Cyber Threat Intelligence Lead **General Information** Press space or enter keys to toggle section visibility City Cary State/Province North Carolina Country United States Department IM SECURITY Date Tuesday, February 25, 2025 Working time Full-time Ref# 20035147 Job Level Specialist Job Type Experienced Job Field IM SECURITY Seniority Level Mid-Senior Level Currency USD - United States - US Annual Base Salary Minimum 93,840 Annual Base Salary Maximum 187,680 The salary range above represents the low and high end in the local currency of Xerox’s salary range for this position and is reflected in an annualized amount. Actual salaries will vary based on factors including, but not limited to, geographic location, market competition, and/or the successful applicant’s education, experience, knowledge, skills, and abilities. The range listed is just one component of Xerox’s total compensation package for employees. Employees are also afforded a comprehensive suite of benefits, to view those details please visit Xerox Careers for your applicable country. If you are not reviewing this job posting on Xerox Careers (https://xerox.avature.net/en\_US/careers) , we cannot guarantee the validity of this posting. For a list of our current internal postings, please visit Xerox Careers (https://xerox.avature.net/en\_US/careers) . **Description & Requirements** Press space or enter keys to toggle section visibility **About Xerox Holdings Corporation** For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we’ve expanded into software and services to sustainably power today’s workforce. From the office to industrial environments, our differentiated business solutions and financial services are designed to make every day work better for clients — no matter where that work is being done. Today, Xerox scientists and engineers are continuing our legacy of innovation with disruptive technologies in digital transformation, augmented reality, robotic process automation, additive manufacturing, Industrial Internet of Things and cleantech. Learn more at www.xerox.com and explore our commitment to diversity and inclusion. (https://www.xerox.com/en-us/jobs/diversity) **Description:** Serve as the primary researcher of threats against the Xerox reputation, brand, and systems through multiple threat intelligence sources. Communicate the same to a network of cyber security practitioners across Xerox for awareness and/or action to mitigate the threat(s). The Security Intelligence lead works with the cyber defense team to make accurate, risk-based decisions on where to focus security efforts that will protect our employees, operations, and revenue streams to yield the highest ROI from expended security resources. **Primary Responsibilities** : Maintain a research regimen of continuous monitoring and alerting of threats discovered and/or realized in the industry. Analyze the applicability and potential impact to Xerox systems/resources: + Collect and process both technical and non-technical, internal and external threat intelligence. + Gather pertinent, relevant data instrumental to analyzing applicability across a broad range of technologies, resources, and stakeholders within Xerox. + Maintain a clear understanding of the Xerox global footprint, external attack surface, and the relevant technologies to be monitored for new threats/vulnerabilities, particularly those that may escalate our response needs beyond standard security policy/standards for remediation. + Communicate verbally and electronically in a clear, concise, manner being careful to validate and document immediate or long-term actions required to neutralize the threat or exploitable vulnerability. + Develop briefings to disseminate and present to a wide range of stakeholders to include technical, operational, executive, or senior leadership stakeholders. **Maintain integration of threat intelligence sources with the Security Incident & Event Management Tool** + Support detection and response teams with context and analysis support, provide industry expertise and recommend relevant remediation and countermeasures to support CSIRT in triaging and responding to security incidents + Monitor threat sources continually based on input from Xerox Product Security, Corporate Security, and threats against systems & software of prevalent use in the conduct of Xerox business. + Analyze data from various sources to identify possible risk indicators, determine possible root cause and identify preventative actions. + Collaborate with the managed security services supplier in designing rules/alerts within the security information & event management system (SIEM) and/or other security technologies employed by Xerox to swiftly detect and/or prevent compromise to systems and/or information. + Perform threat hunting exercises using knowledge of tactics, techniques and procedures used by adversaries. **Knowledge and Skills Required** + Working knowledge and/or experience in analysis in investigations, such as in IT, law enforcement, or military intelligence for at least 2-4 years. + Statistical modeling and analysis experience to infer possible cybersecurity threats. + Understanding of IDS/ IPS, SIEM, email security, EDR and end point protection technologies + Experience in performing disk/ memory forensics and/or malware analysis would be a plus. + Strong understanding of network, application layer and OS fundamentals + Experience analyzing and responding to incidents in cloud environments would be a plus. + Knowledge of common Threat Actor tools, tactics, or protocols (TTPs) and identification of countermeasures to reduce risk. + Must be highly motivated with the ability to self-start, prioritize, multi-task and work in a team setting with global peers. + Possess a good technical understanding, takes initiative to remain up to date with cyber security skills, and fosters an attitude of continual learning/adapting. + Knowledge of threat intelligence platform capabilities for operationalizing and delivering actionable intelligence to key groups and stakeholders to manage remediation. + Manage vendor relationship and drive delivery of platform capabilities. + Strong communication skills, including clear verbal and written communication, collaboration, technical presentations, adaptability, and interpersonal skills **Qualification:** + Education Requirements: Bachelor’s Degree (Cybersecurity, Computer Science, Information Systems, or related field) + Professional Certifications: Preferred - A technical certification such as GCFE, GREM, CISSP, CISA, or equivalent is desired. Xerox is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. Learn more at www.xerox.com and explore our commitment to diversity and inclusion: https://www.xerox.com/en-us/jobs/diversity People with disabilities who need a reasonable accommodation to apply or compete for employment with Xerox may request such accommodation(s) by sending an e-mail to XeroxStaffingAdminCenter@xerox.com. Be sure to include your name, the job you are interested in, and the accommodation you are seeking.