Job
Description
0px> Who are we In one sentence As Information Security Team Lead specializing in DevSecOps, youll partner with Amdocs development teams to seamlessly integrate security tools into our CI/CD pipeline. Youll oversee the security tools environment while driving automation initiatives through scripting, test development, and monitoring dashboards. The role requires staying ahead of emerging security code scan threats and collaborating with teams to implement robust protection measures. Youll guide RD teams in adopting secure development practices and provide expert security consultation to diverse teams across product development, engineering, and services departments. What will your job look like Manage a team of DevSecOps security analysts and implementation engineers Implement DevSecOps tools in all product dev environments Follow up with staff members to ensure completion of security-related tasks Manage and maintain Security health check of the integrated automation. Provide professional support for the developed automations, responding to incidents to avoid system outages or restore availability to meet SLAs. Analyze the implementation needs and provide effort estimation to the users Stay abreast of industry best practices (Research new technologies) and contribute ideas for improvements in DevOps practices, delivering innovation through automation. Tracks and reports on the test execution in a timely manner with attention given to achieving a high level of quality. Liaise with development and infra teams to get the defect resolutions Onboard new hires, train and share knowledge, take an active role in technical mentoring and elevating team knowledge. Working with external vendors for support, manage the relevant vendor employees and make sure the support is performed as planned Maintaining hardware and software deployment and POC planning All you need is... Must-Have 3+ years of experience in leading a team (team of security analysts is preferrable) 5+ years of relevant experience in information Security DevSecOps Total experience - 6-8 years Extensive expertise in Application security and security architecture area. Hands on experience in SAST Tools (e.g. Checkmarx), Container Scanning tools (Twistlock, Wiz) Expertise in Security code reviews and onboarding process for managing false positives 5+ years experience in FOSS security issues and security hardening (CIS benchmarks) 3+ years experience in setting up continuous integration and continuous delivery systems 2-3 years experience with continuous-integration tools such as Hudson/Jenkins, LiquiBase, Github actions Understanding of build process, best practices and tools such as Maven, Jenkins pipeline, groovy Knowledge of OWASP top 10 list of vulnerabilities, NIST SP-800-xx, NVD, CVSS scoring etc concepts Great Communication skills - (Ability to communicate with a Developer, a Manager or Director level). Project Management Skills 2-3 years basic understanding of Cloud Platforms BS in Computer Science, or equivalent Working in Agile/Scrum team Nice to have: Familiarity with REST Services, Service Oriented Systems and Micro-services architecture Scripting skills in at least one of the following: Python, Django web framework, Perl, Ruby, shell (bash, ksh, csh) Knowledge in distributed systems, software and network security preferred. Security concepts and knowledge of security attacks on Web applications, REST services, distributed systems Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks. 2+years of experience on docker /k8S Why you will love this job: You will have the opportunity to work with the industry most advanced technologies and experts in a global company You will have opportunities to evolve yourself in the future of all cutting-edge technologies and business trends. You will be working with a great team
