CYBER SECURITY ANALYST L3
Indexed description
Job Description
Job Title: Application Security Operation
Role Summary
Experience in enterprise Application Security testing services, including SAST, SCA, Secrets Detection, and DAST. Drive secure SDLC adoption through CI/CD integration, vulnerability validation, risk-based remediation tracking, SBOM management, and security metrics reporting.
Key Responsibilities
- Perform continuous and incremental application security testing using SAST, SCA, Secrets Detection, and DAST tools.
- Validate findings, eliminate false positives, and support vulnerability remediation activities.
- Integrate security scanning into CI/CD pipelines and enforce secure development gates.
- Manage SBOM generation, open-source dependency risks, CVE tracking, and vulnerability exposure reporting.
- Track remediation SLAs, TTD/TTR metrics, and application security KPIs.
- Partner with development, DevSecOps, and platform engineering teams to drive remediation and continuous security improvements.
- Support security assessments, tool optimization, reporting, and developer enablement initiatives.
Experience
- 5 years of experience in Application Security, Secure SDLC, or DevSecOps.
- Hands-on experience operating enterprise AppSec scanning platforms and vulnerability management processes.
- Experience integrating security testing into CI/CD pipelines and cloud-native environments.
- Strong understanding of OWASP Top 10, secure coding practices, and software supply chain security.
Technical Skills & Tool Experience
- SAST: Checkmarx/ Veracode/ Fortify/ SonarQube/ GitHub Advanced Security.
- SCA & SBOM: Fortify/ Checkmarx / Snyk / Black Duck.
- DAST & API Security: Fortify/ Checkmarx/ Burp Suite/ Invicti/ Acunetix.
- Secrets Detection: GitGuardian/ GitHub Secret Scanning.
- DevSecOps: Azure DevOps/ GitHub Actions/ Jenkins/ GitLab CI/CD.
- Container & Cloud Security: Prisma Cloud/ Wiz/ Aqua/ Microsoft Defender for Cloud.
- Reporting & ITSM: ServiceNow/ Power BI/ Grafana.
Preferred Certifications
- CEH/Security+/Certified DevSecOps Professional/AWS/Azure Security Specialty
͏
Areas of responsibility
Monitoring and Incident Detection-Handle escalated alerts, prevent potential intrusions from third party agents and analyse log correlation to ensure alignment with security standards.
Incident Handling and Analysis-Triage security incidents, handle escalated incidents, assist in performing root cause analysis and prepare reports that adhere to compliance requirements.
Threat Assessment and Analytics-"Perform vulnerability scans, identify threat intelligence feeds, and recommend preventive measures to reduce exposure."
Stakeholder Coordination and Audit Assistance-Coordinate with internal teams on security issues, maintain risk registers and assist during compliance audits.
͏ ͏ ͏Mandatory Skills: Application Security Code Review - SAC .
Experience: 3-5 Years
.
Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search