ADP is hiring a Lead Information Security Analyst

Are you ready to help us design the future-state to secure our Data?

Well, this may be the role for you. Ready to make your mark?

As the Lead Information Security Analyst, you will be an integral member of the Global Zero Trust Security Portfolio Team within the Global Security Organization. This role will focus on delivering advanced data protection services as part of the Security Service Edge team, with a core emphasis on enhancing network security analytics, reporting, and operations. The ideal candidate will have a solid understanding of networking, security principles, and data protection best practices, combined with the technical skills needed to drive automation and orchestration efforts. The ability to work independently, collaborate across teams, and influence security practices at all levels of the organization is key to success in this role.

• Network Security & Automation: Lead efforts to enhance network security by automating and orchestrating processes across technology applications, backend databases, and security systems. Design and implement automation workflows to optimize data quality, reduce manual tasks, and mitigate operational risks.
• Data Analysis & Threat Detection: Use advanced analytical skills to sift through complex data sets, including web proxy logs, SIEM platforms, and other security data, to identify vulnerabilities and potential threats. Develop and apply structured queries/regex searches to detect and address risks.
• Data Protection & Policy Implementation: Implement and enforce data protection policies and controls to safeguard sensitive ADP client and company data throughout its lifecycle, ensuring compliance with security best practices and company standards.
• Reporting, Risk Management & Remediation: Create and maintain detailed security reports that drive risk-reduction strategies. Own and manage the risk register, track remediation activities, and close identified security risks. Translate technical data into actionable insights for risk management and decision-making.
• Security Training & Collaboration: Provide guidance and training for internal teams, including the Global Network team, on best practices for reducing excessive access, managing cloud app usage, and mitigating SaaS/Shadow IT sprawl. Collaborate with cross-functional teams such as IT Architecture, Network Engineering, Identity & Access Management, Legal, and Data Privacy to strengthen the organization's data security posture.
• Incident Response & Continuous Improvement: Lead or support security incident response, leveraging tools like SIEM for log review and monitoring. Ensure continuous improvement of security processes and controls by automating responses and optimizing workflows.
• CI/CD & ALM Integration: Drive security integration within development and deployment processes using CI/CD pipelines and ALM tools such as Jira, GitLab, Azure DevOps, and Bitbucket to ensure security practices are embedded throughout the software lifecycle.
• Data Security Metrics & Reporting: Use tools like Power BI to create and visualize security metrics and reporting, enabling the organization to track progress, measure the effectiveness of security controls, and make data-driven decisions to enhance the overall security program.
• Operational Support: Provide ongoing day-to-day operational support, ensuring the smooth running of security processes, handling security incidents, and providing real-time solutions to emerging security challenges.
• Data Analysis & Operations Assess, support, review and analyze daily proxy reports and recommend ways to remediate network security related concerns. Analyze, parse, and create queries against proxy logs/web policies/associate network traffic data, perform root cause analysis of events, and create leadership reports/presentations to help identify risk remediation activities. Help improve future state reporting through applied automation workflows/scripting to reduce data quality issues, reduce manual operations, and enrich future state web proxy policy governance. Lead efforts to gather/define requirements to develop prevention and detection capabilities that support ADP's data security policies. Support day-to-day operations and assist in formulating training policies, programs, and processes related to company security standards.
• Collaborate Reporting into Security Service Edge team, you work collaboratively with Global Network Solutions, End User Solutions, and Global Security solution teams to create and drive a future vision for next generation data security and zero trust capabilities. Being able to maximize relationships, understanding roles and responsibilities, and able to communicate in a clear and concise manner is crucial.
• Process Improvement Lead automation and orchestration scripting activities to improve real-time data reports. Assist with security policy and procedures development and policy enforcement. Produce detailed solution designs for next generation web protection policies and reporting. Continually improve web/SaaS program outcomes, address gaps, and reduce risk to ADP's network security processes, and sensitive data. Organize and coordinate supporting services for testing, deployment of new technical design specifications, and implementation and configuration of software suites.
• Security Incident Response Enable the comprehensive orchestration and automation of security processes to provide rapid incident response and gain efficiencies throughout the technical security services lifecycle.
• Data Security & Compliance Maintain Global Internet Security standards and ensure security-related documentation is current and accessible to properly authorized individuals. Ensure global network security initiatives maintain adherence to continually evolving data security, privacy, and legal compliance requirements. Maintain the team's risk register and own remediation for risk closure and with issues identified, provide coaching to various teams in reducing excessive access and SaaS sprawl. Ensure security compliance, drive control coverage, and define technical policies for ADP's global network across multiple workloads and environments.

• A college degree is great but not required. What's more important is having the skills and experience to do the job.
• Positive Leadership. You have an upbeat, persistent style and the ability to come up with creative solutions without fear of rejection. You can manage your time well, prioritize deliverables, and multi-task with the best of them. In addition, you can present your ideas in a clear, professional manner on paper, in-person, and over the phone. With your incredible leadership skills, you are comfortable mentoring and provide guidance and expertise to other associates. You already possess a high degree of integrity, be trustworthy, and have the ability to work independently.
• Proven Winner. With your five-plus years of experience in cybersecurity roles, including planning, implementing, and running security capabilities, you have the ability to work well with key collaborators (security partners, technology teams, business units) to help improve or solution designs that adapt to ADP infrastructure. You possess strong analytical skills and cross-functional knowledge of multiple cybersecurity disciplines, in addition to strong knowledge and working experience with next generation antivirus (NGAV), data leakage prevention (DLP), structured and unstructured data protection (UDP) technologies and approaches.
• Skilled Technical Expert. You possess a vast background (additional certificates help support your deep security knowledge (CISSP, GSEC, CISA, CISM, CRISC), comprising of functional experience working in a global hybrid cloud environment, including AWS, O365, and Google Cloud Platform, with SIEM/SOAR database applications, business intelligence (Power BI) reporting, and SQL experience. Experience with improving efficiencies using automation and orchestration solutions to reduce manual work that can be done programmatically is your secret power. Experience with CI/CD and ALM tools (Jira, Gitlab, Azure DevOps, Bitbucket) are deep. You are superb at defining and documenting business processes and controls. Your background will lend strength based on your experience with Digital Rights Management (DRM), data tagging, and encryption technologies and solutions. Your past experience with a major scripting language (PowerShell, Bash, Python, etc.) for systems automation will be an added benefit to this role!