Information Security Specialist

Company Name: Amdocs Inc

Location: Pune, MH, IN

Job Duration: 2024-11-28 to 2024-12-28

Overview

Job ID: 193409 
Required Travel :Minimal 
Managerial – No
Location: India- Pune (Amdocs Site) 

Who are we?

Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers’ innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our approximately 30,000 employees around the globe are here to accelerate service providers’ migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $4.89 billion in fiscal 2023.

In one sentence

The Information Security Specialist will lead the efforts to secure the Amdocs ecosystem by guiding and monitoring the different IT/ Product/ Business teams to ensure organizational security, by designing a secure architecture of software products/ conducting risk and threat analysis/ analyzing and managing a secure solution in the domain of infrastructure/ application while responding to specific stakeholders’ questions.

What will your job look like?

Today’s cyber security threats are realistic, causing major financial losses and reputational damage. Leading organizations to invest more controls and manage their risks to ensure optimal protection against potential data breach. 

Amdocs, as enterprise leader providing solution for telecommunication organization, is required to protect firstly its IP, reputation and ensuring required protection for their customers, aligned with contractual requirements.

Having the proper Secure Software Development is becoming essential for projects development and solutions deployment, allowing both Amdocs and customers to have the certainty of proper security safeguards, proper communication and understanding of potential risks and required mitigations.  
 

All you need is…

•    BS in Computer Science, or equivalent
•    Working in Agile/Scrum team
•    Total experience – 5-12 years
•    Extensive expertise in SAST, DAST ,FOSS ,IAC stack area.
•    5+ years of relevant experience in information Security (code reviews and Pen Testing )
•    5+ years’ experience in setting up continuous integration and continuous delivery systems 
•    1-4 years’ basic understanding of Cloud Platforms 
•    3-4 years’ experience with continuous-integration tools such as Hudson/Jenkins, LiquiBase,Github actions
•    Hands on experience in tools like Checkmarx, Wiz ,twistlock Appscan ,Burpsuite etc.
•    Expertise in Security code reviews and onboarding process for managing false positives
•    Understanding of build process, best practices and tools such as Maven, Jenkins pipeline, groovy                             
•    Familiarity with REST Services, Service Oriented Systems and Micro-services architecture
•    Scripting skills in at least one of the following:  Python, Django web framework, Perl, Ruby, shell (bash, ksh, csh) — Required
•    Knowledge in distributed systems, software and network security preferred.
•    Security concepts and knowledge of security attacks on Web applications, REST services, distributed systems
•    Knowledge of OWASP top 10 list of vulnerabilities, NIST SP-800-xx, NVD, CVSS scoring etc concepts
•    automated FUZZ Testing Tools & concepts – Working Knowledge
•    Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks.
•    Great Communication skills – (Ability to communicate with a Developer to a Manager or Director level).
Tools mandatory

Good to have 
•    2-4 years’ experience with configuration management and automation tools like Chef, Puppet, Openstack or something similar.
•    2-4 years’ experience with cloud deployment (Azure, AWS, GCP)- advantage
•    Project Management Skills.
•    Travel: Ability to travel 1-2 times a year
 

Why you will love this job:

The role of the Information Security Specialist 

Information Security Specialist (DevSecOps) will work closely with all Amdocs development teams to build and integrate Security Tools into CI/CD pipeline. Administration & Management of the environment of the security tools, creation of automation scripts, test cases, develop dashboards, etc.
And will need to have the ability to keep up to date on all new security challenges and work with our teams to develop protection mechanism.

Perform application security assessments including secure code review, threat modeling. Assist and enable R&D teams to adopt secure development practices. Provide software security advice and issues to resolution to cross-functional teams including product, engineering, and services.

Information Security Specialist Roles & Responsibilities
•    Build and ensure secure development compliance with our development process.
•    Follow up with staff members to ensure completion of security-related tasks, finding security design flaws and implementation bugs consistently by performing different secure S-SDLC activities.
•    Closely work with the Lead to maintain Security health check of the integrated automation
•    Integrate multiple security tools in the DevOps pipeline to support SAST, DAST, FOSS, IAST, VA scanning activities by learning the integration features of different tools and suggest accordingly.
•    Provide professional support for the developed automations, responding to incidents to avoid system outages or restore availability to meet SLAs.           
•    Participate in the planning, design, and implementation efforts
•    Stay abreast of industry best practices (Research new technologies) and contribute ideas for improvements in DevOps practices, delivering innovation through automation 
•    Execute test procedures and/ or scripts either manually or by automated tools.
•    Gather and document the outcome of test executions and all information needed to support ongoing measurements and reporting on risks, defects, tests, and coverage.
•    Tracks and reports on the test execution in a timely manner with attention given to achieving a high level of quality.
•    Liaise with development and infra teams to get the defect resolutions 
•    Work with different entities in the enterprise to ensure S-SDLC compliance with corporate rules and industry standards.
•    Work with multiple stakeholders in IT, account and IS teams to understand the present DevOps implementation model in project and suggest suitable model of integration for security tools to create DevSecOps model.
 

 Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce