Job Description

For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we've expanded into software and services to sustainably power today's workforce. From the office to industrial environments, our differentiated business solutions and financial services are designed to make every day work better for clients - no matter where that work is being done. Today, Xerox scientists and engineers are continuing our legacy of innovation with disruptive technologies in digital transformation, augmented reality, robotic process automation, additive manufacturing, Industrial Internet of Things and cleantech. Learn more at and explore ourSummary:This position is part of the Xerox Cyber Security team that is responsible for driving security of Xerox digital platforms. The qualified candidate will provide technical leadership to a multidisciplinary product security team that is responsible for securing enterprise systems, applications, and products across a broad spectrum of technologies. The candidate must demonstrate a passion for application security and lead by example that fosters continued growth and technical expertise within the team.Responsibilities include, but are not limited to:

• Assess applications and products for security vulnerabilities and design flaws
• Implement secure SDLC processes through effective collaboration
• Manual and Automated Secure Code Review
• Development of security automation tools
• Develop and maintain secure coding practices and security engineering standards for the development team
• Perform threat modelling, security design reviews of application or products and define security requirements as part of SDLC process
• Security training for internal development teams
• Track and report on product security metrics and communicate the security posture of products to stakeholders.
• Research, analyze and report on security industry trends and products
• Serve as a security evangelist for executive management and business stakeholders.

Knowledge and Skills Required:

• Strong understanding of common vulnerabilities, attack vectors and corresponding mitigation techniques
• Experience in performing secure code reviews/reviewing results of static analysis tools
• In-depth understanding of secure coding practices and secure development life cycle principles.
• Good understanding of SSDLC as well as development and integration of tools used as part of CI/CD process
• Have good understanding of authentication and authorization standards and protocols (SAML, Oauth, LDAP etc.)
• Strong exposure to popular application security standards including OWASP TOP 10, SANS TOP 25 etc.
• Proficiency with at least one of the following programming languages desired: Java, .Net, C#, C, C++
• Prior software development experience is a plus.
• Strong interpersonal skills as well as excellent written and verbal communication skills
• Uncompromising personal and professional integrity and ethics

Education and Experience Required:

• B.S in computer science, information systems, engineering or related field.
• Advanced degree preferred, i.e. MBA or MS
• Over 8 years of experience in cybersecurity, with at least 5 years in product security
• One or more Industry-standard security certifications (such as OSCP, OSWE, CWEE, OSED)

#LI-SG1#LI-RemoteShare this job:Xerox is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity or expression, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. Learn more at and explore our commitment to diversity and inclusion! People with disabilities who need a reasonable accommodation to apply or compete for employment with Xerox may request such accommodation(s) by sending an e-mail to talentacquisitionsupport@xerox.com. Be sure to include your name, the job you are interested in, and the accommodation you are seeking.xc2xa9 2024 Xerox Corporation. All rights reserved. Xeroxxc2xae and Xerox and Designxc2xae are trademarks of Xerox Corporation in the United States and/or other countries.

Xerox