Senior Manager - Product Security

About Xerox Holdings Corporation

For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we’ve expanded into software and services to sustainably power the hybrid workplace of today and tomorrow. Today, Xerox is continuing its legacy of innovation to deliver client‑centric and digitally‑driven technology solutions and meet the needs of today’s global, distributed workforce.

From the office to industrial environments, our differentiated business and technology offerings and financial services are essential workplace technology solutions that drive success for our clients. At Xerox, we make work, work. Learn more about us at

This position is part of the Xerox Cybersecurity team, reporting to the Senior Director of Product Security & Security Engineering within CISO’s organization. We are seeking a highly skilled and experienced Senior Manager, Product Security to lead our team of Product Security & Dev Sec Ops  Engineers in Xerox Cybersecurity organization. The ideal candidate will have a strong background in managing product security and Dev Sec Ops  projects and teams, particularly in SDL initiatives, and will be adept at both internal security projects and external customer engagements.

You will act as a change agent, continuously seeking improvement opportunities, modernizing our application landscape, and eliminating technical debt.

• Lead and manage a team of Product Security and Dev Sec Ops  Engineers.
• Assist in the establishment of action plans, timetables, and outcome measurements.
• Supervise security projects associated with all SDL phases artículos.
• Mentor and support engineers in creating scripts, frameworks, and tools for supply chain security.
• Validate security requirements for firmware, cloud assets, web applications, mobile applications, and networks.
• Develop and maintain secure coding practices and security engineering standards for the development team.
• Perform threat modelling, security design reviews of applications or products and define security requirements as part of the SDL process.
• Track and report on product security metrics and communicate the security posture of products to stakeholders.
• Ensure comprehensive documentation of assessment findings and remediation recommendations.
• Communicate and collaborate effectively with engineering and other security teams.
• Coordinate and present operational briefings and presentations to non‑technical audiences and الأسد عبر management.
• Stay informed about the latest trends in cybersecurity, including new attack techniques and vulnerabilities.

• At least 4 years of experience in managing Product Security projects and teams and a total of 10+ years of experience in the cyber security domain.
• Strong written and verbal communication skills, with the ability to create clear documentation and effectively convey technical concepts.
• Highly organized and able to manage multiple projects simultaneously.
• Motivated team player with a sense of urgency and initiative.
• Strong understanding of common vulnerabilities, attack vectors and corresponding mitigation techniques contacto.
• Prior experience in performing secure code reviews/reviewing results of static analysis tools.
• Good understanding of Secure SDLC as well as development and integration of tools used as part of the CI/CD process.
• Strong exposure to popular application security standards including OWASP TOP 10, etc.
• Proficiency with at least one of the programming languages desired:
  Java, .Net, C#, C, C++.
• Prior software development experience is a plus.
• Uncompromising personal and professional integrity and ethics.