Skip to main content

Lead Threat Intelligence Analyst

ADP Sign, backlit


Lead Threat Intelligence Analyst

Global Cybersecurity Services (GCS)

Global Security Organization


At ADP we are driven by your success. We engage your unique talents and perspectives. We welcome your ideas on how to do things differently and better. In your efforts to achieve, learn and grow, we support you all the way. If success motivates you, you belong at ADP.

Technology at ADP. It's the foundation of the products and services that have made us a world-wide leader in workforce solutions. With us, you can combine technical skills and business acumen, to effectively consult as well as solve technical challenges. You have the opportunity to train on leading-edge technologies that continually redefine what's possible in our industry.

The Threat Intelligence Team within ADP's Global Security Organization (GSO) is responsible for Collection, Correlation, Automation and Reporting of various Cyber Threat and Fraud Data.

In this role, the Lead Threat Intelligence Analyst will be responsible for the tactical, and operational analysis of cyber, threats that may impact ADP. The Cyber Threat Intelligence Analyst will demonstrate technical expertise and leadership in the areas of threat intelligence, brand protection, and data analysis.

You will work alongside a team of intelligence analysts, threat hunters, and security operations team to help improved and action Intelligence. Assist in producing a comprehensive operating picture and cyber security situational awareness. You will work with various intelligence collection and reporting tools and frameworks to produce reports and/or products. Collect, process, catalog, and document information as required based on defined intelligence requirements

To thrive in this threat position, you'll need to be an expert in building and enhancing intelligence products and services. You'll also need experience working with structured and unstructured data and are great at maintaining situation awareness. You know how to work with Security Operations team to create the most value and identify gaps in available intelligence information and engage with leadership on strategies to meet intelligence requirements through Intelligence collection processes

Hours of operation to be approximately from 3:00PM to Midnight (Mid-shift) Manila time.


  • Collect, analyze, investigate, store, and disseminate threat intelligence (actors, campaigns, TTPs, IOAs, IOCs).
  • Collect and analyze artifacts including malicious executables, scripts, documents, and packet captures.
  • Conduct detailed technical analysis supported by industry accepted threat intelligence analytical frameworks, tools, and standards.
  • Collaborate with technical and threat intelligence analysts to provide indications and warnings and contribute to predictive analysis of malicious activity.
  • Develop and refine cyber-threat intelligence collection and analysis processes.
  • Apply knowledge of current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.
  • Generate tailored and actionable products based on analyzed threat campaigns, external and internal events and incidents.
  • Develop analytical hypotheses, prove (or disprove) those hypotheses through research; communicate that information to stakeholders both verbally and in writing.
  • Produce quality intelligence products at the Operational, and Tactical level for audiences with diverse technological backgrounds.
  • Review and process and analyze external/brand abuse and digital risk data.
  • Develop automation processes and dashboards to measure trends.
  • Ability to work in a fast-paced environment with minimal supervision.
  • Review and analyze internal, open source, and dark web datasets to find threat information and use it to provide value to ADP.
  • Provide accurate and priority driven analysis on cyber activity/threats, and present complex operational/technical topics to senior managers and stakeholders.
  • Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the organization, as well as different business segments.
  • Create and evaluate trend/correlation analysis for scenario forecasting at both the tactical and operational level.
  • Provide expertise and recommend relevant remediation and countermeasures during incident response efforts.
  • Provide security risk mitigation methods and compensating controls to help drive remediation efforts for the business.
  • Generate presentations that illustrate research through visualizations, charts, graphs, infographics, and evidence capture for senior leadership.
  • Provide input for the development of objectives, key results, and program metrics.
  • Exhibit strong critical thinking and problem-solving skills with sound judgement.
  • Maintain or develop professional contacts in the various communities in support of operations.
  • Support the Critical Incident Response Center (CIRC)/SOC with intelligence collection, analysis and/or dissemination as it relates to on-going investigations.


  • 5+ years of cybersecurity, threat intelligence or IT experience; 2+ years of experience in operational or tactical cyber threat analysis; experience can include one or more of the following cyber-security functions: Cyber Threat Intelligence, Threat Hunting, System Administration, Intrusion Detection/Prevention, Monitoring, Incident Response, Digital Forensics, Vulnerability Management
  • Ability to write scripts for automation process development using Python and other languages.
  • Ability to work with API and implement integrations between tools/solutions.
  • Ability to work in a fast-paced environment with minimal supervision.
  • Ability to introduce and provide improvements to the current processes for more efficiency and actionability.
  • Prior experience working with Threat Intelligence tools such as: Recorded Future, Titan, ThreatQ, Virus Total, ThreatConnect, Spycloud, etc.
  • Prior experience as a technical cyber threat intelligence (or related) subject matter expert that has worked across organizational boundaries to analyze cyber threats to their organization’s infrastructure and services.
  • Candidates must be able work independently with minimal supervision.
  • Excellent English verbal and written communication skills are required.


  • A Computer Science College degree is a plus, but not required. What's more important is having the skills and experience to do the job.
  • Holds certifications such as SANS FOR578, GIAC OSI, Security+, CISSP, GCTI, GREM, OSCP or similar training and certification.


  • Knowledge of advanced cyber threats, threat vectors, attacker methodology to include, tools, tactics, and procedures and how they tie into the Cyber Kill Chain or ATT&CK framework, Diamond Model etc.
  • Experience in malware detection and analysis using static and dynamic malware analysis methods.
  • Knowledge of cloud services and their attack surface.
  • Knowledge of how malicious code operates and how technical vulnerabilities are exploited.
  • Experience with premium threat intelligence tooling and/or open-source intelligence techniques.
  • Experienced in developing network and host-based signatures to identify specific malware.
  • Experience with disseminating information in accordance with TLP classification and handling protocols, to the sector through the appropriate mechanisms.
  • Experience with various link analysis and intelligence software applications.
  • Organizational and self-directing skills -- ability to initiate, coordinate and prioritize responsibilities and follow through on tasks to completion
  • Programming / Scripting experience to automate tasks is a plus (python, Perl, .net, etc.)
  • Understanding the following foreign languages is a plus (Mandarin, Farsi, Korean, Arabic)
  • Experience with developing tools to enhance cyber-threat intelligence capabilities.
  • Banking or Financial industry experience

About ADP: We power organizations with insightful solutions that drive business success. Consistently named one of the "Most Admired Companies" by FORTUNE® Magazine, and recognized by Forbes® as one of "The World's Most Innovative Companies," ADP has over a half-million clients around the globe and 60+ years of experience as a world-wide leader of business outsourcing solutions.

ADP is an Equal Opportunity Employer. ADP believes that diversity leads to strength.

BASIC REQUIREMENTS • 5+ years experience in cybersecurity, threat intel or IT ; 2+ years experience in threat analysis; experience can include Cyber Threat Intel, Threat Hunting, System Administration, IDP, Monitoring, IR, Digital Forensics, &/or Vulnerability Management • Ability to write scripts for automation process development using Python, Perl, Net & other languages • Ability to work with API & implement integrations between tools • Ability to introduce & provide improvements to the current processes for more efficiency & actionability • Experience with threat intel tools (eg Recorded Future, Titan, ThreatQ, VT, ThreatConnect, Spycloud) • Experience as a technical cyber threat intel analyst who has worked across organizations to analyze cyber threats • Candidates must be able work independently with minimal supervision • Excellent English verbal & written communication skills EDUCATION: • A Computer Science degree is a +, but not required • SANS FOR578, GIAC OSI, Security+, CISSP, GCTI, GREM, OSCP or similar training & certification is a + OTHER COMPETENCIES • Knowledge of advanced cyber threats, threat vectors, attacker methodology such as TTPs, Cyber Kill Chain, ATT&CK framework, Diamond Model etc • Experience in malware detection & analysis using static & dynamic analysis • Knowledge of cloud services & their attack surface • Knowledge of how malicious code operates & how technical vulnerabilities are exploited • Experience with premium threat intel tooling & open-source intel techniques • Experience developing network & host-based signatures to identify specific malware • Experience disseminating information in accordance with TLP classification & handling protocols • Experience with various link analysis & intel software applications • Ability to initiate, coordinate & prioritize responsibilities & follow through on tasks to completion • Understanding Mandarin, Farsi, Korean, Arabic is a + • Banking/Financial industry experience

Diversity, Equity, Inclusion & Equal Employment Opportunity at ADP: ADP is committed to an inclusive, diverse and equitable workplace, and is further committed to providing equal employment opportunities regardless of any protected characteristic including: race, color, genetic information, creed, national origin, religion, sex, affectional or sexual orientation, gender identity or expression, lawful alien status, ancestry, age, marital status, protected veteran status or disability. Hiring decisions are based upon ADP’s operating needs, and applicant merit including, but not limited to, qualifications, experience, ability, availability, cooperation, and job performance.

Ethics at ADP: ADP has a long, proud history of conducting business with the highest ethical standards and full compliance with all applicable laws. We also expect our people to uphold our values with the highest level of integrity and behave in a manner that fosters an honest and respectful workplace. Click to learn more about ADP’s culture and our full set of values.

Similar Jobs

Here are some other jobs you might like...

  • Alpharetta, United States
  • Roseland, United States / Alpharetta, United States
  • United States-Home Office, United States


#ADPTech Ready to design a brighter future?

We’re curious and determined, passionate about our teams, and have a deep sense of pride in what we do. We create elegant solutions at an impressive scale that people love to use.

Explore careers
Internal office collaboration between colleagues

What we do

Our products, services, and impact.

Learn about tech at ADP
Team photo of ADT employees

Who we hire

People who thrive on collaboration and solving complex problems.

Find a career at ADP
ADP Sign, backlit

Where we innovate

At Innovation Centers around the world.

Explore our locations
ADP team participating in a group activity.

Our culture

We are greater than the sum of our parts.

Discover what we’re all about

Our Story

Creating for the future. Now.

Careers. Gigs. Agile teams. Whatever way the world chooses to work, ADP is there to make it happen. See how we’re shaping an industry.

Visit our blog
Voice of Our People

Life in the Fast Lane with Lyndze B.

Voice of Our People, Impact, Women in STEM

Lyndze B., Lead User Experience in Product Management, balances her passion for cycling and UX Design.

Say hello

Stay informed on career opportunities at ADP.

Three ADP employees looking at a mobile phone.