Job ID: 194328
Required Travel :Minimal
Managerial - No
Location: India- Pune (Amdocs Site)
Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers’ innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our approximately 30,000 employees around the globe are here to accelerate service providers’ migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $4.89 billion in fiscal 2023.
In one sentence
The Information Security Analyst will lead the efforts to secure the Amdocs ecosystem by guiding and monitoring the different IT/ Product/ Business teams to ensure organizational security, by designing a secure architecture of software products/ conducting risk and threat analysis/ analyzing and managing a secure solution in the domain of infrastructure/ application while responding to specific stakeholders’ questions.
What will your job look like?
As an Information Security Analyst, candidate must focus on identifying and assessing vulnerabilities in software systems, Networks and mobile based application.
• The major focus will be on Application Penetration testing followed by Network Penetration Testing and Mobile Security assessments.
• Experience to work closely with Application Developers/architects to track the security defects to closure
• The work involves Test Case Creation, Penetration Testing, Source code reviews, Report Creation & presentation to stakeholders along with operation and construction of tools to assist in these tasks.
• To actively contribute to the Vulnerability management efforts of the organization via developer query resolution on vulnerabilities and defect tracking to closure.
• Well versed with OWASP – Top Ten and WASC Threat Classifications
• Expertise in Vulnerability Assessment and Penetration Testing of Web Applications
• Business‐Logic based application testing
• Penetration testing of Mobile applications and websites.
• Exploitation of the issues found and presenting the impact occurred
• Source Code Reviews - Well versed in Java Secure Code Review
Expertise in Automated Scanning using CheckMarx and Fortify
• Well versed with OWASP Code Review concepts & identifiers
• Familiar with popular tools:
• Application Proxy: Burp suite, Paros, OWASP ZAP, WireShark
• Vulnerability Scanners: IBM AppScan, HP WebInspect, Nessus, NTO Spider
• Exploit Toolkits: Metasploit, Exploit DB etc.
Understanding of the nature and sources of security vulnerabilities, how to identify and exploit them
• Strong expertise in security technologies and significant experiences in information technology focusing on security related vulnerabilities
• Good to have programming experience in Java, shell scripting, Perl, or Python
• Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks.
• Application Security Testing/Penetration Testing (Web based, Thick client, web services, Mobile) - Must
• Network Security Testing/Penetration Testing (Network, OS, Databases etc.)
• Static Code Analysis/ Secure Code Review - Must
• Security defect Tracking and working closely with Developers to fix the issue
• Bachelors or higher degree in Computer Science or equivalent experience
Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce