Penetration Tester

Wipro is Hiring for Penetration tester for Mumbai / Hyderabad locations.

Those who have interested please share your latest resume to naga.venna@wipro.com.

Job Description for Penetration Tester for Infra and Cloud

Experience Required: At least 7-10 years of experience.

Job Description (Required skills / Responsibilities):

• Conduct highly complex offensive security operations testing consistent with known adversary tactics techniques and procedures and contribute to the development of objectives and approaches taken to remediate risk
• Act as the subject matter expert on all aspects of penetration testing
• Develop and maintain security testing plans
• Examine current penetration testing practices and identify key risks, then execute programs to address them
• Document security issues and impacts identified through offensive operations in a clear and concise manner to facilitate reporting to impacted stakeholders
• Provide guidance and recommendations to stakeholders responsible for security remediation actions to close identified gaps and remediation validation testing
• Automate penetration and other security testing on networks, systems and applications
• Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
• Consult with defensive operations teams on adversary tactics to guide and mature cyber defensive countermeasures
• Design, implement, and maintain secure container orchestration platforms using Kubernetes and Docker, ensuring compliance with industry best practices and security standards.
• Conduct regular security assessments and vulnerability scans of container images, identifying and remediating security issues to reduce risk exposure.
• Collaborate with development and DevOps teams to integrate security into the CI/CD pipeline, enabling automated security checks during image builds and deployments.
• Conducted threat modeling and risk assessments to proactively identify and mitigate security risks in containerized applications.
• Collaborate with security teams to enforce network segmentation and implement security controls for container clusters.
• Automated security compliance checks using tools like Open Policy Agent (OPA) and integrated them into CI/CD pipelines.
• Independently handle complex issues with minimal supervision, while escalating only the most complex issues to appropriate staff
• Prepare Weekly and monthly status reports – Technical and Management reports / Dashboards

Good to have skills:

• CTF and Bug Bounty Experiences
• Robust creativity and problem-solving skills
• Ability to think analytically
• Proficiency in scripting languages
• Ability to identify and exploit vulnerabilities
• Advanced written and verbal communication skills
• Good Understanding of Containerization Technologies such as Docker, Kubernetes, OpenShift etc.
• Good Understanding of Cloud Platforms such as AWS, Azure, GCP and OCI etc.
• Good Understanding of Security Standards such as CIS Benchmarks, NIST, OWASP
• Good Understanding of CI/CD Pipelines such as Jenkins, GitLab etc.

Good to Have Certifications: OSCP, GPEN, CEH, CREST, GWAPT, CISSP, OSCE, GXPN, OSWE, CISA

Thanks,

Bhupal.