General Information

Press space or enter keys to toggle section visibility

Country India Department IM SECURITY Date Wednesday, January 29, 2025 Working time Full-time Ref# 20034992 Job Level Executive Manager Job Type Experienced Job Field IM SECURITY Seniority Level Mid-Senior Level Description & Requirements

Press space or enter keys to toggle section visibility

About Xerox Holdings Corporation
For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we’ve expanded into software and services to sustainably power today’s workforce. From the office to industrial environments, our differentiated business solutions and financial services are designed to make every day work better for clients — no matter where that work is being done. Today, Xerox scientists and engineers are continuing our legacy of innovation with disruptive technologies in digital transformation, augmented reality, robotic process automation, additive manufacturing, Industrial Internet of Things and cleantech. Learn more at www.xerox.com and explore our commitment to diversity and inclusion.

Job Description:

We are seeking a highly skilled and experienced Product Security Manager to lead our team of Product Security & DevSecOps Engineers in Xerox Cybersecurity organization. The ideal candidate will have a strong background in managing product security and DevSecOps projects and teams, particularly in SDL initiatives, and will be adept at both internal security projects and external customer engagements.

Key Responsibilities:

Lead and manage a team of Product Security and DevSecOps Engineers. Assist in the establishment of action plans, timetables, and outcome measurements. Supervise security projects associated with all SDL phases. Mentor and support engineers in creating scripts, frameworks, and tools for supply chain security Validate security requirements for firmware, cloud assets, web applications, mobile applications, and networks. Develop and maintain secure coding practices and security engineering standards for the development team. Perform threat modelling, security design reviews of application or products and define security requirements as part of SDL process. Track and report on product security metrics and communicate the security posture of products to stakeholders. Ensure comprehensive documentation of assessment findings and remediation recommendations. Communicate and collaborate effectively with engineering and other security teams. Coordinate and present operational briefings and presentations to non-technical audiences and executive management. Stay informed about the latest trends in cybersecurity, including new attack techniques and vulnerabilities.

Required Skills and Experience:

At least 3 years of experience in managing Product Security projects and teams and total of 8+ years of experience in cyber security domain. Strong written and verbal communication skills, with the ability to create clear documentation and effectively convey technical concepts. Highly organized and able to manage multiple projects simultaneously. Motivated team player with a sense of urgency and initiative. Strong understanding of common vulnerabilities, attack vectors and corresponding mitigation techniques Prior experience in performing secure code reviews/reviewing results of static analysis tools. Good understanding of Secure SDLC as well as development and integration of tools used as part of CI/CD process. Strong exposure to popular application security standards including OWASP TOP 10, etc. Proficiency with at least one of the programming languages desired: Java, .Net, C#, C, C++ Prior software development experience is a plus. Uncompromising personal and professional integrity and ethics

 
#L1-SS3
#L1-REMOTE