Responsibilities
* Generate and maintain SBOMs for all software products, ensuring completeness and accuracy.
* Integrate SBOM generation into CI/CD pipelines for automated updates.
* Use SBOM data to identify vulnerabilities in software components and prioritize remediation.
* Collaborate with security teams to integrate SBOMs with vulnerability management tools and threat intelligence feeds.
* Assess risks in software supply chains using SBOM data and provide recommendations for mitigation.
* Work with vendors to validate SBOMs and ensure transparency in third-party components.
* Implement SBOM tooling and integrate with DevSecOps platforms, artifact repositories, and build systems.
* Enable automated workflows for SBOM updates and vulnerability scanning.
Technical Skills
* Proficiency in SBOM standards (SPDX, CycloneDX) and tools (Dependency-Track, OWASP).
* Knowledge of software composition analysis (SCA) and CI/CD integration. [ntia.gov]
* Familiarity with vulnerability databases (NVD, CVE) and risk assessment frameworks.
* Preferred: CISSP, CISA, or SBOM-specific training.
Experience Requirements
* Experience in cybersecurity, software development, or supply chain risk management.
* Hands‑on experience with SBOM generation and analysis tools.
You will receive a competitive salary, a generous benefits package, training, and development, as well as an exciting career within a fast paced and dynamic business.
Benefits
* Contributory pension
* Life insurance policy
* Private medical insurance
Wipro is an advocate for positive change and conscious inclusion. As a global employer, we strive to create a diverse Wipro family by remaining committed to the development of our culture, diversity, equality, and inclusion in the workplace. All applicants are welcome.
#J-18808-Ljbffr