General Information

Country
India
Department
IM SECURITY
Date
Thursday, May 2, 2024
Working time
Full-time
Ref#
20033182
Job Level
Individual Contributor
Job Type
Experienced
Job Field
IM SECURITY
Seniority Level
Associate

Description & Requirements

About Xerox Holdings Corporation
For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we’ve expanded into software and services to sustainably power today’s workforce. From the office to industrial environments, our differentiated business solutions and financial services are designed to make every day work better for clients — no matter where that work is being done. Today, Xerox scientists and engineers are continuing our legacy of innovation with disruptive technologies in digital transformation, augmented reality, robotic process automation, additive manufacturing, Industrial Internet of Things and cleantech. Learn more at www.xerox.com and explore our commitment to diversity and inclusion.

Job Title: Vulnerability Management Program Manager
Location:  Bangalore
Total Experience: 7-12 years  
  • Min 7 years of experience of in enterprise vulnerability scanning tools such as Tenable 
  • Min 5+ years’ experience leading vulnerability management program for large enterprises.
Education: Bachelor’s Degree in Computer Science, Engineering, Information Security, or related field. 
Work Mode: Remote
Shift Timing: 1 PM-10 PM IST 

Technical Skills:
  • Technical cyber security certification CISSP, SANS, GSEC, CISA, etc.
  • Experience in managing risk in a shared services/data center/cloud environment with proven results in reduction/management of risk.
Good to  Have: 
  • Good technical understanding of infrastructure vulnerabilities.
  • Ability to interact with and influence project/program/IT teams in balancing security needs. 
Purpose:
  • The objective of the Vulnerability Management Program is to ensure the integrity of Xerox IT systems, proactively evaluating them for weaknesses in software security. To that end, a cohesive program must be maintained of processes and tools to facilitate assessment, communication, and remediation of vulnerabilities as they are discovered.
Primary Responsibilities: 
  • Lead various activities in vulnerability management program including planning,execution, reporting of infrastructure vulnerabilities 
  • Maintain scanning solution infrastructure and strategic roadmap. As business needs evolve, lead the strategic planning and ideation of security tools that aid in the objectives to manage IT security risk to systems and software. 
  • Configure, schedule, and perform automated vulnerability/compliance scanning on both Xerox external and internal infrastructure. 
  • Troubleshoot and repair vulnerability scanning issues across a complex landscape. 
  • Own and manage entire vulnerability lifecycle from discovery to remediation. 
  • Create vulnerability reports and communicate to the asset owners. 
  • Prioritize and guide remediation efforts and track vulnerabilities to closure. 
  • Alert infrastructure owners on critical vulnerabilities and escalate for urgent remediation 
  • Maintain environment documentation through the tools’ lifecycle as well as operational procedures with service suppliers. 
 Preferred Skills:
  • Technical cyber security certification CISSP, SANS, GSEC, CISA, etc. 
  • Min 12 years of experience of in enterprise vulnerability scanning tools such as Tenable or Qualys. 
  • Good technical understanding of infrastructure vulnerabilities. 
  • Min 5+ years’ experience leading vulnerability management program for large enterprises 
  • Experience in managing risk in a shared services/data center/cloud environment with proven results in reduction/management of risk. 
  • Ability to interact with and influence project/program/IT teams in balancing security needs with business needs 
  • Effectively, and persuasively communicates security risks in business terms. 
  • Takes initiative to remain up to date with information security skills and fosters and attitude of continual learning / adapting 
  • Strong analytical skills with an emphasis on fact based reporting/summaries using technologies 
  • Good time management and attention to detail 
  • Maintains knowledge of the technical specialism at a detailed level and is responsible for own personal growth and technical proficiency. 

#LI-SS1
#LI-Remote
< Go back