Offensive Security Lead(analyst Ii, Im Security) Job in Xerox

Description & Requirements

Xerox (NYSE: XRX) makes every day work better. We are a workplace technology company, building and integrating software and hardware for enterprises large and small. As customers seek to manage information across digital and physical platforms, Xerox delivers a seamless, secure and sustainable experience. Whether inventing the copier, the ethernet, the laser printer or more, Xerox has long defined the modern work experience. Learn more at [1] and explore our [2] commitment to diversity and inclusion.

Designation: Offensive Security Lead (Analyst II, IM Security)

Location: Kochi

Timings: 1 PM to 10 PM(IST)

Experience: 8 to 12 years

Qualification:

Education Requirements: B.E./ B.Tech./ MCA (Cybersecurity, Computer Science, Information Systems, or related field)

Professional Certifications:

Preferred A technical certification such asOSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPNor equivalent is desired.

Offensive security lead is responsible for leading a team of security experts focused on securing Xerox applications and networks by identifying threats, vulnerabilities using a combination of automated and manual techniques and collaborating with application teams to prioritize and remediate the vulnerabilities.

Primary Responsibilities

• Technically lead a team of penetration testers focused on application and network penetration testing

• Build process, tools and methodologies to drive security assessments

• Continuously enhance capabilities and skills of the team that aligns with the strategy

• Responsible to maintain overall quality of the team deliverables from security assessments

• Perform penetration testing on applications/products to identify security vulnerabilities

• Develop, drive and deliver red team exercise on web applications and networks

• Develop scripts, tools, or methodologies to enhance offensive security capabilities

• Continuous research on new attack vectors/techniques impacting enterprise applications/networks

• Work with cross functional teams to align and prioritize remediation efforts

• Provide technical guidance to developers on secure coding practices

• Develop secure code practices and provide hands-on training to development teams

Knowledge and Skills Required

• 8+ years of experience with offensive security and red team responsibilities

• 2+ years experience leading offensive security and red team

• Expertise in performing penetration testing on web, mobile, IoT and client server applications

• Experience performing automated security testing using static and dynamic scanning tools

• Experience performing manual code reviews

• Prior software development experience is a plus

• Strong manual penetration testing and exploit development experience

• Knowledge of applicable industry standards, leading security practices and regulatory requirements

• Strong exposure to popular application security standards including OWASP TOP 10, SANS TOP 25 etc.

• Proficiency with at least one of the following programming languages desired: Java, .Net, C, C++, PHP

• Strong interpersonal skills as well as excellent written and verbal communication skills

• Uncompromising personal and professional integrity and ethics

Xerox is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. Learn more atand explore ourPeople with disabilities who need a reasonable accommodation to apply or compete for employment with Xerox may request such accommodation(s) by sending an e-mail to XeroxStaffingAdminCenter@xerox.com. Be sure to include your name, the job you are interested in, and the accommodation you are seeking