Technical Lead (Application Security testing - DAST)

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com.

Job Description

Profile: Technical Lead (Application Security testing

• DAST)Location: No location constraints (but preference to Pune/Mumbai)Band: B3Experience: 6-8 years About the role:

• Wipro is looking to onboard a Technical Lead to support Application Security Testing

• DAST ro support Entity CISO office.

Roles & Responsibilities

• Perform Dynamic Application Security Testing (DAST) on web applications, APIs, Mobile and Thick client applications
• Perform security testing on Gen-AI applications covering LLM Models testing.
• Conduct manual penetration testing (web, Gen-AI apps, API, mobile, and client applications) using gray box approach
• Configure, execute, and optimize automated security scans; validate findings and remove false positives
• Perform API security testing (authentication, authorization, data validation, headers review, parameter manipulations etc.)
• Identify, exploit, and clearly document vulnerabilities with detailed steps of proof-of-concept and remediation guidance
• Work with devops engineering team to integrate and support security testing within CI/CD pipelines (Dev Sec Ops)
• Collaborate with developers to support vulnerability remediation guiding them with multiple ways of mitigations.
• Exposure to WAF solution would be added advantage.
• Good to have understanding of WAF rule creations, onboarding of internet facing applications on WAF, configuring/tuning WAF policies etc.

Qualifications

• Bachelor’s degree in a technical field
• 6-8 years of experience in application security testing

Should have experience in:

• Dynamic Application Security Testing (DAST)
• Manual penetration testing of web, APIs, mobile, and thick client applications
• Security testing of Gen-AI applications/ LLM Models
• Well versed with tools – Burp Suite, Webinspect, Postman, Sysinternals, Ecomirage
• Excellent communication skills
• Good to have experience in
• WAF management
• Good to have Certifications: CEH, GWAPT, GPEN, CISSP, or similar

Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions.

Applications from people with disabilities are explicitly welcome.