Automatic Data Processing
Senior Lead Application Security Analyst
Automatic Data Processing, Roseland, New Jersey, United States, 07068
Senior Lead Application Security Analyst
ADP is hiring a Sr. Lead Application Security Analyst. In this position, you'll be responsible for assessing the security of ADP applications by performing dynamic and static application security assessments. Lead comprehensive security assessments across a variety of platforms, including Gen AI, web, mobile, and server-based applications, ensuring robust security protocols. Location: Roseland, NJ (Hybrid) or Alpharetta, GA Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients. Like what you see? Apply now! Learn more about ADP at tech.adp.com/careers Responsibilities: Design and implement advanced testing strategies for Gen AI applications, leveraging cutting-edge technologies and methodologies. Perform penetration testing of GenAI use cases and other applications Work with vendor and internal teams to mature GenAI runtime protection technologies by identifying gaps in third party solutions that analyze prompts and outputs Develop processes to evaluate app-level GenAI vulnerability results for broader protection in GenAI runtime protection solutions (e.g. block vs. inform specific prompts or outputs) Create prompt test cases for GenAI runtime solutions and work with vendors and internal teams to identify means to block unwanted responses via RegEx and other logic-based approaches Work with leadership to define and collect metadata for GenAI application that helps to assist in measuring risk and fine tuning GenAI runtime controls Evaluate the severity of vulnerabilities in accordance with industry standards, documenting findings with detailed proof of concepts as needed. Collaborate with development teams to elucidate identified vulnerabilities, providing insights and guidance for remediation. Propose tailored security enhancements for each application, considering unique requirements and architecture. Offer mentorship and technical leadership to junior application security analysts, fostering a culture of continuous learning and development. To Succeed in This Role: Bachelor's degree or equivalent. A plus to have a degree in computer science, computer engineering, or information technology, complemented by 5 to 8 years of experience in application security. Proficiency in penetration testing of Gen AI applications and LLMs, as well as web and mobile platforms, with a strong understanding of REST/SOAP APIs. Familiarity with string manipulation and validation inclusive of RegEx and content encoding with the ability to develop logic to validate prompt and response content for GenAI runtime A background in assessing the security of Thick-client and Embedded applications is highly desirable. Familiarity with AGILE methodologies and the ability to adapt to fast-paced, evolving project requirements. Competence in risk assessment and the ability to articulate the implications of vulnerabilities within an enterprise context. Demonstrated ability to craft proof of concepts and exploits, coupled with a thorough understanding of exploitation techniques. Expertise in programming languages such as Python or Ruby, with additional experience in Java or .Net being beneficial. Exceptional problem-solving abilities, excellent communication skills, and a proven track record of effective teamwork, particularly in remote settings. A proactive and self-motivated approach, with a commitment to maintaining a positive work environment and the ability to operate independently when required. You'll Love Working Here Because You Can: Have courageous team collaboration. Deliver at epic scale. Be surrounded by curious learners. Act like an owner & doer. Give back to others. Join a company committed to equality and equity. What are you waiting for? Apply today!
ADP is hiring a Sr. Lead Application Security Analyst. In this position, you'll be responsible for assessing the security of ADP applications by performing dynamic and static application security assessments. Lead comprehensive security assessments across a variety of platforms, including Gen AI, web, mobile, and server-based applications, ensuring robust security protocols. Location: Roseland, NJ (Hybrid) or Alpharetta, GA Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients. Like what you see? Apply now! Learn more about ADP at tech.adp.com/careers Responsibilities: Design and implement advanced testing strategies for Gen AI applications, leveraging cutting-edge technologies and methodologies. Perform penetration testing of GenAI use cases and other applications Work with vendor and internal teams to mature GenAI runtime protection technologies by identifying gaps in third party solutions that analyze prompts and outputs Develop processes to evaluate app-level GenAI vulnerability results for broader protection in GenAI runtime protection solutions (e.g. block vs. inform specific prompts or outputs) Create prompt test cases for GenAI runtime solutions and work with vendors and internal teams to identify means to block unwanted responses via RegEx and other logic-based approaches Work with leadership to define and collect metadata for GenAI application that helps to assist in measuring risk and fine tuning GenAI runtime controls Evaluate the severity of vulnerabilities in accordance with industry standards, documenting findings with detailed proof of concepts as needed. Collaborate with development teams to elucidate identified vulnerabilities, providing insights and guidance for remediation. Propose tailored security enhancements for each application, considering unique requirements and architecture. Offer mentorship and technical leadership to junior application security analysts, fostering a culture of continuous learning and development. To Succeed in This Role: Bachelor's degree or equivalent. A plus to have a degree in computer science, computer engineering, or information technology, complemented by 5 to 8 years of experience in application security. Proficiency in penetration testing of Gen AI applications and LLMs, as well as web and mobile platforms, with a strong understanding of REST/SOAP APIs. Familiarity with string manipulation and validation inclusive of RegEx and content encoding with the ability to develop logic to validate prompt and response content for GenAI runtime A background in assessing the security of Thick-client and Embedded applications is highly desirable. Familiarity with AGILE methodologies and the ability to adapt to fast-paced, evolving project requirements. Competence in risk assessment and the ability to articulate the implications of vulnerabilities within an enterprise context. Demonstrated ability to craft proof of concepts and exploits, coupled with a thorough understanding of exploitation techniques. Expertise in programming languages such as Python or Ruby, with additional experience in Java or .Net being beneficial. Exceptional problem-solving abilities, excellent communication skills, and a proven track record of effective teamwork, particularly in remote settings. A proactive and self-motivated approach, with a commitment to maintaining a positive work environment and the ability to operate independently when required. You'll Love Working Here Because You Can: Have courageous team collaboration. Deliver at epic scale. Be surrounded by curious learners. Act like an owner & doer. Give back to others. Join a company committed to equality and equity. What are you waiting for? Apply today!