ADP is hiring a Senior Director of Advanced Threat Monitoring.The Senior Director of the Critical Incident Response Center (CIRC) will provide guidance to the analysts, while they are performing tasks related to the mining of ADP's data from our converged security monitoring platform. This executive must be able to lead converged detection and response efforts for ADP worldwide across a broad set of security disciplines - including cyber operations, fraud prevention, and physical security.
At ADP we are driven by your success. We engage your unique talents and perspectives. We welcome your ideas on how to do things differently and better. In your efforts to achieve, learn and grow, we support you all the way. If success motivates you, you belong at ADP.
We strive for every interaction to be driven by our CORE values: Insightful Expertise, Integrity is Everything, Service Excellence, Inspiring Innovation, Each Person Counts, Results-Driven, & Social Responsibility.
RESPONSIBILITIES:
- Provide management and leadership to analysts in 5 CIRC Centers of Excellence worldwide to deliver converged threat management 24/7.
- Determines work requirements, priorities, and best use of resources during day-to-day operations, as well as during unplanned incidents.
- Provides coordination of incident response activities through full response life-cycle (escalations, notifications, conference calls, etc.).
- Sets and communicates team goals. Develops tactical plans to reach these goals. Translates strategy into meaningful associate messages and regularly communicates with associates
- Provides Vision, Leadership, and Guidance to all associates in the key operating areas through performance and goal setting.
- Responsible for developing, maintaining & following detailed procedures for addressing relevant threats and threat actors
- Develop a tiered model to provide alerting, advanced analytics, hunting and visualization capabilities 24/7 to address the relevant threats to the enterprise.
- Determines the team's training requirements. Ensure timely and effective training is delivered to enhance skills of the organization.
- Assess severity levels of security threats (e.g., incidents, vulnerabilities, malicious code) and coordinate the appropriate notifications or escalations in a timely manner.
- Operates as Senior Security Leader representing the CSO Office as well as the advocate for the Information Security & Cyber Protection teams communicating the value of Security across the Enterprise and with external clients.
- Actively participation in Advanced Threat and monitoring events.
- Recruit, retain and train the information security skills of current and future staff - Ensure associate development while establishing bench strength.?
- Supervise the technical assessments of computer, physical, fraud, risk, and threat related security incidents.
QUALIFICATIONS:
- Bachelors or Masters Degree in a related field - Computer Science, Information Science, or Information Systems Management
- 5 -10 years of applicable security experience, with experience overseeing Incident Response, Fraud programs, SOC, CSIRT or CIRC programs
- Certifications: CISSP, CFE, CCFE, CCE, enCE, GCFA, GCFE, GREM or GCIHExperience
SKILL/COMPETENCY REQUIREMENTS:
- Ability to translate threats and threat actors TTP's into actionable alerts, correlation rules and models for further analysis
- Must have a holistic understanding of the modern cyber-crime/security landscape (Cyber, Fraud and Physical) with a strong technical and process documentation background.
- The candidate should have strong experience/understanding in Networking, Windows and *nix environments?
- Excellent understanding of TCP/IP and network communications?
- Excellent computer security incident handling and analytical skills?
- In depth knowledge of computer security forensics and security vulnerabilities?
- Must be well versed in multiple security technologies such as SIEM (RSA enVision, ArcSight, E-security, etc); Antivirus (MacAfee, Symantec, etc); Intrusion Detection Systems (Snort/Sourcefire, Tippingpoint, etc); End-point security (CSA, Mcafee HIPS, etc); Web Proxy/Content Filtering (Bluecoat, Websense, etc); Active Directory, PKI, Radius, RSA SecureIDLog Analysis?
- Familiarity with interpreting the log output of a wide selection of device classes, spanning Networking and host Infrastructure service devices (HIDS, NIIDS, Firewalls, Proxies, Routers, Switches, WAF's, Servers, Desktop Controls, Endpoint Protection, etc)?
- Broad knowledge of business-impacting security scenarios and viable methods to detect these scenarios (Cross device log correlation).
- General understanding of key components of international internet architecture, both technical and political.Infrastructure and Authentication Systems?
- Working knowledge of Converged Security Management Practices?
- Ability to think quickly in dynamic and fluid situations?
- Working knowledge of the use of Governance Risk and Compliance (GRC) platforms?
- Experience with general enterprise core service types (web/mail/dns/file servers) and core infrastructure elements (general switch/router/proxy/firewall configurations)??
- Experience providing training and mentoring, preferably to an international audience
Pass it on for Referral Bonus. Not the right role for you, but know someone we should meet? Share with him to earn $1,000 referral bonus.
Posts
