Security Engineer, Investigations And Threat Intelligence(analyst Ii, Im Security) Job in Xerox

Description & Requirements

Xerox (NYSE: XRX) makes every day work better. We are a workplace technology company, building and integrating software and hardware for enterprises large and small. As customers seek to manage information across digital and physical platforms, Xerox delivers a seamless, secure and sustainable experience. Whether inventing the copier, the ethernet, the laser printer or more, Xerox has long defined the modern work experience. Learn more at and explore our

Designation: Security Engineer, Investigations and Threat Intelligence (Analyst II, IM Security)

Location: Kochi

Timings: 1 PM to 10 PM(IST)

Experience: 4 to 6 years

Qualification:

Education Requirements: B.E./ B.Tech./ MCA (Cybersecurity, Computer Science, Information Systems, or related field)

Professional Certifications:

Preferred A technical certification such as GCFE, GREM, CISSP, CISA, or equivalent is desired.

Description:

Serve as the primary researcher of threats against the Xerox reputation, brand, and systems through multiple threat intelligence sources and to communicate the same to a network of cyber security practitioners across Xerox for awareness and/or action to mitigate the threat(s).

The Security Intelligence analystworks with thecyber security operations team to make accurate, risk-based decisions on where to focus security efforts that will protect our revenue streams andyield the highest ROI from expended security resources.

Primary Responsibilities:

1. Maintain a research regimen of continuous monitoring and alerting of threats discovered and/or realized in the industry and analyzing the applicability and potential impact to Xerox systems/resources through:

a.Collect and process both technical and non-technical, internal and external, threat intelligence

b.Attention to detail in gathering pertinent, relevant data instrumental to analyzing applicability across a broad range of resources and stakeholders within Xerox.

c.Maintaining a clear understanding of the Xerox footprint and the relevant technologies that should be monitored for new threats/vulnerabilities, particularly that may escalate our response needs beyond standard security policy/standards for remediation.

d.Communicating both verbally and electronically in a clear, concise, manner being careful to document the immediate ask and /or long-term actions required to neutralize the threat.

e.Develop executivebriefings

2.Maintain integration of threat intelligence sources with the Security Incident & Event Management Tool

3.Maintain the SharePoint communication vehicle for proactive communications and tracking of CSIRT Sev 1 events to closure

a.Support detection and response teams with context and analysis support, provide industry expertise and recommend relevant remediation and countermeasures

4. Monitor threat sources continually based on input from Xerox Product Security, Corporate Security, and threats against systems & software of prevalent use in the conduct of Xerox business.

5.Collaborate with the cyber security incident response team if/when necessary to analyze threats and/or status across the Xerox landscape, supporting incident closure as warranted.

6.Collaborate with the vulnerability management program manager in establishing a robust program to prioritize remediation activities against threats/vulnerabilities specific to the Xerox landscape in light of the current threat intelligence data.

Knowledge and Skills Required

• A working knowledge and/or experiencein analysis in investigations, such as in IT, law enforcement, military intelligence, or business analytics forat least 2-4 years.
• Statistical modeling and analysis experience to infer possible cyber security threats.
• Interest in learning about Windows, Linux, Database, Application, Web server, firewall, SIEM etc. log analysis.
• Effectively and persuasively communicates security risks in business terms.
• Uses discretion in identifying and resolving complex problems, understanding if/when to escalate to a higher level.
• Ability to interact with and influence project/program/IT teams in balancing security needs with business needs.
• Must be highly motivated with the ability to self-start, prioritize, multi-task and work in a team setting.
• Possesses good technical understanding, takes initiative to remain up to date with cyber security skills, and fosters an attitude of continual learning/adapting.

2020 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United States and/or other countries.