Information Security Specialist

Location: We are open to candidates in the following locations only. Must be able to work in the office. Plano, TX / Champaign, IL / Alpharetta, GA / St Louis , MO / Herndon , VA

Applicants must be legally authorized to work in the United States for any employer. We are unable to sponsor or take over sponsorship of an employment visa at this time or in the future for this position.

About the Company

Amdocs helps the world’s leading communications and media companies deliver exceptional customer experiences through reliable, efficient, and secure operations  provide software products and services that embed intelligence into how work runs across business, IT, and network domains – delivering measurable outcomes in customer experience, network performance, cloud modernization, and revenue growth. With our talented people, and more than forty years of experience running mission-critical systems around the globe, Amdocs runs billions of transactions daily.

Our technology is relied on every day, connecting people worldwide and advancing a more inclusive, connected world. Together, we help those who shape the future to make it amazing. Amdocs is listed on the NASDAQ Global Select Market (NASDAQ: DOX) and reported revenue of $4.53 billion in fiscal 2025. For more information, visit  At Amdocs, our mission is to empower our employees to 'Live Amazing, Do Amazing' every day.

We believe in creating a workplace where you not only excel professionally but also thrive personally. Through our culture of making a real impact, fostering growth, embracing flexibility, and building connections, we enable them to live meaningful lives while making a difference in the world.

About the Role

We’re seeking a hands‑on Network Security Specialist to engineer, operate, and continuously improve our perimeter and edge security stack – who will be responsible for the configuration, fine‑tuning, lifecycle management, security monitoring, incident response, and compliance readiness of network security controls including Cisco & Check Point Firewalls, Cisco & Palo Alto IPS, Tufin Firewall Analyzer, Imperva CDN/WAF, F5 ASM WAF, DDoS protection services, Crowd Strike, and Arcsight SIEM integrations in a hybrid environment.

Responsibilities

• Design, implement, and harden policies for Cisco/Check Point firewalls; manage access control, NAT, VPN and advanced threat features.
• Configure and optimize IPS signatures and profiles (Cisco/Check Point/Palo Alto) to maximize detection while minimizing false positives.
• Deploy, fine‑tune, and maintain F5 ASM and Imperva WAF/CDN policies, bot management, rate limiting, and positive security models for web applications and APIs.
• Maintain DDoS protection configurations including runbooks, thresholds, and upstream coordination with providers.
• Use Tufin Firewall Analyzer (Secure Track/Secure Change) for rule lifecycle, policy optimization, risk analysis, recertification, and change governance.
• Integrate Crowd Strike intelligence and detection telemetry with network enforcement points and Arc Sight SIEM for correlated detections and automated response where applicable.
• Operations & Monitoring
• Own the day‑to‑day monitoring for network security tools; triage alerts, tune rules, and drive continuous reduction of noise.
• Perform log analysis and correlation via SIEM (Arc Sight) to identify threats, campaign patterns, and attacker TTPs.
• Conduct policy audits and rule hygiene (remove shadowed/unused rules, right‑size overly permissive rules, validate business justifications).
• Ensure high availability, redundancy, and health of security appliances and services; manage upgrades, patches, and hotfixes with change control discipline.
• Active participation in an on‑call for high‑severity incidents and maintenance windows (including some after‑hours/weekend work).
• Lead or support network‑centric incident handling: scoping, containment, eradication, and recovery for web attacks (L7), DDoS, command‑and‑control, data exfiltration, and lateral movement.
• Develop and maintain playbooks/runbooks for common attack scenarios (WAF blocks, IPS hits, DDoS events, suspicious egress, VPN abuse).
• Produce clear, executive‑ready incident…