage. ADP serves more than 610,000 clients around the world today and helps organizations of all types and sizes unlock their business potential.
For 60 years, we’ve led the way in defining the future of business outsourcing solutions and we remain one of the world’s most innovative, diverse and admired companies to work for today.