GSO CIRC Analyst
ADP
Bucharest, Bucuresti, ROM
‎în urmă cu 17 ore

At ADP we are driven by your success . We engage your unique talents and perspectives. We welcome your ideas on how to do things differently and better.

In your efforts to achieve, learn and grow, we support you all the way. If success motivates you, you belong at ADP.

Technology at ADP. It's the foundation of the products and services that have made us a world-wide leader in workforce solutions.

With us, you can combine technical skills and business acumen, to effectively consult as well as solve technical challenges.

You have the opportunity to train on leading-edge technologies that continually redefine what's possible in our industry.

The GSO Critical Incident Response Center (CIRC) CIRC / SOC Analyst within ADP's Global Security Organization (GSO) is responsible for monitoring multiple sources of analytical computer information related to cyber and e-Fraud alerts.

The CIRC's main focus is to take this disparate information and turn it into strategic and tactical intelligence that is relevant to protecting ADP's lines of business.

The output of this analysis will be used to ensure a consistent and coordinated response to ongoing security threats ensuring ADP can continue to operate safely and securely.

CIRC Analyst

The ideal candidate will be part of the EMEA CIRC team (Bucharest) and approach their responsibilities with a holistic understanding of the modern cyber-security and e-fraud landscape with a strong background in incident response and process documentation.

They will handle highly complex security threats generated by ADP's automated detection systems, 3rd party, and internal data, and manual identification by ADP associates and clients.

The successful candidate will also perform the first level triage of alerts for suspicious activities related to cyber events as well as transactions identified inside of ADP's money movement platforms.

The successful candidate will process cyber alerts towards the resolution of critical incidents / events through standard applications and processes.

The candidate must have the requisite knowledge to document procedures and ensure appropriate reporting, acquire full understanding of alerts, and, if needed, escalate to ADP's CIRC leads / managers for appropriate action.

This role will be responsible for following detailed procedures for addressing high-risk activity and will be based on a follow-the-sun (FTS), 24x7 model.

Candidate will be expected to work weekends and holidays on a rotating schedule.

Responsibilities :

  • Monitoring of the fraud and cyber (occasionally) alert queue; triage of incidents to determine if escalation is required
  • Perform analysis in order to determine true positive or false positive events / alerts disposition while performing remediation efforts and recommendations
  • Qualify and identify Fraud Alert Impact / Validity by engaging the Line of Business Contact or other parts of ADP client operations
  • Following documented technical and management escalation processes to escalate up to the CIRC-EMEA leads and Fraud Investigators as quickly as possible.
  • Communicates critical cyber or fraud alerts progress status though the use of standard tool.
  • Help develop, document, and formalize a standardized incident response processes across ADP organization.
  • Help determine key stakeholders and gather current best practices from the same
  • Help define, build, test, and implement correlation rules that support the monitoring and enforcement of the ADP security policies.
  • Produce metrics that support GSO's strategic direction.
  • Determine critical support requirements needed to ensure ADP stakeholders are fully supported.
  • Conduct technical analysis and assessments of security related incidents, including malware analysis, packet level analysis, and system level forensic analysis.
  • Develop and maintain a liaison relationship with other CIRC teams, other units with the GSO, and the Business, among others
  • Provide complete and detailed information to next shift during handoff. Ensure that next shift is fully equipped with information needed to handle the incident before disengaging.
  • Introducing next shift team member to the technical support teams for proper hand over.

  • Be part of the team to generate weekly and monthly reports and provide analysis of incidents and identify areas of improvement.
  • Qualify and identify Fraud Alert Impact / Validity by engaging relevant ADP resources
  • When required, escalate up to the leads and Fraud Investigators.
  • Communicates critical fraud alerts progress status.
  • Provide complete and detailed information to next shift during handoff.
  • Ensure that next shift is fully equipped with info needed to handle the ongoing incidents
  • Help develop, document, and formalize a global incident response processes across ADP
  • Help define, build, test, and implement correlation for enforcement of the ADP security policies.
  • Develop and maintain a liaison relationship with other teams, units and the Business
  • Generate reports and provide analysis of incidents and identify areas of improvement.
  • Perform other duties as assigned
  • PREFERRED QUALIFICATIONS

    REQUIREMENTS

  • BS degree in computer science / engineering / information technology or equivalent
  • Any of the following are a plus : CFE, GISP, GSLC, GCFE, GCFA, GREM, GCIH CISSP, GSEC, or GCIA, CompTIA Network+ / Security+
  • Minimum of 3 years of IT or fraud investigation experience in a large global organization is preferred
  • Experience in fraud auditing in a large global organization is a plus
  • Experience in security incident activities.
  • Must be familiar with or willing to learn e-Fraud and the general concepts
  • Excellent analytical and documentation skills
  • Familiarity with computer security forensics and security vulnerabilities
  • Familiarity with multiple security technologies such as SIEM; Intrusion Detection Systems; End-point security; Web Proxy / Content Filtering;
  • Active Directory, PKI, Log Analysis

  • Enough SQL / PostgreSQL familiarity to generate queries
  • Functional experience with text and data representation and manipulation (XML, HTML, Regular Expressions, Wiki Markup, SQL)
  • Conceptual knowledge of operating system internals
  • file handles, threads, semaphores, stack, heap, entry points)

  • Knowledge of basic packing and obfuscation techniques
  • The candidate should have experience in Networking, Windows and *nix environments
  • Understanding of TCP / IP and network communications
  • General knowledge of web content scripting languages.
  • Knowledge of interpreting the log output of Windows and Unix logs
  • Experience producing architectural diagrams and overviews for both business and technical audiences.
  • Some exposure to collaborative workflow and documentation systems (Wiki documentation, project blogging)
  • Familiarity with interpreting the log output of a wide selection of device classes, spanning Networking and host Infrastructure service devices
  • Packet-level behavioral familiarity with most major TCP / IP application protocols
  • Strong shell or other programming skills
  • Enough SQL familiarity to generate nested queries and joins in a major SQL dialect
  • Broad knowledge of data and executable file types and extracting information from them
  • Functional knowledge of shellcode fundamentals
  • Knowledge of business-impacting security scenarios and viable methods to detect these scenarios (Cross device log correlation).
  • Implementation experience with general enterprise core service types (web / mail / dns / file servers) and core infrastructure elements (general switch / router / proxy / firewall configurations)
  • General understanding of key components of international internet architecture. Infrastructure and Authentication Systems
  • Good teamwork, communication / information sharing, strong analytical skills and influencing skills
  • Excellent verbal and written communication skills, exceptional interpersonal skills are required
  • Sense of urgency required while maintaining a high degree of professionalism.
  • The ability to multi-task, work with minimal supervision, and achieve results in a fast-paced environment.
  • COMPETENCIES

  • Acting in ways that helps deliver results in a diverse and changing environment.
  • Taking ownership of one's own professional growth and development to better contribute to ADP's goals.
  • Maintaining focus to deliver results in a fast-pace and diverse environment.
  • Holding self and others to the highest personal and professional standards, becoming a role model for ADP's vision and values.
  • Uphold highest level of confidentiality.
  • Acting in ways that helps deliver results in a diverse and changing environment.
  • Sharing ideas and information across diverse audiences and identities.
  • Solving day-to-day problems in a way that keeps the overall benefit to ADP in mind.
  • Deliver world-class service and satisfaction to clients - internal, external, diverse and emerging.
  • Develop professional growth and to contribute to ADP's goals.
  • Working effectively with others throughout ADP to achieve shared goals and unmatched results.
  • Maintaining focus to deliver results in a fast-pace and diverse environment.
  • Demonstrate attention to detail, sense of urgency, and be self-motivated
  • Explore our COVID-19 page https : / / to understand how ADP is approaching safety, travel, the hiring interview process, and more.

    Diversity, Equity, Inclusion & Equal Employment Opportunity at ADP : ADP affirms that inequality is detrimental to our associates, our clients, and the communities we serve.

    Our goal is to impact lasting change through our actions. Together, we unite for equality and equity. ADP is committed to equal employment opportunities regardless of any protected characteristic, including race, color, genetic information, creed, national origin, religion, sex, affectional or sexual orientation, gender identity or expression, lawful alien status, ancestry, age, marital status, or protected veteran status and will not discriminate against anyone on the basis of a disability.

    We support an inclusive workplace where associates excel based on personal merit, qualifications, experience, ability, and job performance.

    Ethics at ADP : ADP has a long, proud history of conducting business with the highest ethical standards and full compliance with all applicable laws.

    We also expect our people to uphold our values with the highest level of integrity and behave in a manner that fosters an honest and respectful workplace.

    Click https : / / to learn more about ADP’s culture and our full set of values.

    Raportați această lucrare
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Aplică
    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.
    Continuă
    Formular