Multiple Application Security Resume
4.00/5 (Submit Your Rating)
SUMMARY
- Security professional wif over 6+ years progressive experience in IT & Information Security working on projects in USA, UK, India and Middle East in various verticals like - Banking and Financial Services, Insurance, Telecom, Legal, Retail, Product development companies, and ITES.
- Strong Consultancy, analytical skills and problem solving wif the ability to execute multiple complex tasks in fast-paced and fluid environments also played major role in business development.
- Strong experience in Application Security Architecture Design/Reviews and Threat Modeling using STRIDE & DREAD, Information security roadmap creation based on the gap analysis done on software development practices, infrastructure, Dynamic application/web-services (SOAP, REST).
- Experience in tools such as Checkmarx, Veracode, Burp Professional, HP WebInspect, NMAP, Nessus, Nipper, Kali etc
- Experience in leading, managing and delivering application security assessment, network penetration testing, architecture review, security code review engagements, and configuration review.
- Well versed wif Security Assessment methodologies and Frameworks such as OWASP, NIST 800-53, ISO 270001, OSSTMM, and CVSS etc.
- Proven experience in architecting software security in complex and large user population environments
- Act as subject matter expert (SME) in areas of responsibility to address challenges, propose solutions and interface wif global audience composed of business partners, Information Security Officers (ISOs, CISOs), Internal Audit and other global operations personnel.
- Configuration analysis of networks and Security Devices such as firewall, Router, switches, APT, IPS etc. and experience in network and application architecture to analyze threat modeling
- Hands on experience in developing software applications using Java/J2EE technologies and different frameworks
- Excellent consulting and communication skills - good people and conflict resolution skills
- Good project management, team leading, presentation and reporting skills.
- Good exposure in work in Agile Methodology
TECHNICAL SKILLS
- Accunetix, Checkmarx, Nessus, Web-Inspect, Kali Linux, Burp Suite, ZAP, NMAP, Sql Map.
- Penetration Testing (Web/Mobile/Thick Client App, Web services)
- Secure Code Review(Java/.NET/PHP/C/C++)
- Java & J2EE, JMS, JDBC/ODBC, SOAP, REST, XML
- Spring/Struts/Hibernate/JSF Framework
- Process Risk Assessment
- Severs, Database, Network and Security Devices Configuration Review
- Network Architecture Review
PROFESSIONAL EXPERIENCE
Confidential
Multiple Application Security
Responsibilities:
- Threat Analysis and Threat modeling of the application using STRIDE and DREAD models
- Written test cases for security assessment
- Performed Penetration testing using Black / Gray testing methodology based on industry standards such as OWASP
- Utilized automated security assessment tools (HP Web-Inspect, Accunetix, Nessus, Burp Suite, SQL Map etc)
- Reverse engineering of client-side code (for Mobile application, Thick Clients etc)
- Prepare detailed report for the observation made
- Discuss the vulnerabilities and its possible solution wif developers, solution architect, and product managers.
Static Code Analysis
Confidential
Responsibilities:
- Understanding the use cases, technology stack, external interfaces, deployment and configuration parameters about the software application
- Scanned code through HP Fortify, Checkmarx, CodeSecure for security vulnerabilities and manually verified them to remove false positives
- De-Obfuscated and reverse engineered the code
- Utilized code review tools to identify security issues
Application Risk Assessment
Confidential
Responsibilities:
- Define the Scope of the assessment
- Project Planning and time estimation
- Meeting wif Business Owners and Stake holders for understanding their requirement
- Review of the Assessment Reports and Executive Reports for the Management and stake Holders
- Business Process Risk Assessment
- Root Cause Analysis of findings
- Network and Application Architecture Review
- Security Assessment of Web Application and Network
- Compliance and Configuration Review
Confidential
Responsibilities:
- Understanding the requirements of customers and Development of use cases diagram and design document.
- Creates user stories in agile methodology
- Implementation using java/j2ee, Struts, Hibernate, Spring and related technologies
- Managing the code to repository using software versioning and revision control tool such as SVN.
- Development of Junit Test Cases.
- Continues integration of Code wif Jenkins.
- Helping the build team deploy the solution on the production system
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
