Senior Consultant (Application Security testing - SAST and SCA)

Job description:

Job Description

Role: Senior Consultant (Application Security testing – SAST and SCA) 

Location: No location constraints (but Cincinnati preferred)

Band: C1 

Experience: 8 to 12 years 

About the role:

We are looking to onboard a Senior Consultant who will drive Application Security testing – SAST and SCA for Entity CISO office.

R͏oles & Responsibilities

• Lead and perform Static Application Security Testing (SAST) across applications (Java, .NET, Node, Angular etc.)
• Lead and drive Software Composition Analysis (SCA) to identify vulnerable open-source components and license risks across applications 
• Define, configure, and optimize SAST/SCA scan strategies; ensure high accuracy, reduce false positives, and improve coverage \
• Review and validate code-level vulnerabilities and provide effective remediation guidance to developers 
• Drive integration of SAST/SCA into CI/CD pipelines (DevSecOps) in collaboration with DevOps engineering teams
• Track vulnerabilities across applications, ensure closure, and govern remediation timelines
• Introduce new enhancements in the testing track improving accuracy, quality. Liaising with vendors for enabling/upgrade of new features in the security scanning tools.
• Deliver and lead secure coding awareness/training sessions for development teams
• Provide expert guidance on secure coding practices and recommend alternative secure approaches across different technologies
• Mentor team members, review deliverables, and ensure quality and consistency of assessments
• Define and improve AppSec processes, standards, and best practices 

Q͏ualifications

• Bachelor’s degree in a technical field 
• 8–12 years of experience in application security with strong focus on SAST and SCA
• Strong hands-on experience in SAST tools (e.g., Fortify, Checkmarx, Veracode) and SCA tools (e.g., Sonatype, Black Duck, Snyk)
• Strong understanding of secure coding practices, OWASP Top 10, and code-level vulnerabilities
• Ability to review and analyse code across multiple languages (Java, .NET, JavaScript, etc.)
• Strong experience in scan configuration, tuning, and false positive reduction at scale
• Experience in CI/CD pipelines and DevSecOps practices
• Ability to define scan policies, standards, and governance models
• Excellent communication skills with ability to deliver developer trainings and interact with stakeholders
• Proven ability to mentor team members and review their work
• Preferred: Prior software development experience in any programming language 

 Good to have Certifications: 

-CEH, GPEN, CISSP, or similar

͏ ͏

The expected compensation for this role ranges from $80,000.00  to $158,000.00.

Final compensation will depend on various factors, including your geographical location, minimum wage obligations, skills, and relevant experience. Based on the position, the role is also eligible for Wipro’s standard benefits including a full range of medical and dental benefits options, disability insurance, paid time off (inclusive of sick leave), other paid and unpaid leave options.

Applicants are advised that employment in some roles may be conditioned on successful completion of a post-offer drug screening, subject to applicable state law.

Wipro provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Applications from veterans and people with disabilities are explicitly welcome.

Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention.