Xerox is the world’s leading enterprise for business process and document management. Its services, technology, and expertise enable workplaces – from small businesses to large global enterprises – to simplify the way work gets done so they operate more effectively and focus more on what matters most: their real business. Xerox offers business process outsourcing and IT outsourcing services, including data processing, healthcare solutions, HR benefits management, finance support, transportation solutions, and customer relationship management services for commercial and government organizations worldwide. The company also provides extensive leading-edge document technology, services, software and genuine Xerox supplies for graphic communication and office printing environments of any size. Xerox serves clients in more than 160 countries. For more information, visit www.xerox.com, www.news.xerox.com, www.realbusiness.com or www.xerox.com/businessservices.
If you meet the requirements of this position and want to work for a world-class company with a great marketplace reputation, apply today.
IT Security is a highly visible team dedicated to the ensuring the proper protection of Xerox’s MD DHR Client’s data and resources. We are a specialized, dedicated group with responsibilities covering sensor monitoring, vulnerability scanning, network security, incident response, and application security. We also support the various initiatives that include policies and procedures, as well as auditing projects. We’re looking for passionate, self-motivated IT professionals to help us get the job finished in-line and on-time.
Position Duties and Responsibilities:
You will evaluate, implement, maintain, and monitor IT security measures utilized by Xerox’s MD DHR Client. You will work on existing systems while also supporting a variety of new IT initiatives. You will quickly and easily analyze and understand the department and organization needs to effectively exercise technical leadership over Xerox’s MD DHR Client’s security topology and processes.
· Providing security support for Xerox MD DHR project development and existing MD DHR applications
· Acting as a security liaison to the application developer and project management groups
· Leading the incident response team, including directing engineers and analysts in triaging security incidents and keeping the Security Manager appraised of incident status
· Assist with updating and implementing the annual security awareness training, annual developer training, and annual administrator security training
· Working with the IT program groups and IT support vendors to evaluate and improve IT vendor security posture
· Validating remediation efforts of findings related to vulnerability and system configurations
· Responding to day-to-day IT operations and internal requirements requiring security support
· Assist in identifying security initiative gap assessments
· Implementing, testing, and maintaining defined security solutions
· Defining desired state for people, process, and technology solutions that are to be utilized to support other IT efforts
Required Education and Experience
· You have gained 6 to 8 years of experience completing similar duties as outlined above
· You have technical training in IT and IT security, including a CISSP or CEH certification
· You possess a Bachelor’s degree from an accredited college and/or university (Information Technology) or equivalent experience
· You have 3 years or more of RMF or NIST knowledge requirements
· You have 3 or more years of IT network knowledge/implementation experience (e.g., firewalls, secure topologies/architectures, intrusion detection/analysis, Microsoft/UNIX/OS security, vulnerability assessments)
· You have 3 or more years with experience with reviewing Intrusion Detection reports incident response and computer forensic experience
· You have 3 or more years of identifying application development security concerns and the ability to define and test application security requirements
· You have 3 or more years of experience with administering firewalls and leveraging working knowledge of system administration for Mainframe, Unix, Middleware, CISCO, Linux and Microsoft operating systems
· You have an understanding of application assessment software (WebInspect or others)
· You have previously been responsible for security information / event manager configuration
· You have 2 or more years of experience assessing applications for security issues and creating solutions
· You have MS Office professional tools suite experience
· You are an analytical thinker who solves problems and develops continually more effective solutions to them
· You can make informed decisions quickly and leverage your communication abilities to implement them
The following skills are desired:
· Database security/hardening
· Experience with the rollout of Enterprise class security tools
· You have PERL and/or shell scripting knowledge
All other duties as assigned.
Xerox is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply or compete for employment with Xerox may request such accommodation(s) by sending an e-mail to email@example.com. Be sure to include your name, the job you are interested in, and the accommodation you are seeking.
JOB: IM Security
ORGANIZATION: Public Sector Operations
TITLE: Sr. Security Engineer
REQUISITION ID: 16025329
VIRTUAL/WORK FROM HOME? Yes