1+ months

Analyst II, IM Security - 19004739

Affiliated Computer Services
Kochi, KL 682005
  • Jobs Rated

Xerox (NYSE: XRX) makes every day work better. We are a workplace technology company, building and integrating software and hardware for enterprises large and small. As customers seek to manage information across digital and physical platforms, Xerox delivers a seamless, secure and sustainable experience. Whether inventing the copier, the ethernet, the laser printer or more, Xerox has long defined the modern work experience. Learn more at www.xerox.com and explore our commitment to diversity and inclusion.

The Application Security team is part of the Global Security Services organisation responsible for the defining the security strategy aligned to the business directives and vision of the company.

The role reports to the Application Security team which has responsibilities for the security architecture, secure design and build and monitoring and maintaining robust configurations and secure baseline which underpins our layered defence.
The role will have increased focus on SAP and non-SAP ERP managed applications which include but is not limited to on-Premise and SaaS Applications, and centrally supported systems covering Business operations and entities across Xerox, and primarily in International Operations. The current SAP systems are implemented in over 20 countries in Europe and Developing Market Operations countries that make up the International Operations region  and is used to deliver, business operations, solutions, management reporting and legal accounts.


The role has responsibility for establishing, revising and maintaining general computer controls, platform security, access control and authentication protocols, communication security, and ensuring Xerox Information security and compliance policies are adhered to across the managed portfolio of systems. There is also a particular focus on the access controls and utilization of governance, risk and compliance tools, including SAP GRC, QRadar, and other threat detection and  security management  tools to ensure visibility, governance and compliance management.


Major Responsibilities
Protect Xerox confidential data; Information Systems and Audit tools.

Monitor Third Party Service Provider to ensure compliance to agreed policies, processes and procedures for Security & Authorisation including Oracle Database Compliance. This may include attendance and participation at quarterly reviews.


Assist Country Financial Controllers with SAP and other ERP Applications Security and Authorisation processes to ensure they are adhered to for both Internal and External Audits,


Assist the approval process and development of Roles and Profiles to ensure compliance with agreed Security and Authorisation, and Change Management guidelines.

Responsible for ensuring SAP and other ERP Applications changes/new implementations/upgrades conform to all Security and Authorisation Standards, which include compliance to segregation of duties and to rules and restrictions for sensitive transactions.


Perform periodic reviews by monitoring Application and Database Security Logs and follow up on application security issues/vulnerabilities to ensure continuous compliance.


Support systems and platform security configurations review.


Review changes to Xerox IT Security and Compliance policies, and initiate / track compliance actions to completion.


Support maintenance of local Process Design Documents, policies and procedures.


Actively participate in the change Programmes to ensure solution design and implementation complies with internal and external requirements.

Provide periodic feedback to Application Security Manager/Director on  key Security Metrics, Risks and Issues.


Manages resolution of incidents / problems throughout the information system lifecycle, including classification, prioritization and initiation of action, documentation of root causes and implementation of remedies. Development and execution of information risk controls and management strategies.


Support the implementation of organization-wide processes and procedures for the management of security risk.


Play a key role in the development of and execution of information security risk controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems.


Pursue resolution of incidents and problems throughout the information system security lifecycle, including classification, prioritization and initiation of action, documentation of root causes and implementation of remedies.


Carries out application security risk assessment within a defined functional or technical area of business. Uses consistent processes for identifying potential risk events, quantifying and documenting the probability of occurrence and impact on the business. Refers to domain experts for guidance on specialized areas of risk, such as architecture and environment. Coordinates the development of countermeasures and contingency plans.


Applies standard procedures to enhance security or resilience to system interruptions. Can take immediate action in an incident to limit business impact and escalates event to higher authority.


Applies and maintains secure risk management controls as required by organizational policy and local risk assessments to maintain confidentiality, integrity and availability of business information systems. Determines when issues should be escalated to a higher level.

Demonstrates effective communication of risk management issues to business managers and others.


Carries out specific assignments related to the technical specialism, either alone or as part of a team.



Candidate Education:
Graduation in specialized field (Example: Bachelor of Engineering etc.) Computer Science, Information Systems, or related field.

Professional Certifications:
Preferred  Technical certifications such as SAP S&A and/or BASIS Security, CISSP are desired.

Candidate Background:
Minimum  Significant experience in Information Technology, which includes substantial experience in a risk management specialism.
Minimum  Understands and uses appropriate methods and tools and applications.
Minimum  Demonstrates analytical and systematic approach to problem solving.
Minimum  Takes initiative in identifying and negotiating appropriate development opportunities.
Minimum  Contributes fully to the work of teams.
Minimum  Can plan, schedule and monitor own work.
Minimum  Is able to absorb and apply new technical information.
Minimum  Is able to work to required standards and to understand and use the appropriate methods, tools and applications.
Minimum  Appreciates wider field of information systems, how own role relates to other roles and to the business.
Minimum  Has a basic business knowledge and an understanding of current and emerging information and communications technologies and their level of maturity.
Minimum  Is able to obtain information from business people in face to face situations, and to analyze information on users occupational tasks obtained by a variety of formal and informal means.
Minimum  Has an analytical and creative approach to problem solving.
Minimum  Is familiar with the principles and practices involved in development and maintenance and in service delivery.
Minimum  Has good technical understanding and the aptitude to remain up to date with IS security and developments.
Minimum  Possesses a general understanding of the business applications of IT.
Minimum  Is effective and persuasive in both written and oral communication.
Minimum  Demonstrates basic knowledge of information security principles.
Minimum  Has experience in moderate to large technology implementations and background as an administrator of IT systems, databases, or processes.

Additional Role Requirements:
Information Security Domain
Basic understanding the following 10 security domains with technical expertise in at least one of the domain areas:

SAP ERP Security and General Application Security Knowledge
Access Control Systems and Methodology
Telecommunications and Network Security
Business Continuity Planning and Disaster Recovery Planning
Security Management Practices
Security Architecture and Models
Law, Investigation, and Ethics
Application and Systems Development Security
Computer Operations Security
Physical Security
One or more of the following industry certifications desired: CISSP, GSEC, CISA, GCIH, GCFA, GCFW, GCWN or other related certification.
Relevant industry standards awareness / governmental regulations awareness
Disaster Recovery Domain
Basic understanding of the following 10 Business Continuity domain areas with technical expertise in at least two of the domain areas:
Project Initiation and Management
Risk Evaluation and Control
Business Impact Analysis
Developing Business Continuity Strategies
Awareness and Training Programs
Exercising and Maintaining Business Continuity Plans
One of the following industry certifications desired: ABCP, CFCP or other related certification.
Relevant industry standards awareness / governmental program awareness.

Xerox is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. Learn more at www.xerox.com and explorer our commitment to diversity and inclusion! People with disabilities who need a reasonable accommodation to apply or compete for employment with Xerox may request such accommodation(s) by sending an e-mail to XeroxStaffingAdminCenter@xerox.com. Be sure to include your name, the job you are interested in, and the accommodation you are seeking.

2019 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United States and/or other countries.

Job Regular
Primary Location India-Kerala-Kochi
Unposting Date Feb 17, 2020, 4:39:04 AM
Virtual/work from home? false


Jobs Rated Reports for General Practice Physician

Posted: 2020-02-19 Expires: 2020-04-22

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Analyst II, IM Security - 19004739

Affiliated Computer Services
Kochi, KL 682005

Join us to start saving your Favorite Jobs!

Sign In Create Account
General Practice Physician
95th2018 - General Practice Physician
Overall Rating: 95/220
Median Salary: $138,100

Work Environment
Very Poor
Powered ByCareerCast