Senior Consultant (Application Security testing - SAST and SCA)

We are looking to onboard a Senior Consultant who will drive Application Security testing - SAST and SCA for Entity CISO office., * Lead and perform Static Application Security Testing (SAST) across applications (Java, .NET, Node, Angular etc.)

• Lead and drive Software Composition Analysis (SCA) to identify vulnerable open-source components and license risks across applications
• Define, configure, and optimize SAST/SCA scan strategies; ensure high accuracy, reduce false positives, and improve coverage \
• Review and validate code-level vulnerabilities and provide effective remediation guidance to developers
• Drive integration of SAST/SCA into CI/CD pipelines (DevSecOps) in collaboration with DevOps engineering teams
• Track vulnerabilities across applications, ensure closure, and govern remediation timelines
• Introduce new enhancements in the testing track improving accuracy, quality. Liaising with vendors for enabling/upgrade of new features in the security scanning tools.
• Deliver and lead secure coding awareness/training sessions for development teams
• Provide expert guidance on secure coding practices and recommend alternative secure approaches across different technologies
• Mentor team members, review deliverables, and ensure quality and consistency of assessments
• Define and improve AppSec processes, standards, and best practices

• Bachelor's degree in a technical field
• 8-12 years of experience in application security with strong focus on SAST and SCA
• Strong hands-on experience in SAST tools (e.g., Fortify, Checkmarx, Veracode) and SCA tools (e.g., Sonatype, Black Duck, Snyk)
• Strong understanding of secure coding practices, OWASP Top 10, and code-level vulnerabilities
• Ability to review and analyse code across multiple languages (Java, .NET, JavaScript, etc.)
• Strong experience in scan configuration, tuning, and false positive reduction at scale
• Experience in CI/CD pipelines and DevSecOps practices
• Ability to define scan policies, standards, and governance models
• Excellent communication skills with ability to deliver developer trainings and interact with stakeholders
• Proven ability to mentor team members and review their work
• Preferred: Prior software development experience in any programming language

Good to have Certifications:

-CEH, GPEN, CISSP, or similar

The expected compensation for this role ranges from $80,000.00 to $158,000.00.

Final compensation will depend on various factors, including your geographical location, minimum wage obligations, skills, and relevant experience. Based on the position, the role is also eligible for Wipro's standard benefits including a full range of medical and dental benefits options, disability insurance, paid time off (inclusive of sick leave), other paid and unpaid leave options.

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients' most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com., Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention.