Xerox Jobs

Offensive Security Engineer (Associate Analyst, IM Security)

General information

City: Gurugram, Bangalore, Cochin

State/Province: Haryana, Karnataka, Kerala

Country: India

Department: Information Management

Date: Wednesday, October 7, 2020

Working time: Full-time

Ref#: 20009743

Job Level: Individual Contributor

Job Type: Experienced

Job Field: Information Management

Description & Requirements

Xerox (NYSE: XRX) makes every day work better. We are a workplace technology company, building and integrating software and hardware for enterprises large and small. As customers seek to manage information across digital and physical platforms, Xerox delivers a seamless, secure and sustainable experience. Whether inventing the copier, the ethernet, the laser printer or more, Xerox has long defined the modern work experience. Learn more at www.xerox.com and explore ourcommitment to diversity and inclusion. (https://www.xerox.com/en-us/jobs/diversity)

Offensive security engineer is responsible for securing Xerox applications and networks by identifying threats, vulnerabilities using a combination of automated and manual techniques and collaborating with application teams to prioritize and remediate the vulnerabilities.

Timings: 2 PM to 10:30 PM(IST)

Location: Kochi, Gurgaon, Bangalore

Primary Responsibilities:

Perform penetration testing on applications/products to identify security vulnerabilities

Participate in red team exercise on web applications and network

Continuous research on new attack vectors/techniques impacting enterprise applications/networks

Work with cross functional teams to align and prioritize remediation efforts

Provide technical guidance to developers on secure coding practices

Develop secure code practices and provide hands-on training to development teams

Develop scripts, tools, or methodologies to enhance offensive security capabilities

Knowledge and Skills Required :

4-6 years of offensive security responsibilities

Expertise in performing penetration testing on web, mobile, IoT and client server applications

Experience performing automated security testing using static and dynamic scanning tools

Prior experience participating in red team exercises

Experience performing manual code reviews

Prior software development experience is a plus

Strong manual penetration testing and exploit development experience

Knowledge of applicable industry standards, leading security practices and regulatory requirements

Strong exposure to popular application security standards including OWASP TOP 10, SANS TOP 25 etc.

Proficiency with at least one of the following programming languages desired: Java, .Net, C, C++, PHP

Strong interpersonal skills as well as excellent written and verbal communication skills

Uncompromising personal and professional integrity and ethics

Qualifications:

Education Requirements:

• Bachelor’s Degree in Cybersecurity, Computer Science, Information Systems, or related field.

Professional Certifications:

• Preferred – A technical certification such as OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN or equivalent is desired.

Xerox is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. Learn more at www.xerox.com and explore ourcommitment to diversity and inclusion! (https://www.xerox.com/en-us/jobs/diversity) People with disabilities who need a reasonable accommodation to apply or compete for employment with Xerox may request such accommodation(s) by sending an e-mail to XeroxStaffingAdminCenter@xerox.com. Be sure to include your name, the job you are interested in, and the accommodation you are seeking.

© 2020 Xerox Corporation. All rights reserved. Xerox® and Xerox and Design® are trademarks of Xerox Corporation in the United States and/or other countries.