About Xerox Holdings Corporation
General Information

Press space or enter keys to toggle section visibility

Country

India

Department

Information Management

Date

Monday, February 20, 2023

Working time

Full-time

Ref#

20021206

Job Level

Individual Contributor

Job Type

Experienced

Job Field

Information Management

Seniority Level

Associate

Description & Requirements

Press space or enter keys to toggle section visibility

Responsible for conducting security architecture reviews for different Xerox IT, R&D, and Core businesses, and in assisting in detecting, responding, and preventing cloud security incidents.

The position requires breadth in different domains of security including vulnerability management, risk management, penetration testing, compliance, and security operations. It requires depth – an understanding of and hands-on experience in the following:

• Cybersecurity controls such as NIST 800x, and other basic security concepts, processes, and technologies
• Cloud security best practices and controls at least for AWS and Azure
• Secure development lifecycle and an understanding of the output of the static, dynamic and software composition analysis, and penetration testing
• Data security best practices and engineering controls
• Product security incident management and response
• Threat modelling and attack scenarios.
• Programming in at least one of the Programming Language, be able to code to automate some of the manual processes.
• The potential candidate should be able to take initiatives, succinctly and coherently communicate in-writing and orally, independently carry out the roles and responsibilities, and coordinate and collaborate cross-functionally with ease. The candidate should also be aware of different cybersecurity risk management frameworks such as SOC2, ISO 27X, NIST CSF.
  
  

Primary Responsibilities:

• Conducts security reviews, suggest remediations, and document findings.
• Detects, respond to security incidents in a timely manner.
• Assists in automating cloud and architectural process.
• Briefs the findings to the stakeholders.
• Maintains knowledge of the technical specialism at a detailed level and is responsible for own personal growth and technical proficiency.