SUMMARY:

• Over 14+ years of experience in Software Development including system and application security analysis, design, development, implementation, deployment of distributed n - tier enterprise, documentation, integration and maintenance of Desktop, Web based development, Mobile platforms and client/server architecture software related applications.
• Have experience working in Capability Maturity Model Integration (CMMI) compliance level environment
• Have experience working in OWASP Top 10 and CWE 25 with proven track record and experience in implementing and integrating remediation strategies.
• Have experience in a analyzing the security concerns using the HP Fortify SSC/SCA/AWB, Veracode for Static application security testing (SAST) and IBM AppScan standard/ZAP for Dynamic application security testing (DAST).
• Work in a highly collaborative environment with minimal supervision and ability to work on multiple priorities and/or projects simultaneously.
• Strong working knowledge in coding & debugging of Classic ASP/ASP 3.0, ASP. Net, VC#. Net, VBA/VB.Net, Internet architecture, ActiveX (COM), Power shell scripting and hands on experience on Internet/Intranet applications.
• Extensive experience in Design and Development applications with complete SDLC process in traditional Waterfall and Agile (Scrum) project management methodologies.
• Experienced in managing small to medium range team, possess significant knowledge in distributing the work and coordinate with team members as a lead developer in onshore as well as offshore projects
• Expertise in database design and developing Transact SQL, SQL scripts, Views and Triggers in SQL Server 2000/2005/2008 R2 databases, SQL CE 2.0/3.5.
• Possess significant skills in analysis, design and develop application using .NET Framework 1.1/2.0/3.0/3.5/4.5 versions and Win Forms, Web Based (ASP.Net, Web Forms and MVC), Entity Framework 4, C#.Net, VB.Net, Web API, WCF and ADO.Net technologies.
• Experience in development of applications using Service Oriented Architecture (SOA), Web Services, WCF, Restful Service, Web Services, Security Token Service, ADFS 2.0, ACS (Access Control Service) Configuration, Token Authentication Application, Asp.net Web API, Razor and Caching Implementation.
• Hands-on experience in UI Design using Win Forms, Web Forms and programming C#.NET, VB.NET, ASP.NET, HTML4/5, CSS, CSS3, DHTML, XHTML, XML, XSLT, Themes, Master Pages, Bootstrap, JavaScript, JQuery, JSON, AJAX, Knockout JS, Angular JS and Backbone JS
• Experienced in developing US Section 508 compliant web applications and content
• Strong working experience on .NET security features such as Windows-based Authentication, Forms-based Authentication, Authorizing Users and Roles.
• Strong working knowledge of IBM AppScan standard 8.70, HP Fortify SCA 4.31/16.20 (Source Code Analyzer), ZAP, Visual Code Grepper V2.1.0, Veracode and MS FxCop
• Experienced in applications code review using OWASP top 10, PCI-DSS, HIPAA, NIST 800-53, CVE, CWE, ISO 27001, ISO 27002
• Expertise in UML which includes creating Use-Case diagrams, Class diagrams, Interaction diagrams, Sequence diagrams, Activity diagrams and Collaboration diagrams) using MS Visio Designer tools.
• Extensive knowledge in Object Oriented Design/Development (OOD), Object Oriented Analysis and Design (OOAD), MVC2/MVC4 architectural pattern, Design patterns (MVC, Singleton, Factory, Iterator, Dependency injection and Template pattern ), Test Driven Development (TDD) and automated unit testing using Ms Test and nUnit
• Strong knowledge in Windows Mobile SDK, logging/debugging of Windows Mobile applications using Device Emulator and/or Virtual CEPC as a deployment environment for Windows Mobile OS and applications, signing binaries and CAB files for Windows Mobile 6.x operating systems.
• Strong knowledge of databases design and developing SQL scripts
• Experienced in developing reports using Crystal Reports XI and SQL server 2005 reports
• Proficiency in working with Visual Studio IDE, debugging tools like Debug and Structured Exception Handling.
• Knowledge of BizTalk server 2009, MOSS 2007, SQL BI(SSIS, SSRS, SSAS)
• Implemented Confidential Lync 2013 API, ADFS(Active Directory Federation Services), Lambda Expressions
• Developing, Migrating, Deploying ASP.NET web applications to Azure Cloud Computing.
• Applied Data Modeling and RDMS logical and physical concepts
• Hands on Exposure on TFS Version Control, VSS, CVS and SVN.
• Provided Database Management, Release Management and Build Automation with TFS 2010 for multiple projects.
• Used HP ALM and Team Foundation Server (TFS) for in analyzing test results and managing the bugs.
• Effective team player with good communication and interpersonal skills, committed, result oriented, hard working with a quest and zeal to learn new technologies.

TECHNICAL SKILLS:

Web Apps: ASP.Net, Ajax, Ajax Control Toolkit 3.0.20229, ASP, ActiveX and COM

Scripting Languages: Bootstrap, JavaScript, JQuery, JSON, AJAX, Knockout JS, Angular JS, Backbone JS and PowerShell scripting

Databases: SQL Server 2000/2005/2008, SQL CE 2.0/CE 3.5 and MS-Access

Prog. Languages: C, C++, VB.Net, C#.Net, Java and COBOL

Markup Languages: HTML 4/5, WML, DHTML, XML, CSS

Application Servers: IIS 5.1/6.0/7.5, PWS

Tools: Visual Studio.Net 2003/2005/2010, InstallShield 12 Professional

UML tools: Visio 2010, SDL Threat Modeling Tool

Version Controls: TFS 2010/2012, VSTF 2010/2013, VSS 6.0, Tortoise CVS/SVN, Accurev 5.7

Bug Tracking System: VSTS, Bugzilla 3.6.3, ALM (Application Life Cycle management)

3rd Party Controls: Infragistics, Telerik

Confidential: WinCE Apps, Crystal Reports XI, MS Charts

Operating Systems: Windows 95/98/2000/XP, Vista Ultimate, Windows 7, Windows Server 2008 R2, IBM Mainframes

Cloud Experience: Azure, Akamai

Compact OS: WinCE, Windows Mobile 5.0/6.0, Windows Phone 7.1

Security Tools: IBM AppScan standard 8.70, HP Fortify SCA 4.31/16.20 (Source Code Analyzer), ZAP, Visual Code Grepper V2.1.0, Veracode and MS FxCop

Methodologies: Waterfall and Agile/Scrum, Rally, Wiki

PROFESSIONAL EXPERIENCE:

Confidential, Jefferson City, MO

Application Security Specialist

Responsibilities:

• Strong understanding OWASP Top 10 and CWE 25 methodologies and tools
• Knowledge of Federal/State regulations and standards, such as (HIPAA, HITRUST, NIST, FISMA, ISO)
• Ensure all work products meets /exceed HIPAA and HITRUST standards.
• Perform application vulnerability assessments and code reviews across a variety of programming languages
• Perform assessments in Secured SDLC processes and strong emphasis on secure industry-best practices
• Ability to assess risks and provide innovative counter measures and solutions that appropriately balance security and business requirements
• Ability to step into an uncontrolled space and bring security structure
• Perform other security-related projects that may be assigned according to skills (e.g. RFP, contract reviews, Incident management etc.)
• Experience with web application vulnerability scanning tools
• Experience with Static Application Security Testing (SAST) tools like HP Fortify, Veracode
• Experience with Dynamic Application Security Testing (DAST) tools like IBM Appscan, ZAP
• Experienced in driving and implementing secure development practices in to SDLC (SSDLC)
• Improve secure coding practices, application security requirements, automation, training, and metrics
• Supported to define reliable Secure Software Development Lifecycle practices for all Wipro- Confidential projects throughout the planning and delivery cycles that assure that investments in IT generate business value and mitigate the risks associated with information security
• Ensuring security of Wipro- Confidential products by testing, hypothesizing threats, helping development teams, remediating risks upfront and championing secure implementation efforts
• Integrate threat modeling practices into the Software Development Lifecycle
• Assist in building secure products and standards around emerging technologies, fields lacking existing standards and security practices
• Build strong cross-organizational relationships and effectively influencing staff across the IT organization and broader enterprise
• Collaborate with product development and solution teams proactively to manage software security risk aligned with business goals.
• Manage cross-functional internal and external team collaboration, evangelization and communications.
• Develop and optimize processes to improve software development efficiency in the consumption of security development practices.
• Maintain active understanding of industry practices for secure software development and incident response.
• Represent Wipro- Confidential in the software security community globally.

Environment: HP Fortify SCA (Source Code Analyzer)/SSC/AWB, ZAP, OWASP top 10, CWE(Common Weakness Enumeration), HIPAA(Health Insurance Portability and Accountability Act), NIST 800-53 (National Institute of Standards and Technology), ISO 27001, HITRUST( Health Information Trust Alliance), Classic Asp 3.0, VS.NET 2012/2013, .NET 2.0 Framework, C, C++, C#.NET, ASP.NET2.0, MVC, Java, J2EE, Struts, JavaScript, ADO.NET, IIS7, IBM Mainframes, Cobol, DB2

Confidential, Bellevue, WA

Authorize.Net, Information Security Specialist

Responsibilities:

• Knowledge of OWASP Top 10 and CWE 25 tools and methodologies
• Experience with web application vulnerability scanning tools
• Experience in auditing the code with Static Application Security Testing(SAST) tools like HP Fortify, Veracode
• Experience in auditing the application with Dynamic Application Security Testing(DAST) tools like IBM Appscan
• Experienced in driving and implementing secure development practices in to SDLC (SSDLC)
• Experienced in successfully integrate security into a developers world
• Help define consistent Secure Software Development Lifecycle practices for all Visa technology projects throughout the planning and delivery cycles that assure that investments in IT generate business value and mitigate the risks associated with information security
• Ensure end-to-end security of Visa products by hands on testing, hypothesizing threats, helping development teams, remediating risks upfront and championing secure implementation efforts
• Improve secure coding practices, application security requirements, automation, training, and metrics.
• Integrate threat modeling practices into the Software Development Lifecycle.
• Help build secure products and standards around emerging technologies and fields lacking existing standards and security practices
• Build strong cross-organizational relationships and effectively influencing staff across the IT organization and broader enterprise
• Collaborate with product development and solution teams proactively to manage software security risk aligned with business goals.
• Collaborate with product and solution teams to achieve Global Information Security software security program objectives.
• Help to define simplified security metrics approach that enables executive leaders, line leaders, and operational staff to quickly take action on application security related risks.
• Manage cross-functional internal and external team collaboration, evangelization, and communications.
• Develop and optimize processes to improve software development efficiency in the consumption of security development practices.
• Maintain active understanding of industry practices for secure software development and incident response.
• Represent Visa in the software security community globally.

Environment: HP Fortify SCA (Source Code Analyzer), IBM AppScan, Veracode, PCI-DSS, OWASP top 10, CWE(Common Weakness Enumeration), NIST 800-53, VS.NET2012/2013, .NET 2.0 Framework, C, C++, C#.NET, ASP.NET2.0, MVC, Java, Javascript, Pascal, ADO.NET, IIS7

Confidential, Tempe, AZ

Electronic Student File, Sr .Net Developer

Responsibilities:

• Participating in minute-to-minute meetings and High Level and Low Level Design of the System.
• Involved in Preparing Architecture and High Level Design document
• Involved in requirements Gathering, Analysis, Estimation of project, tasks, resources and preparing Detail Design document
• Designed and developed User Admin, dashboard and search modules of Presentation Layer.
• Created new database tables and implemented SQL Stored Procedures, triggers and complex queries in SQL Server 2012.
• Performed server side and client side validations using HTML, CSS, JavaScript, jQuery.
• Good working knowledge of using Generics, Generic collections features of .NET 2.0 Framework.
• Used VS.NET 2013 IDE for the development of the Web Forms of ASP.NET.
• Used SQLDataAdapter, SQLDataReader, Datasets, SQLConnection, SQLCommand and ExecuteReader of ADO.NET for creating/opening connections, creating command objects/executing stored procedures.
• Responsible for developing the Data Access Layer, Business Layer components and Common Utility Class Libraries in .NET 2.0.
• Involved in migrating and testing the project to develop using the Vs 2013.
• Responsible for creation and execution of the database scripts in production and deployment of the Application.
• Responsible for the Unit Testing, Integration Testing.
• Involved in developing the user controls and designing the UI using Telerik controls.
• To maintain consistency throughout the web application, implemented Master Pages and Cascade Style Sheets (CSS).
• All the pages are Section 508 compliant and responsive
• Used Team Foundation Server (TFS) for Version control, creating builds for the testing team.
• Maintenance of the newly developed system and fixing production bugs

Environment: VS.NET2012/2013, .NET 2.0 Framework, C#.NET, ASP.NET2.0, ADO.NET, IIS7, Telerik, Bootstrap, HTML, JavaScript, CSS, XML, VS Team Foundation Server (VSTF 2013), SQL Server 2012, Windows 7.

Confidential, Tampa, FL

Tax Organizer, Sr .Net Developer

Responsibilities:

• Designed and developed the Winforms using the C#.Net 4.0
• Emphasized on Object-Oriented Concepts for C#.NET code reusability.
• Worked with windows API, managing macros
• Used Confidential .Office.Interop.Excel/Interop assembly to interact with the OLEObject and shapes
• Business Logic has been implemented using the concepts of secure coding features and Object Oriented programming (OOP) with Code behind language C#.NET 4.0.
• Developed presentation layer Components and created reusable components in C#.NET 4.0
• Involved in implementing the Confidential Lync 2013 API for desktop application sharing
• Involved in code reviews using MS FxCop and Fortify SCA
• Followed and developed the 3-Tier architecture for the business, presentation and data access layers.
• Involved in different phases of Software Development Life Cycle (SDLC)
• Involved in preparing Architecture, High Level Design document, Detail Design document, development of code and Management of team
• Engaged in gathering the requirements from the client, provide cost estimates, design, develop and deliver projects to completion
• Used C#.Net indexers extensively in formatting and restructuring the data per pre-defined format
• Designed, developed and tested windows forms using Visual Studio 2010
• Utilized HP ALM and Team Foundation Server (TFS) for in analyzing test results and submitting the bugs
• Provided Release Management and Build Automation with TFS 2010 Build Automation
• Involved in System Analysis, design and development.
• Involved in preparation of Test Cases for Unit test and Integration test.
• Involved in Release/Delivery management and Ensured deliverables are satisfactory to requirements
• Participated in initial knowledge transfer activities of the application

Environment: Visual Studio 2010, C#, .NET 4.0, Winforms, Team Foundation, Visual Studio 2010, Excel 2003/2007/2010, Confidential .Office.Interop.Excel, Confidential Lync 2013 API, MS FxCop, Fortify SCA, Windows XP, Windows 7

Confidential

Sr .Net Developer

Responsibilities:

• Development the application using MVC4 architecture and design patterns(Singleton, Factory, Iterator, Dependency injection and Template pattern)
• Developed complex MVC Controller, View, Models and Helper methods linked to backend database.
• Developed UI features using JavaScript, JSON, JQuery, AJAX, Angular JS, KnockOutJS and HTML5/CSS3
• Master Pages and Cascade Style Sheets (CSS) are used to maintain consistency throughout application
• Emphasized on Object-Oriented Concepts for C#.NET code reusability
• Created Views and used knockout binding to bind data to Views
• Wrote AJAX methods to make asynchronous calls to actions in controller
• Wrote AngularJS, jQuery functions to validate form data on client side
• Used Entity Framework to interact with the database entities to perform CRUD operations using model and mapper objects.
• Created stored procedures and accessed them using the EntityFramework.
• Created test methods to test the new functions introduced in the service layer.
• Involved in implementing Lambda Expressions for web application
• Configured and incorporated SFTP in the application to transfer the processed files
• Hosted application in IIS 6.0/7.5 (Internet information server)
• Implemented the Logging and Application error handling using the MSDN libraries like Event viewer and Log file.
• Experience in analyzing test results and submitting the bugs using HP ALM and Team Foundation Server (TFS)
• Provided Release Management and Build Automation with TFS 2010 Build Automation
• Followed the Pure Agile Model and involved in the daily stand up meetings to discuss and blockers and completed the tasks with aligned to the due dates of the Sprints.
• Hosted and tested application for multiple browsers compatibility

Environment: Visual Studio 2010, C#.NET 4.0, ASP.NET, MVC 4, Razor, EntityFramework, Team Foundation server(TFS), JavaScript, Angular JS, KnockOutJS, jQuery, JSON, HTML,HTML5, CSS3, AJAX, CSS, Excel 2003/2007/2010, SFTP, Lambda Expressions, Windows XP, Windows 7, Windows Server 2008 R2, IIS 7.5, SQL Server 2008 R2, MS FxCop, HPE Fortify SCA.

Confidential, Redmond, WA

Senior .NET Consultant

Responsibilities:

• Interacting with Client to gather requirements and document all the requirements.
• Implemented MVC pattern in the application development and used Razor View Engine.
• Used Client Side Frameworks like javascript, Angular JS, KnockOut JS, jQuery, Ajax along with HTML5 to create the UI Layer.
• The application uses jQuery for a dynamic and interactive UX, data retrieval and posting.
• Created sophisticated SQL Server database to responsively handle complex queries like T-SQL, triggers, stored procedures, functions and joins.
• Using EntityFramework, connected to relational data by writing LINQ to SQL queries.
• Utilized Confidential Team Foundation Server (TFS) to manage the team's software development lifecycle (SDLC) including deriving product backlog items, assigning sprint work items to developers and conducting sprint review meetings.
• Used HTML5 for keyword research and selection, meta tagging, search engine submission and position tracking.
• Used NUnit for Unit Testing and Test driven development.
• Managing and delegating tasks to the team and tracking the same
• Implemented design patterns(MVC2, Singleton, Factory, Iterator, Dependency injection and Template pattern)
• Worked in all phases of Software Development Life Cycle (SDLC)

Environment: Visual Studio 2010, C#.NET 3,5, ASP.NET, ADO.NET, MVC2, Angular JS, KnockOutJS, jQuery, Ajax, SQL Server2008, HTML5, Confidential Visual studio.NET 2008, WCF, Entity Framework 4.0, nUnit, Agile/scrum

Confidential

Senior .NET Consultant

Responsibilities:

• Used C#.NET to develop code behind business logic.
• Develop User Interface using Master page and ASP.NET web forms.
• Attend daily standup meetings to provide task status (Waterfall model).
• Participate in scrum sessions in analyzing the requirements with group members.
• Involve in the design of different layers (Presentation, Business, and Data Layer).
• Designed the ASP.NET GUI using HTML, CSS, java script and implemented client side validation using validation controls in ASP.NET.
• Used ADO.NET to utilize SQL data source implementing DataSets, Data Reader, Data Adaptor to connect and manipulate databases
• Used JQuery, Ajax for retrieving data
• Involved in consuming the web service using ASP.NET AJAX with partial page postback
• Followed the 3-Tier customized Pattern, separating the business, presentation and data model
• Involved in the design of the Use Case Diagrams and class diagrams using Confidential Visio.
• Designing and Implementing Interfaces and Classes using Object Oriented Programming Structure.
• Coding and Tuning the queries, stored procedures and functions.
• Performed testing and documentation.

Environment: VS.Net 2010, C#.Net 4.0, ASP.NET, SQL Server 2008, ADFS (Active Directory Federal Services), Team Foundation server, JavaScript, JQuery, AJAX, CSS, MS Visio, Windows XP, Windows Server 2008 R2

Confidential

Sr. .Net Consultant

Responsibilities:

• Involved in Analysis, Design and architecture of the application.
• Involved in creation of web forms using ASP.NET and used CSS for designing the front end.
• Implemented Data Access Layer using ADO.NET for DB operations.
• Used JavaScript, JQuery, AJAX, HTML, CSS for UI, partial post backs and to get data
• Involved in creation of database tables, stored procedures and functions for DB operations.
• Implemented the Business Logic using C#.
• Used Master Pages for unified look and feel of the website.
• Generated various reports using Crystal Reports.

Environment: VS.Net 2010, C#.Net 3.5, ASP.NET, SQL Server 2008, ADFS (Active Directory Federal Services), Crystal Reports, Team Foundation server, JavaScript, JQuery, AJAX, HTML, CSS, Lambda Expressions, Share Point 2010, Windows XP, Windows Server 2008 R2

Confidential

Sr. .Net Consultant

Responsibilities:

• Developed the portal using various .Net Technologies like Confidential .NET Framework 3.0, C#, ASP.NET, ADO.NET.
• Developed the application using n tire architecture, OOP Design.
• Implemented ADFS(Active Directory Federation Services), Error logging, File upload/down load functionalities in windows Azure
• Implemented AJAX controls and functionality in the web forms.
• Involved in Analysis and Design to Windows Azure migration
• Integrated the ADFS to application for authentication, Session Handling, Error logging, File upload/down load functionalities in windows Azure
• Involved in analysis of database to SQL Azure compatibility
• Involved in application deployment to Windows Azure, SQL Azure
• Involved in designing Database schema, data migration to SQL Azure
• Deployment of application to the azure environment
• Used JQuery for a better interaction with the application
• Proven skills in SQL tuning and enhancing application performances.
• Proficient in SQL server programming stored Procedures, Functions, Database Triggers.
• Experience in all phases of Software Development Life Cycle (SDLC) like Requirement Capturing, Data Modeling and Designing, Developing, Testing, Quality Assurance, Implementing, Documenting and User Training for various business applications.
• Written Stored Procedures, Triggers using SQL Server database

Environment: Visual Studio 2010, C#.Net 3.5, ASP.NET, SQL Server 2008, ADFS (Active Directory Federal Services), EntityFramework, Team Foundation server, JavaScript, JQuery, AJAX, CSS, data migration to SQL Azure and File upload/down load functionalities in windows Azure, Windows 7, Windows Phone 7

Confidential

Sr. .Net Consultant

Responsibilities:

• Analysis and Design to Windows Azure migration
• PUSH was developed using the Window service, C#.NET
• PULL was developed using the WCF Restful, C#.NET
• Implemented ADFS(Active Directory Federation Services), Error logging, File upload/down load functionalities in windows Azure
• Analysis of database to SQL Azure compatibility
• Database schema, data migration to SQL Azure
• Application deployment to Windows Azure, SQL Azure
• Deployment of Web & window services to the azure environment

Environment: Visual Studio 2010, C#.Net 3.5, ASP.NET, SQL Server 2008, WCF, Restful Service, Window service, EntityFramework, Team Foundation server, Error logging, Security Token Service, Token Authentication Application, Caching Implementation, ADFS (Active Directory Federal Services), Windows Server 2008 R2, Windows 7

Confidential

Sr. .Net Consultant

Responsibilities:

• Developed the UI using the VS.Net 2010, C#.Net 3.0 and WPF for Windows Phone 7
• Developed the graphical charts using the MS Charts and binding data using ADO.NET
• Coding and debugging using ASP.NET and C#.
• Used WPF to design partial of the user interaction forms
• Deployment of application to the azure environment
• Analysis and Design to Windows Azure migration
• Developed the web forms using ASP.NET Server controls and Performed validation on the client side using JavaScript and Validation Controls.
• For consistent data access used ADO.NET objects such as Data Reader and Data Set. involved in SQL azure database design
• Used Stored Procedures, Database routines for fixing up the standard Specifications.
• Implemented ADFS(Active Directory Federation Services), Session Handling, Error logging, File upload/down load functionalities in windows Azure
• Worked in all phases of Software Development Life Cycle (SDLC) like Requirement Capturing, Data Modeling and Designing, Developing, Testing, Quality Assurance, Implementing, Documenting and User Training for various business applications
• Identified, analyzed, defined and documented business processes.

Environment: Visual Studio 2010, C#.Net 3.0, ASP.NET, WPF, SQL Server 2008, ADFS 2.0 (Active Directory Federal Services), Team Foundation server, JavaScript, JQuery, JSON, AJAX, CSS, Session Handling, Error logging, data migration to SQL Azure, Windows 7, Windows Phone 7