Information Security Analyst

Every day, billions of transactions, calls and messages that hold the world s communications fabric together run on systems that Amdocs has helped to create.

Because we work with some of the largest and most innovative companies on the planet, our work makes an impact. Over the past four decades, we have continually reinvented ourselves, and as we keep moving into exciting new areas such as media, gaming, IoT, 5G, cloud services and more, there are always opportunities for us to grow and develop. We will nurture your entrepreneurial instincts with open doors and promote your ability to seize the day. Our company is built of amazing people, a supportive atmosphere and a culture built on mutual support, respect and a feel good factor that can only happen in a workplace built by the kind of people that Amdocs employs.

Make your career journey with us.

The Information Security Analyst will lead the efforts to secure the Amdocs ecosystem by guiding and monitoring the different IT/ Product/ Business teams to ensure organizational security, by designing a secure architecture of software products/ conducting risk and threat analysis/ analyzing and managing a secure solution in the domain of infrastructure/ application while responding to specific stakeholders questions.

As an Information Security Analyst, candidate must focus on identifying and assessing vulnerabilities in software systems, Networks and mobile based application.
The major focus will be on Application Penetration testing followed by Network Penetration Testing and Mobile Security assessments. Experience to work closely with Application Developers/architects to track the security defects to closure The work involves Test Case Creation, Penetration Testing, Source code reviews, Report Creation & presentation to stakeholders along with operation and construction of tools to assist in these tasks. To actively contribute to the Vulnerability management efforts of the organization via developer query resolution on vulnerabilities and defect tracking to closure. Well versed with OWASP Top Ten and WASC Threat Classifications Expertise in Vulnerability Assessment and Penetration Testing of Web Applications Business Logic based application testing Penetration testing of Mobile applications and websites. Exploitation of the issues found and presenting the impact occurred Source Code Reviews - Well versed in Java Secure Code Review Expertise in Automated Scanning using CheckMarx and Fortify Well versed with OWASP Code Review concepts & identifiers Familiar with popular tools: Application Proxy: Burp suite, Paros, OWASP ZAP, WireShark Vulnerability Scanners: IBM AppScan, HP WebInspect, Nessus, NTO Spider Exploit Toolkits: Metasploit, Exploit DB etc.