Lead Security Engineer

Unlock Your Career Potential: Global Security Organization at ADP.
ADP is Hiring a Lead Security Engineer within our Global Security Organization
Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets their employee data.
We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients.
POSITION SUMMARY
In this role, the Lead Threat Intelligence Engineer will be responsible for the design, development, enhancement, and maintenance of the Threat Intelligence Program's Platform Operations, Automation, and Integrations. The Lead Engineer will demonstrate the ability to perform in a fast-paced team, technical expertise, and leadership in threat intelligence, application development, brand protection, and data analysis.
You will work alongside infrastructure security engineers, threat intelligence analysts, threat hunters, and the security operations team to help improve our current automation processes and future integrations.
You will work with various intelligence collection, reporting tools, and frameworks to automate the processes, develop playbooks, and/or integrate processes with other platforms. You will review documentations, develop plans, catalog and document processes, communicate with stakeholders and application support teams, follow up on requests, and improve processes.
To thrive in this position, you'll need to be an expert in application development, API integration, automation processes, understand the Threat Intelligence Lifecycle, and know how threat intelligence products and services work.
You'll also need experience working with structured and unstructured data and are great at maintaining situation awareness. You know how to work with the Security Operations team to create the most value and identify gaps in available intelligence information and engage with leadership on strategies to meet intelligence requirements through Intelligence collection processes.
Like what you see? Apply now!
Learn more about ADP at tech.adp.com/careers
A little about ADP: We are a global leader in HR technology, offering the latest AI and machine learning-enhanced payroll, tax, HR, benefits, and much more. We believe our people make all the difference in cultivating an inclusive, down-to-earth culture that welcomes ideas, encourages innovation, and values belonging. ADP has a deep commitment to diversity, equity, and inclusion as a global Best Places to Work, DiversityInc® Top 50 Company, Best CEO and company for women, LGBTQ+, multicultural talent, and more. Learn more about ADP's commitment on our YouTube channel: http://adp.careers/DEI_Videos
We strive for every interaction to be driven by our CORE values: Insightful Expertise, Integrity is Everything, Service Excellence, Inspiring Innovation, Each Person Counts, Results-Driven, - Social Responsibility.
RESPONSIBILITIES:

• Develop Indicator Enhancement/Enrichment Playbook for the Threat Intelligence Platform (TIP).
• Collect and ingest data from various sources to the TIP.
• Develop systems integration between multiple Threat Intelligence Source APIs and the TIP to ingest indicators of compromise.
• Develop threat intelligence data dashboards, based on various tagging, and indicator types along with their threat severity and confidence levels.

• Develop and maintained API connections with various security stack solutions.
• Understand and maintain API that enables the system integration between Apache Nifi and the indicators database (mirror of the Threat Intelligence Platform Database). This API handles requests to build IOC feeds based on indicator types, indicator attributes or tags, and indicators severity, and handles the enrichment of indicators.
• Develop and maintain threat intelligence system to gather IOC data from multiple external threat intelligence feeds.

• Collect, review, and analyze internal, open source, and dark web datasets to integrate with TIP and other security monitoring solutions.
• Apply knowledge of current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.
• Understand and maintain VPN infrastructure.
• Understand and maintain email servers used to deliver notifications and automated projects.
• Provide accurate and priority-driven analysis on cyber activity/threats and present complex operational/technical topics to senior managers and stakeholders.
• Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the organization, as well as different business segments.
• Ability to develop processes, scripts, and code in a quick manner to support current operations and to improve automation processes.
• Ability to work in a fast-paced environment with minimal supervision
• Collect, analyze, investigate, store, and disseminate threat intelligence (actors, campaigns, TTPs, IOAs, IOCs).
• Conduct detailed technical analysis supported by industry-accepted threat intelligence analytical frameworks, tools, and standards.
• Create and evaluate trend/correlation analysis for scenario forecasting at both the tactical and operational levels.
• Develop and refine cyber-threat intelligence collection and analysis processes.
• Generate presentations that illustrate research through visualizations, charts, graphs, infographics, and evidence capture for senior leadership.
• Provide input for developing objectives, key results, and program metrics.
• Exhibit strong critical thinking and problem-solving skills with sound judgment.
• Maintain or develop professional contacts in the various communities to support operations.
• Support the Critical Incident Response Center (CIRC)/SOC with intelligence collection, analysis, and/or dissemination as it relates to ongoing investigations

To Succeed in this role:
Knowledge of advanced cyber threats, threat vectors, and attacker methodology to include tools, tactics, and procedures and how they tie into the Cyber Kill Chain or ATT&CK framework.

• Experience in threat detection and analysis solutions.
• Knowledge of cloud services, infrastructure, and operations.
• Experience with premium threat intelligence tooling and/or open-source intelligence techniques.
• Experience with TIP automation development, collection, maintenance, and integrations.
• Experience with disseminating information in accordance with TLP classification and handling protocols to the sector through the appropriate mechanisms.
• Organizational and self-directing skills ability to initiate, coordinate and prioritize responsibilities and follow through on tasks to completion
• Experience with developing tools to enhance cyber-threat intelligence capabilities.
• Security operations experience in the financial industry.
• Snowflake
• MongoDB
• Redis (Data Caching System)
• Any AMQS (Advanced Message Queuing System) e.g.: Apache Kafka, RabbitMQ, etc.

YOU'LL LOVE WORKING HERE BECAUSE YOU CAN:

• Have courageous team collaboration.Courage comes from how associates are willing to have difficult conversations, speak up, be an owner, and challenge one another's ideas to net out the best solution.
• Deliver at epic scale.We deliver real user outcomes using strong judgment and good instincts. We're obsessed with the art of achieving simplicity with a focus on client happiness and productivity.
• Be surrounded by curious learners.We align ourselves with other smart people in an environment where we grow and elevate one another to the next level. We encourage our associates to listen, stay agile, and learn from mistakes.
• Act like an owner & doer.Mission-driven and committed to leading change, you will be encouraged to take on any challenge and solve complex problems. No tasks are beneath or too great for us. We are hands-on and willing to master our craft.
• Give back to others. Always do the right thing for our clients and our community and humbly give back to the community where we live and work. Support our associates in times of need through ADP's Philanthropic Foundation.
• Join a company committed to equality and equity. Our goal is to impact lasting change through our actions.

What are you waiting for? Apply today!
Find out why people come to ADP and why they stay: https://youtu.be/ODb8lxBrxrY
(ADA version: https://youtu.be/IQjUCA8SOoA )
#LI-SM3
#LI-Hybrid
Diversity, Equity, Inclusion & Equal Employment Opportunity at ADP: ADP affirms that inequality is detrimental to our associates, our clients, and the communities we serve. Our goal is to impact lasting change through our actions. Together, we unite for equality and equity. ADP is committed to equal employment opportunities regardless of any protected characteristic, including race, color, genetic information, creed, national origin, religion, sex, affectional or sexual orientation, gender identity or expression, lawful alien status, ancestry, age, marital status, or protected veteran status and will not discriminate against anyone on the basis of a disability. We support an inclusive workplace where associates excel based on personal merit, qualifications, experience, ability, and job performance.
Ethics at ADP: ADP has a long, proud history of conducting business with the highest ethical standards and full compliance with all applicable laws. We also expect our people to uphold our values with the highest level of integrity and behave in a manner that fosters an honest and respectful workplace. Click https://jobs.adp.com/life-at-adp/ to learn more about ADP's culture and our full set of values.