Critical Incident Response Center Analyst

Consistently named one of the ‘Most Admired Companies’ by FORTUNE® Magazine, and recognized by DiversityInc® as one of the ‘Top 50 Companies for Diversity’, ADP works with more than 740,000 organizations across the globe to help their people work smarter, embrace new challenges, and unleash their talent.

REQUIRED SKILLS

Experienced in security incident detection and response.
Strong knowledge of computer security forensics and security vulnerabilities
Strong knowledge of interpreting and correlating log outputs
Strong documentation and presentation skills.
Excellent analytical skills
The candidate should have experience in Networking, Windows and *nix environments
Some experience providing training and mentoring.
Enough SQL familiarity to generate nested queries and joins in a major SQL dialect


PREFERENCES

Financial fraud detection and response experience
General knowledge of web content scripting languages (perl, python)
SIEM
IDS
PostgreSQL
Splunk
Netwitness
Ethical hacking
Forensics


EXPERIENCE

3-5 years’ experience.


REPORTING

GSO CIRC Manager


PREFERRED CERTIFICATIONS

· GCIH, GCIA, CISSP, GREM, GCFA, GIAC, CEH

MISSION

The ADP-Critical Incident Response Team (CIRC) team within ADP’s Global Security Organization (GSO) is responsible for monitoring multiple sources of analytical computer and physical security related information. The CIRC’s main focus is to take this disparate information, and turn it into strategic and tactical intelligence that is relevant to protecting ADP’s lines of business from cyber threats and financial crimes. The output of this analysis will be used to ensure a consistent and coordinated response to ongoing security threats ensuring ADP can continue to operate safely and securely.

This analyst must have a holistic understanding of the modern cyber threat and fraud landscape with a strong background in incident response and process documentation. They will handle high complexity security threats generated by ADP's automated detection systems, 3rd party and internal intelligence, and manual identification by ADP associates and clients. The analyst will review current processes, refine, document, and formalize incident response processes for all incidents types to include those originating in the BUs. The analyst will be required to develop and maintain a liaison relationship with BSOs, BUs, Risk Assessment, and other CIRC teams. This analyst will have moderate technical skills in some of the following areas: network forensics / deep packet inspection, host forensics, malware analysis, ability to effectively manage critical incidents.


COMPETENCY

Conduct technical analysis and assessments of security related incidents, including frauds, Advanced Persistent Threats, malware propagations, virus infections, misuse of technology, exploitation of vulnerabilities…
Liaise with other ADP organizations.
Assist in the development and maintenance of new procedural documentation including newly developed correlation rules. This also includes the training of appropriate security analysts.
Coordination of incident response activities (escalations, notifications, etc.).
Monitoring, managing, and coordinating the information collection and cataloging of activities from a variety of public and private security related information sources, as well as documenting the initial analysis of vulnerability reports and how they may relate to ADP.

Transform The Way The World Works.

Introduce new ideas. Get others on board. Show everyone (including our clients) what excellence means. Encourage hard work and good fun. Stretch yourself, break down barriers and change the way things are done. Get ready to advance your career at ADP.


Passion for Life & Work.

Isn’t this what life is all about? Finding something meaningful that you enjoy doing and having fun doing it? A career at ADP gives you that opportunity.