Wipro - Senior Role - Application Security Assessment - Web/Mobile/Cloud/IoT

Experience:

- Hands on experience in Application Security Assessment - Web, Mobile, Cloud, IoT

- Hands on experience in Secure Code Review

- Exposure to Agile, DevOps with respect to security testing

- Consulting and coordinate with project teams for Security Assessments

- Hands on experience in Infrastructure Vulnerability Assessments and Penetration testing

- Threat Modelling - Draw Data Flow Diagrams (DFD), prepare threat models, identify threats and suggest mitigation steps

- Lead security assurance engagements and responsible for application & network security testing

- Work closely with customer project teams and serve as a single point of contact for all security testing related activities

- Develop frameworks and methodologies to evaluate security in new and emerging technologies

- Assist in building security testing competency

- Mentor and provide technical guidance to team members

- Experience in automation of tasks with scripting or programming

- Must be able to work independently & guide team

- Excellent analytical abilities

- Good communication skills

Pre-Requisites/Skills:

- Experience in Application Security Assessment, Secure Code Review - DAST & SAST

- Experience in DAST (Dynamic Application Security Testing) tools like IBM AppScan, HP WebInspect, Burp Professional, Acunetix etc.

- Experience in SAST (Static Application Security Testing) tools like IBM AppScan Source, HP Fortify, Checkmarx etc.

- Experience in Infrastructure Vulnerability Assessments and Penetration testing - Qualys, Rapid 7 Nexpose, Nessus, Metasploit etc.

- Knowledge of using Open Source Penetration Testing tools like Webscarab, Burp Suite, Paros Proxy, Kali Linux etc.

- Good understanding of OWASP Top 10 vulnerabilities, SANS Top 25, OSSTMM, PTES, NIST standards.

- Security related certifications such as CEH, SANS, OSCP, CISSP.

- Understanding of Compliance Regulations - PCI, SOX, HIPPA etc