General Information

Country
India
Department
Information Management
Date
Tuesday, February 20, 2024
Working time
Full-time
Ref#
20031667
Job Level
Individual Contributor
Job Type
Experienced
Job Field
Information Management
Seniority Level
Associate

Description & Requirements

About Xerox Holdings Corporation
At Xerox, we make work, work! For more than 100 years, Xerox has continually redefined the workplace experience. From the office to industrial environments, our differentiated business and technology offerings and financial services are essential workplace technology solutions that drive success for our clients. 


The Offensive security engineer is responsible for securing Xerox applications and networks by identifying threats, and vulnerabilities using a combination of automated and manual techniques and collaborating with application teams to prioritize and remediate the vulnerabilities.


Designation: Offensive Security Engineer

Qualification: Bachelor’s Degree in Cybersecurity, Computer Science, Information Systems, or related field.


Professional Certifications:

Preferred – A technical certification such as OSCP, OSWP, GPEN, GWAPT, OSWE, OSEP, OSED, OSEE, GXPN, eJPT, eWPTX or equivalent is desired.


Timings: 1 PM to 10 PM(IST)

Location: Bangalore, Kochi, Gurgaon, Remote

Role: Individual Contributor


Primary Responsibilities

  • Perform penetration testing on applications/products to identify security vulnerabilities.
  • Automate penetration and other security test activities on networks, system and applications.
  • Participate in red team exercise to simulate threat actors TTP.
  • Continuous research on new attack vectors/techniques impacting enterprise applications/networks.
  • Work with cross-functional teams to align and prioritize remediation efforts.
  • Provide technical guidance to developers on secure coding practices.
  • Develop secure code practices and provide hands-on training to development teams.
  • Develop scripts, tools, or methodologies to enhance offensive security capabilities.


Knowledge and Skills Required

  • 4-6 years of offensive security responsibilities
  • Expertise in performing penetration testing on web, mobile, IoT and client. server applications
  • Strong understanding of common vulnerabilities, attack vectors and corresponding mitigation techniques
  • Prior experience participating in red team exercises.
  • Experience performing manual code reviews.
  • Strong manual penetration testing and exploit development experience
  • Prior software development experience is a plus.
  • Knowledge of applicable industry standards, leading security practices and regulatory requirements
  • Strong exposure to popular application security standards including OWASP TOP 10, SANS TOP 25 etc.
  • Proficiency with at least one of the following programming languages desired: Java, .Net, C#, C, C++
  • Strong interpersonal skills as well as excellent written and verbal communication skills
  • Uncompromising personal and professional integrity and ethics
#LI-Remote
#LI-SG1
< Go back