Information Security Expert

**Job ID**:198944
**Required Travel**: Minimal
**Managerial - No**
**Location**:India
- Pune (Amdocs Site)**

**Who are we?**:
**In one sentence**:
As Information Security Team Lead specializing in DevSecOps, you'll partner with Amdocs development teams to seamlessly integrate security tools into our CI/CD pipeline.
You'll oversee the security tools environment while driving automation initiatives through scripting, test development, and monitoring dashboards.

The role requires staying ahead of emerging security code scan threats and collaborating with teams to implement robust protection measures. You'll guide R&D teams in adopting secure development practices and provide expert security consultation to diverse teams across product development, engineering, and services departments.

**What will your job look like?**:

- Manage a team of DevSecOps security analysts and implementation engineers
- Implement DevSecOps tools in all product dev environments
- Follow up with staff members to ensure completion of security-related tasks
- Manage and maintain Security health check of the integrated automation.
- Provide professional support for the developed automations, responding to incidents to avoid system outages or restore availability to meet SLAs.
- Analyze the implementation needs and provide effort estimation to the users
- Stay abreast of industry best practices (Research new technologies) and contribute ideas for improvements in DevOps practices, delivering innovation through automation.
- Tracks and reports on the test execution in a timely manner with attention given to achieving a high level of quality.
- Liaise with development and infra teams to get the defect resolutions
- Onboard new hires, train and share knowledge, take an active role in technical mentoring and elevating team knowledge.
- Working with external vendors for support, manage the relevant vendor employees and make sure the support is performed as planned
- Maintaining hardware and software deployment and POC planning

**All you need is...**:
**Must-Have**
- 3+ years of experience in leading a team (team of security analysts is preferrable)
- 5+ years of relevant experience in information Security DevSecOps
- Total experience - 6-8 years
- Extensive expertise in Application security and security architecture area.
- Hands on experience in SAST Tools (e.g. Checkmarx), Container Scanning tools (Twistlock, Wiz)
- Expertise in Security code reviews and onboarding process for managing false positives
- 5+ years’ experience in FOSS security issues and security hardening (CIS benchmarks)
- 3+ years’ experience in setting up continuous integration and continuous delivery systems
- 2-3 years’ experience with continuous-integration tools such as Hudson/Jenkins, LiquiBase, Github actions
- Understanding of build process, best practices and tools such as Maven, Jenkins pipeline, groovy
- Knowledge of OWASP top 10 list of vulnerabilities, NIST SP-800-xx, NVD, CVSS scoring etc concepts
- Great Communication skills - (Ability to communicate with a Developer, a Manager or Director level).
- Project Management Skills
- 2-3 years’ basic understanding of Cloud Platforms
- BS in Computer Science, or equivalentWorking in Agile/Scrum team**Nice to have**:

- Familiarity with REST Services, Service Oriented Systems and Micro-services architecture
- Scripting skills in at least one of the following: Python, Django web framework, Perl, Ruby, shell (bash, ksh, csh)
- Knowledge in distributed systems, software and network security preferred.
- Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks.
- 2+years of experience on docker /k8S

**Why you will love this job**:

- You will have the opportunity to work with the industry most advanced technologies and experts in a global company
- You will have opportunities to evolve yourself in the future of all cutting-edge technologies and business trends.
- You will be working with a great team

**Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce