Business Security Analyst

Job Summary:

The ESI Business Security Office is a function of ADP’s Global Security Organization (GSO). They enable the ADP Employer Services International (ESI) organization to effectively manage security within the business. BSO associates work closely with Business Units to ensure clients and associates are aligned with current security practices and policies. Each Business Unit has a Business Security Analyst (BSA) assigned, who works closely with (Senior) Management on all GSO-related topics. The Business Security Analyst  represents the GSO and Business Security Office interfacing with the respective Romania and Tunisia business units and stake-holders to consult on, drive and support:

• Business Resilience: support the business being resilient, with Business continuity planning and exercising, managing incidents and crisis.
• Risk Management: identify, document and monitor BU risks and controls within the global security taxonomy , provide risk reporting, advise on risk mitigation and remediation within the framework of GSO Operational Risk Management.
• Incident Management: provide governance over and support with established Business Incident and Technology Incident processes.
• Relationship management: use tools and bring value in our relationship with BU’s at any level of the organization.
• Security Culture: provide associates with training, security engagement opportunities and other awareness communications. Support adoption of Security transformation programs.
• Technology Transformation: be an active partner and adviser to support ADP’s technology and cybersecurity transformation.
• Product Security: be a partner in ensuring product security by providing insight through reporting, conversations with product management and GSO subject matter experts.

Scope of Responsibilities:

• Deliver dedicated security services for the Romania and Tunisia.
• Act as a Security Consultant to the BU Senior Leaders, management and associates, to support them with security programs and resources.
• Help mitigate risk, protect privacy, and meet unexpected security challenges, anticipate emerging threats.
• Represent GSO’s converged security organization; coverings a wide range of disciplines including Cyber, Physical Security, and Fraud.

Operational focus areas:

Ambassador and evangelist for GSO’s Security Program. Provide Leadership in execution of the global security program at the BU level. The Business Security Analyst role includes but is not limited to:

• Understand the ADP GSO Security program (security policies, guidelines, best practices, checklists, etc.).
• Monitor, schedule and communicate security tasks, events and trends with respect to the BU.
• Provide coordination, operational service assurance and reporting of various activities such as threat and vulnerability management (incl. alerting services, application security, and investigations, etc.).
• Assess and monitor risks associated with all processes and technologies within the BU, including application and product vulnerabilities. Ensure governance and support with related remediation process to closure.
• Support ADP’s End User Computing, Global Enterprise Technology Services functions in roll-out of all ADP security technologies within the region - such as DLP, End point protection, NAC, MFA, etc.
• Provide technical consulting around customization of security technological solutions and other security programs (Business Resilience, Zero-Trust, etc.) to make them relevant and effective regionally.
• Help drive IT and business unit collaboration for security architecture, engineering, implementation and operations.
• Provide risk and other relevant metrics to the BUs as necessary or assigned. Perform other related duties as assigned.
• Initiate and support Security training and awareness and communications programs, customized to maximize reach and impact locally/regionally.
• Monitor and support the Incident Management process in alignment with the applicable structure of local Business Security Champions for the scope/region. Consult and contribute to incident reduction programs in direct liaison with BU Business Process Improvement teams and stakeholders.
• Support and act as a local extension of GSO’s Security Advocacy, Communications and Training functions. Engage across the organization to discuss client security requirements and explain the Security Advocacy program. Provide consult with prospect and client inquiries, audit requests and the review of security terms in contracts by engaging directly with client service, sales, and legal teams.
• Support and act as a local extension of GSO’s Global Third Party Risk Management function. Maintain knowledge and oversight over the BU vendors, related initiatives, contacts and stakeholders. Advocate security around any third party involvement.

Reportting Lines:

The Business Security Analyst  reports into the EMEA Senior Director Business Security Office whose scope and team cover the Netherlands, Germany, Poland, France, Switzerland, Italy, Spain, Romania, Tunisia, South Africa, UK, Ireland and Sweden.

Knowledge and Skill Requirements:

• Bachelor’s degree in computer science or related field.
• English language proficiency required and other languages definitely a plus.
• Information Security related certifications and security product certifications are desirable.
• 5+ years security and/or risk management experience in a large and complex business environment.
• Experience in business process improvement.
• Proficiency with MS Office 365 applications.
• Knowledge of security methodologies, policies, (industry)standards, certifications and best practices.
• Knowledge of Information systems, infrastructure and operations. Ability to clearly explain technical concepts using non-technical language.
• Basic knowledge of HR or payroll skills is a plus.