Cyber Security Analyst - L4

Req Id: 102374

City: Cincinnati

State/Province: Ohio

Posting Start Date: 10/22/25

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients' most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com.

Job Description:

Job Description

Title: Mobile Pen Tester

Duration: Full Time

Location: Minneapolis MN

• Mobile App Pentesting: 3 years of hands-on experience testing Android and iOS applications in enterprise environments. Strong familiarity with OWASP MASVS/MASTG, including mapping test cases to MASVS levels and documenting coverage.
• Proficient in performing static/dynamic analysis using tools like MobSF, JADX, Hopper, Ghidra, ClassyShark, Frida, Objection, and Xposed to review APK/IPA files and manipulate runtime behavior.
• Experience with bypassing root/jailbreak detection, debugger checks, and anti-tampering mechanisms; skilled to identify/exploit mobile app vulnerabilities related to insecure data storage, communication, authentication/session management, platform usage, and code injection/runtime manipulation.
• Familiarity with mobile device management (MDM) and platform-specific security features such as Android Keystore, iOS Keychain, App Transport Security (ATS), and biometric authentication.
• Proficient in SSL/TLS interception and bypass techniques, including certificate pinning bypass using tools like mitmproxy, Charles Proxy, and custom scripts.
• Web & API Penetration Testing: 2 years of hands-on experience with modern web apps and APIs. Deep understanding of OWASP Top 10, API Security Top 10, and SANS Top 25 vulnerabilities.
• Manual Testing & Exploitation: Proficiency in identifying/exploiting vulnerabilities in web apps and APIs using tools like Burp Suite Pro, Postman/Insomnia, and custom scripts; skilled in uncovering business logic flaws, access control issues, and chaining exploits to demonstrate real-world impact.
• Technical Proficiency: Strong scripting skills (Python, PowerShell, Bash, Ruby, Go). Solid grasp of HTTP/S, authentication protocols (OAuth, SAML, JWT), and network fundamentals (TCP/IP, DNS, firewalls, IDS/IPS).
• Tooling & Automation: Experience developing custom tools and scripts to automate testing workflows. Familiarity with tools such as Nmap, Metasploit, and Kali Linux.

• Ensuring customer centricity by providing apt cybersecurity
• Monitoring and safeguarding the log sources and security access
• Planning for disaster recovery in the event of any security breaches
• Monitor for attacks, intrusions and unusual, unauthorized or illegal activity
• Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems
• Conduct security assessments, risk analysis and root cause analysis of security incidents
• Handling incidents escalated by the L1 team in 24x7 rotational shifts
• Use advanced analytics tools to determine emerging threat patterns and vulnerabilities
• Completing all tactical security operations tasks associated with this engagement.
• Analyses all the attacks and come up with remedial attack analysis
• Conduct detailed analysis of incidents and create reports and dashboards
• Stakeholder coordination & audit assistance
• Liaise with stakeholders in relation to cyber security issues and provide future recommendations
• Maintain an information security risk register and assist with internal and external audits relating to information security
• Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues
• Advice and guidance to employees on issues such as spam and unwanted or malicious emails