General Information
Press space or enter keys to toggle section visibility
Country:
India
Department:
Information Management
Date:
Tuesday, April 2, 2024
Working time:
Full-time
Ref#:
********
Job Level
Executive Manager
Job Type
Experienced
Job Field
Information Management
Seniority Level
Mid-Senior Level
Description & Requirement
Press space or enter keys to toggle section visibility
About Xerox Holdings Corporation
For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we've expanded into software and services to sustainably power today's workforce. From the office to industrial environments, our differentiated business solutions and financial services are designed to make every day work better for clients — no matter where that work is being done. Today, Xerox scientists and engineers are continuing our legacy of innovation with disruptive technologies in digital transformation, augmented reality, robotic process automation, additive manufacturing, Industrial Internet of Things and cleantech.
Summary:
This position reports to the CISO of Xerox and has the overall responsibility for security strategy, engineering and product security. The qualified candidate will lead a multidisciplinary team of security engineers in designing, implementing, and maintaining robust security solutions to safeguard enterprise systems, applications, and products across a broad spectrum of technologies. The candidate must demonstrate a passion for security and lead by example that fosters continued growth and technical expertise within the team.
Primary Responsibilities:
Develop and maintain Xerox's overall security strategy in line with business and IT strategies
Develop and maintain a comprehensive security architecture framework, ensuring that security controls are effectively integrated into the design of enterprise systems, products and applications
Develop and evolve security baselines and design patterns aligned with standards and best practices
Review and guide security architects and engineers on the development of appropriate security standards, requirements and technology baselines
Provide secure design guidance to application and product teams
Own and Implement secure SDLC/DevSecOps processes across the product portfolio
Own and manage end-to-end product security incident response process
Serve as a security evangelist for executive management and business stakeholders
Research, analyze and report on security industry trends and products
Manage the team including hiring, training, talent development and performance management
Provide strategic direction and leadership to the security engineering team, fostering a culture of innovation, collaboration and excellence
Knowledge and Skills Required:
Strong knowledge of and experience in security requirements, standards and practices including NIST CSF, NIST 800-53, ISO 27001, PCI DSS, SOC2 OWASP Top 10, SANS Top 25, etc.
Strong understanding of modern application, microservices architecture in hybrid environments
Deep understanding of cloud computing concepts and architectures, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS)
Deep understanding of cloud technologies, cybersecurity principles, and best practices to design and implement robust security architectures
Previous software development experience in one or more programming languages such as C/C++, Java, Python, .Net, PHP etc.
Strong domain expertise and technology implementation/integration experience in one or more areas such as Identity & Access Management, Application Security and Container Security
Experience building secure architectures using cloud native technologies in AWS and/or Azure
Knowledge of and prior hands-on experience in a wide variety of security tools/technologies
Deep understanding of common web application attacks and manual penetration testing process
Excellent communicator who is comfortable discussions with technical, and architecture teams and presenting to executive management
Excellent written as well as verbal communication skills
Uncompromising personal and professional integrity and ethics
Education and Experience Required:
B.S
in computer science, information systems, engineering or related field. Advanced degree preferred; i.e. MBA or MS
At least
10+
years of related security experience
3+
years' experience leading, managing security architecture/product security teams
One or more Industry-standard security certifications (such as CISSP, CSSLP, CCSP, SANS/GIAC)
#LI-SG1
#LI-Remote
#J-18808-Ljbffr
