Lead Security Engineer - Application Runtime Protection

Description ADP is Hiring a Lead Security Engineer - Application Runtime Protection Unlock Your Career Potential: Global Security Organization at ADP.

Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients.

POSITION SUMMARY

You're a jack of all trades, leader by nature who has a deep desire to flex their skills in application runtime protection and are always out to help others grow with you.

You like getting your hands dirty on everything and anything by contributing and learning in the weeds. One day you’ll contribute to development projects and the next you’re heads-down on security policy reviews or helping strategize the next great integration or optimization. You’re humble about your accomplishments, but everyone recognizes you’re not just keeping the lights on, but making them shine.

You'll juggle the responsibility of contributing to and becoming the point person on multiple application runtime programs on a regular basis including Web Application Firewall Security, GenAI Guardrail Security, and API Security and you enjoy a little pressure from time to time, because it keeps you challenged and growing.

This role is best suited for those who want to truly experience DevSecOps and grow within the Product Security organization at ADP.

You will champion security while assessing application policies in a fast-paced environment at scale, getting deep in the weeds on program traffic, making challenging decisions, and contributing in every way possible towards the program (and inevitably your own career growth and skills to add to your utility belt).

Like what you see? Apply now!

Learn more about ADP at tech.adp.com/careers

RESPONSIBILITIES:

• This is a full-time cybersecurity position for a (DevSecOps) lead security engineer
• Review policy level traffic on a weekly (or daily) basis in a timely manner and identify actions to tighten security across all programs (WAF, GenAI Guardrails, API)
• Present recommendations to policy owners (app development leads) and drive them to adopt your recommendations
• Aggregate metrics for reporting
• Contribute towards team or program improvements by identifying areas to improve and working with leadership to make
• Contribute towards software development activities as needed
• Maintain consistent documentation associated to all operational activities and all developed systems or integrations
• Be able to take high level directive and self-manage with touchpoints for clarity

• You'll have a bachelor’s degree or equivalent knowledge demonstration in a relevant field such as computer science, computer engineering, or information technology

• Five years of experience in security OR demonstrated success in at least three years of similar security work
• Demonstrated expertise in analyzing web traffic for known common attack patterns like SQLi, XSS, and more OR equivalent application security background (shift-left, pen test, etc.) with demonstrated potential to rapidly skill up
• Demonstrated leadership experience or potential
• STAR experience with public speaking and examples of ownership situations in team settings (projects, etc) or prior internships to demonstrate capabilities
• Expertise in reading and writing one core coding or scripting language (Java, Python, etc)
• Experience in querying (SQL) and data manipulation (RegEx, etc) across various toolsets
• Ability to self-identify patterns in metadata (security or otherwise) across individual or multiple records and strategize ways to quickly filter data as needed
• Possess a good understanding application security / shift-left and interest to learn and grow or apply skills in runtime protections (WAF, GenAI Guardrails, API Security, etc.)

Preference will be given to candidates who have the following:

• Experience in detailed & organized documentation
• Inclination to proactively learn and grow within a cybersecurity organization
• Have an opinion – the ability to think and judge for yourself is crucial towards helping our application teams reduce their workload in identifying false positives

What are you waiting for? Apply today!

Find out why people come to ADP and why they stay: https://youtu.be/ODb8lxBrxrY

(ADA version: https://youtu.be/IQjUCA8SOoA )

#LI-SD4

#LI-Hybrid