Sr. Security Engineer, Product Security

5 Months ago • 8 Years + • Cyber Security

Job Summary

Job Description

The Sr. Security Engineer, Product Security will provide technical leadership to a team securing Xerox's digital platforms. Responsibilities include assessing applications for vulnerabilities, implementing secure SDLC processes, performing secure code reviews, developing security automation tools, defining security requirements, conducting security training, reporting on security metrics, researching industry trends, and acting as a security evangelist. This role requires strong application security expertise and collaboration skills.
Must have:
  • Assess applications for vulnerabilities
  • Implement secure SDLC processes
  • Secure code reviews/static analysis
  • Develop security automation tools
  • Threat modelling, security design reviews
  • Security training for development teams
  • Report on product security metrics
  • 8+ years cybersecurity experience, 5+ in product security
Good to have:
  • Java, .Net, C#, C, C++ experience
  • Prior software development experience

Job Details

About the job


About Xerox Holdings Corporation

For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we’ve expanded into software and services to sustainably power today’s workforce. From the office to industrial environments, our differentiated business solutions and financial services are designed to make every day work better for clients — no matter where that work is being done. Today, Xerox scientists and engineers are continuing our legacy of innovation with disruptive technologies in digital transformation, augmented reality, robotic process automation, additive manufacturing, Industrial Internet of Things and cleantech. Learn more at www.xerox.com and explore our commitment to diversity and inclusion.

Summary:

This position is part of the Xerox Cyber Security team that is responsible for driving security of Xerox digital platforms. The qualified candidate will provide technical leadership to a multidisciplinary product security team that is responsible for securing enterprise systems, applications, and products across a broad spectrum of technologies. The candidate must demonstrate a passion for application security and lead by example that fosters continued growth and technical expertise within the team.

Responsibilities include, but are not limited to:

  • Assess applications and products for security vulnerabilities and design flaws
  • Implement secure SDLC processes through effective collaboration
  • Manual and Automated Secure Code Review
  • Development of security automation tools
  • Develop and maintain secure coding practices and security engineering standards for the development team
  • Perform threat modelling, security design reviews of application or products and define security requirements as part of SDLC process
  • Security training for internal development teams
  • Track and report on product security metrics and communicate the security posture of products to stakeholders.
  • Research, analyze and report on security industry trends and products
  • Serve as a security evangelist for executive management and business stakeholders.

Knowledge and Skills Required:

  • Strong understanding of common vulnerabilities, attack vectors and corresponding mitigation techniques
  • Experience in performing secure code reviews/reviewing results of static analysis tools
  • In-depth understanding of secure coding practices and secure development life cycle principles.
  • Good understanding of SSDLC as well as development and integration of tools used as part of CI/CD process
  • Have good understanding of authentication and authorization standards and protocols (SAML, Oauth, LDAP etc.)
  • Strong exposure to popular application security standards including OWASP TOP 10, SANS TOP 25 etc.
  • Proficiency with at least one of the following programming languages desired: Java, .Net, C#, C, C++
  • Prior software development experience is a plus.
  • Strong interpersonal skills as well as excellent written and verbal communication skills
  • Uncompromising personal and professional integrity and ethics

Education and Experience Required:

  • B.S in computer science, information systems, engineering or related field.
  • Advanced degree preferred, i.e. MBA or MS
  • Over 8 years of experience in cybersecurity, with at least 5 years in product security
  • One or more Industry-standard security certifications (such as OSCP, OSWE, CWEE, OSED)

Similar Jobs

Google - Staff Software Engineer

Google

Maharashtra, India (On-Site)
2 Days ago
Canva - Senior Backend Engineer (Java)

Canva

Sydney, New South Wales, Australia (Remote)
3 Months ago
Boomi - Software Engineer - Quality

Boomi

India (On-Site)
1 Day ago
Google - Software Engineer, Early Career, Campus

Google

São Paulo, State Of São Paulo, Brazil (On-Site)
2 Days ago
ByteDance - Site Reliability Engineer

ByteDance

San Jose, California, United States (On-Site)
1 Month ago
ByteDance - Executive Protection Specialist

ByteDance

Singapore (On-Site)
1 Month ago
PwC - Financial Sector Cyber Security Senior Manager

PwC

Amsterdam, North Holland, Netherlands (On-Site)
3 Months ago
Google - Security Analyst, Cloud Threat Detection

Google

Dublin, County Dublin, Ireland (On-Site)
2 Weeks ago
PwC - Risk Services - AI Strategy Lead

PwC

Singapore (On-Site)
7 Months ago
Microsoft - Senior Software Engineer

Microsoft

Mountain View, California, United States (On-Site)
2 Weeks ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Maxis Studios - Senior Multiplayer & Online Engineer

Maxis Studios

Melbourne, Victoria, Australia (Hybrid)
2 Weeks ago
ByteDance - Backend Software Engineer - Security Engineering

ByteDance

San Jose, California, United States (On-Site)
1 Month ago
Next Level Business Services - Java Developer

Next Level Business Services

El Segundo, California, United States (On-Site)
6 Months ago
NCR Atleos - Site Reliability Engineer

NCR Atleos

Hyderabad, Telangana, India (Hybrid)
18 Hours ago
Attentive - Engineering Manager

Attentive

San Francisco, California, United States (Hybrid)
4 Months ago
N-iX - Senior Frontend Engineer

N-iX

Ukraine (Remote)
2 Weeks ago
Netflix - Software Engineer (L4/L5) - Enablement Apps

Netflix

Warsaw, Masovian Voivodeship, Poland (On-Site)
2 Months ago
Applike Group - Software Developer - Working Student

Applike Group

Hamburg, Hamburg, Germany (Hybrid)
1 Day ago
Google - Web Solutions Engineer

Google

Bengaluru, Karnataka, India (On-Site)
2 Weeks ago
Flexera - Senior Site Reliability Engineer

Flexera

Bengaluru, Karnataka, India (Hybrid)
7 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Bengaluru, Karnataka, India

CubicDesignz - Motion Graphic Designer

CubicDesignz

Chennai, Tamil Nadu, India (On-Site)
7 Months ago
Fluxon - Senior Software Engineer

Fluxon

Hyderabad, Telangana, India (Remote)
6 Months ago
Dream Sports - Software Development Engineer 3 - Backend (Platform)

Dream Sports

Mumbai, Maharashtra, India (On-Site)
1 Month ago
Suki - Clinical Quality Specialist - II

Suki

Bengaluru, Karnataka, India (On-Site)
18 Hours ago
Google - Technical Program Manager, Lab Carrier Certification

Google

Bengaluru, Karnataka, India (On-Site)
2 Days ago
DNEG - Production Supervisor/Coordinator

DNEG

Mumbai, Maharashtra, India (On-Site)
1 Month ago
Zuora - Sr Software Developer Engineer in Test

Zuora

Chennai, Tamil Nadu, India (Hybrid)
7 Months ago
PwC - SAP MM - Senior Associate

PwC

Bengaluru, Karnataka, India (On-Site)
6 Months ago
Circles - Senior Software Engineer (Backend)

Circles

Bengaluru, Karnataka, India (On-Site)
7 Months ago
Kwalee - Product Analyst

Kwalee

Bengaluru, Karnataka, India (On-Site)
3 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

PwC - Assurance Technology Risk & Quality Manager

PwC

Dublin, County Dublin, Ireland (On-Site)
6 Months ago
Google - Senior Cyber Security Consultant

Google

Sydney, New South Wales, Australia (On-Site)
2 Days ago
Google - Senior Cloud Security Architect

Google

Dubai, Dubai, United Arab Emirates (On-Site)
2 Days ago
Fortis Games - Senior Cloud Security Engineer

Fortis Games

Hungary (On-Site)
2 Months ago
PwC - IN_Senior Associate _Cloud Security Expert_Advisory Corporate_Advisory_Kolkata

PwC

Kolkata, West Bengal, India (On-Site)
5 Months ago
Trend Micro - (Sr.) Cloud Developer (Security Playbooks)

Trend Micro

Taipei City, Taiwan (On-Site)
7 Months ago
Varonis  - Technical Support Engineer L2

Varonis

New Delhi, Delhi, India (Remote)
4 Weeks ago
Glean - Software Engineer, Security

Glean

Palo Alto, California, United States (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded