Xerox Vulnerability Management Program Manager in Raleigh, North Carolina
The objective of the Vulnerability Management Program is to ensure the integrity of Xerox IT systems by proactively evaluating our systems for weaknesses in software security.
To that end, the primary responsibilities include:
Maintain a cohesive program of processes and tools tofacilitate assessment, communication, and remediation of vulnerabilitiesas they are discovered per program operations, collaborating with theservice supplier supporting program execution.
Maintaining tools’ design documentation through thetools’ lifecycle as well as operational procedures with service suppliers.As business needs evolve, to lead the strategic planning and ideation ofsecurity tools that aid in the objectives to manage IT security risk tosystems and software.
Understand the overall systems’ risk profile of theorganization, establishing security objectives that support the riskmanagement and compliance programs in a cohesive fluid manner.
Enforce policy and standards regarding vulnerabilityremediation, validating the same through monthly and quarterly reportingin a meaningful way to at least 2 audiences, IT practitioners and seniormanagement. Experience in the security management of shared servicesacross various platforms with various technologies and value chainpartners in data center environments is preferred.
Collaborativetracking of gap closure and remediation plans with internal and externalcontacts/suppliers
Facilitationof the vulnerability management plan for shared processing environments,including response to quantified risks, which may involve acceptance,transfer, reduction or elimination.
Assistwith the development of agreed upon countermeasures and contingency plans.
Monitorstatus of risks, and reports status and need for action to seniormanagement.
Demonstrateeffective communication of security issues to business managers andothers.
Applyand maintain specific security controls as required by organizationalpolicy and local risk assessments to maintain confidentiality, integrityand availability of business information systems.
Maintainknowledge of the security disciplines at a detailed level, continuedpersonal growth and technical proficiency.
Learn more at www.xerox.com and explore our commitment to diversity and inclusion! at https://www.xerox.com/en-us/jobs/diversity
• Associates Degree in Computer Science, Information Systems, or related field.
• Preferred – A technical certification such as CISSP, SANS GSEC, CISA, or equivalent is desired.
Candidate Background: Skills, Knowledge and Abilities:
Experiencein managing risk in a shared services/data center environment with provenresults in reduction/management of information risk.
Demonstratesanalytical and systematic approach to problem solving.
Usesdiscretion in identifying and resolving complex problems, understandingif/when to escalate to a higher level.
Abilityto interact with and influence project/program/IT teams in balancingsecurity needs with business needs.
Effectivelyand persuasively communicates security risks in business terms.
Takesinitiative and works well independently and on a team.
Possesses good technicalunderstanding and takes initiative to remain up to date with informationsecurity skills and fosters an attitude of continual learning/adapting.
Xerox is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. Learn more at www.xerox.com at https://www.xerox.com/ and explorer our commitment to diversity and inclusion! at https://www.xerox.com/en-us/jobs/diversity People with disabilities who need a reasonable accommodation to apply or compete for employment with Xerox may request such accommodation(s) by sending an e-mail to XeroxStaffingAdminCenter@xerox.com. Be sure to include your name, the job you are interested in, and the accommodation you are seeking.
© 2019 Xerox Corporation. All rights reserved. Xerox® and Xerox and Design® are trademarks of Xerox Corporation in the United States and/or other countries.
Title: Vulnerability Management Program Manager
Location: North Carolina-Raleigh
Requisition ID: 19004262