Wipro is Hiring for Penetration tester for Mumbai / Hyderabad locations.
Those who have interested please share your latest resume to
Job Description for Penetration Tester for Infra and Cloud
Experience Required: At least 7-10 years of experience.
Job Description (Required skills / Responsibilities):
- Conduct highly complex offensive security operations testing consistent with known adversary tactics techniques and procedures and contribute to the development of objectives and approaches taken to remediate risk
- Act as the subject matter expert on all aspects of penetration testing
- Develop and maintain security testing plans
- Examine current penetration testing practices and identify key risks, then execute programs to address them
- Document security issues and impacts identified through offensive operations in a clear and concise manner to facilitate reporting to impacted stakeholders
- Provide guidance and recommendations to stakeholders responsible for security remediation actions to close identified gaps and remediation validation testing
- Automate penetration and other security testing on networks, systems and applications
- Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
- Consult with defensive operations teams on adversary tactics to guide and mature cyber defensive countermeasures
- Design, implement, and maintain secure container orchestration platforms using Kubernetes and Docker, ensuring compliance with industry best practices and security standards.
- Conduct regular security assessments and vulnerability scans of container images, identifying and remediating security issues to reduce risk exposure.
- Collaborate with development and DevOps teams to integrate security into the CI/CD pipeline, enabling automated security checks during image builds and deployments.
- Conducted threat modeling and risk assessments to proactively identify and mitigate security risks in containerized applications.
- Collaborate with security teams to enforce network segmentation and implement security controls for container clusters.
- Automated security compliance checks using tools like Open Policy Agent (OPA) and integrated them into CI/CD pipelines.
- Independently handle complex issues with minimal supervision, while escalating only the most complex issues to appropriate staff
- Prepare Weekly and monthly status reports – Technical and Management reports / Dashboards
Good to have skills:
- CTF and Bug Bounty Experiences
- Robust creativity and problem-solving skills
- Ability to think analytically
- Proficiency in scripting languages
- Ability to identify and exploit vulnerabilities
- Advanced written and verbal communication skills
- Good Understanding of Containerization Technologies such as Docker, Kubernetes, OpenShift etc.
- Good Understanding of Cloud Platforms such as AWS, Azure, GCP and OCI etc.
- Good Understanding of Security Standards such as CIS Benchmarks, NIST, OWASP
- Good Understanding of CI/CD Pipelines such as Jenkins, GitLab etc.
Good to Have Certifications: OSCP, GPEN, CEH, CREST, GWAPT, CISSP, OSCE, GXPN, OSWE, CISA
Thanks,
Bhupal.