SUMMARY:

• 13+ years of experiences in Software Quality Assurance Analyst and Information System Security Analyst in Client - Server, Multi-Tier and Web Enterprise applications
• Manage multiple projects tasks through the System Engineering Life Cycle (SELC) from project initiation, through requirements, design and development, testing, implementation, maintenance, and retirement based on Agile methodology
• Perform hands-on security testing, which is responsible for identifying security risks within applications and its network infrastructure, servers, web applications, databases, and web services.
• Reports findings that contribute to the systems development lifecycle (SDLC) and enterprise architecture activities and decisions (e.g., selecting appropriate security designs and architecture/system components to assist others in developing system designs and processes).
• Complete involvement in designing/ developing/defining Test Strategy, Test Plan, Test Case/Test Scripts in Software Development Life Cycle (SDLC) in CMM/CMMI standard
• Extensive experience in analyzing Business Requirement Specification (BRS) and Software Requirement Specification (SRS)
• Provide a single point of contact, liaison and escalation (for each service) for all operational service-related matters and coordinate on Help desk support, processes, and activities
• Communicates with different DHS/DoD Stakeholders to define objectives for new technology and initiatives; recommends modifications or custom designs to existing systems and equipment
• Established priorities, prepares documented schedules for project development and release
• Provided effective leadership and control by monitoring and reporting status
• Ability to work effectively under pressure with constantly changing priorities and deadlines; excellent customer service skills as well as effective communication skills in appropriate business style
• Widespread knowledge with different methodologies of testing such as: Agile, Waterfall, Iterative

TECHNICAL SKILLS:

OS: Windows 7 Enterprise/ Professional, Windows XP, Windows 10, Google Chrome, UNIX and Sun Solaris

Server: WebSphere, WebLogic

Databases: Oracle, MS SQL Server

Web Tech: Appian (Juniper Networks), Servlets, JSP, XML, HTML, DHTML, J2EE, WebLogic Server, Apache and IIS server

Net Working/Communication: TCP/IP, Windows NT Client/Server configuration, COM, DCOM

Testing Tools: HP Quick Test Professional (QTP, currently known as UFT), Quality Center(QC), LoadRunner (LR), and JIRA

Tracking Tools: SVN, Microsoft SharePoint, PVCS Tracker, and PPVCS Version Manager, Mingle

Microsoft Tools: MS Office, MS Visio, MS Excel, MS Power point and MS Projects

Mathematical Skills: Math Modeling, Stochastic Models, Cryptography, Discrete Math, Numerical Methods, Linear Algebra, Differential Equations, Probability and Statistics, Advanced Calculus, Visual Basic, C++, Algorithms, and SQL

Science and other related skills: Fluid Mechanics, Microbiology, Anatomy & Physiology (I, II), Organic Chemistry (I, II), Analytical Chemistry (I, II), Analytical Chemistry (I, II), Industrial Chemistry (I, II), Biology (I,II), Money and Banking, and Macroeconomics

PROFESSIONAL EXPERIENCE:

Confidentail

Sr. QA Analyst

Responsibilities:

• Examining Source code (Java, JavaScript, Web, CSS, XML, ASP.NET, PHP) for vulnerabilities and communicating directly with developers to mitigate the findings in the applications using SonarQube and HP Fortify
• Provide support in improving the integrity and security of enterprise-wide Cyber systems and networks in RMF Framework
• Performing manual and automated Web application vulnerability assessments and demonstrate common web site security issues (XSS, XFS, CSRF, session fixation, SQL injection, information leakage, application logic etc.) across various platforms based on OWASP secure coding practices
• Write reports in multiple formats for both ad-hoc and monthly assessments for vulnerabilities identified during security assessments to include word, xml, pdf, csv, and excel
• Successfully wrote testing Rules of Engagements (RoE), Test Plans , Standard Operating Procedures (SOP), and Memos
• Prepares final system documentation for the controls implementation and provides artifacts demonstrating the controls effectiveness and identified gaps and generated PO&M in IACS and Archer
• Supporting all SDLC documentation steps required for approval of Authorization to Operate (ATO), completion of the system security package, and acceptance of final operating capability
• As a continuous monitoring purpose, performed the Log analysis using the Splunk for application, network specific, OS specifics, event logs and then escalate incident event resulting from log review
• Selecting various different controls, implementing controls and assessing controls through Xacta IA
• Collected all the verities artifacts for attestation purpose in supporting of assessing controls
• Create and execute VB script in the basis of det ailed test strategy and supporting test automation procedures by using the HP UFT
• Maintained automated test framework and performed different kinds of test record, edit and debug using the Selenium IDE
• Before releasing the system, very much involved in performing the UAT along with different stake holders and end users
• Log any functional defects and security vulnerabilities through Jira system and later keep track through across the team
• Created test cases out of use cases and then execute through HP ALM during the Sprint functional testing
• Reporting findings that contribute to the systems development lifecycle (SDLC) and enterprise architecture activities and decisions (e.g., selecting appropriate security designs and architecture/system components to assist others in developing system designs and processes)
• Attend technical meetings with system owners and stakeholders to explain and defend all reported vulnerability findings
• Working with the Computer Incident Response Team (CIRT) to improve corporate detection and response capabilities and promote computer security awareness through hacker demos and security testing project debriefs

Environment: Java, C#, MS SQL, JQuery, SQL Server Reporting Services, IACS controls like Telerik Adobe Flash Player, SQL Database Server 2010, and Windows XP Professional, Microsoft SharePoint, Jira

Confidential

Senior Test Analyst

Responsibilities:

• Provide expert technical advice, guidance, and recommendations to senior IT subject matter experts, senior executives, and managers on critical IT applications software issues requiring new approaches
• Analyzes, reviews and comments on system's Joint Capabilities Integration and Development System (JCIDS) documentation to ensure the information supports agency guidelines and provide supportable test criteria
• Analyzes impact(s) on existing systems/programs and ma kes appropriate recommendations
• Leads the teams to develop/execute det ailed test plans and procedures
• Coordinates all necessary testing elements needed to support Net Ready Key Performance Parameter (NR-KPP) certification recommendations
• Design and implement system test and regression plans, test cases, and automated test scripts
• Develop Test Plans and build test cases and test data sets in Microsoft SharePoint based upon the documented system requirements
• Report issues by using Mingle bug tracking system and interface with the development team to help resolve bugs/issues
• Review test cases of more junior team members to ensure adequate test coverage (positive, negative, and exception handling), adherence to coding standards, and appropriate automation.
• Experience implementing, designing, planning, and conducting comprehensive release and regression test
• Leads the teams to develop/execute det ailed test plans and procedures and assisting test automation procedures by using the UFT
• In addition of that, engaged in remote external and local internal penetration test and vulnerability assessments of the organizations networks, servers, web applications, databases, and web services.
• Supported numerous service units to perform ad-hoc vulnerability assessments upon request using Nessus security center and spear headed the collaboration with the client to configure Nessus security center to execute continuous monitoring for the entire organization
• Conducted security reviews, technical research, and provided reporting to increase application security defense mechanisms
• Assisted the application security assessments utilizing tools such as Virus Total, Threat analyzer.
• Supported Information Systems Security Officers (ISSO) to ensure FISMA documentation, ATO planning , and execution is completed in a timely manner
• Developed and implements security procedures that meet security objectives of a FIPS-199 High system.
• Formulated security architecture recommendations and designs security controls for a cloud based system.
• Identifies, develops, and implements protection needs for the information system including network transport and data assurance
• Provided detailed specifications for technical needs of infrastructure, and provided input on security infrastructure requirements

Environment: Mingle, Splunk, Appian, Java, C#, Adobe Flash Player, SQL Database Server 2010, and Windows XP Professional

Confidential

Senior Automation Analyst

Responsibilities:

• Established priorities, prepares documented schedules for project development and release; provides effective leadership and control by monitoring and reporting status; executes projects to accomplish the objectives according to customer expectations while delivering quality service district wide
• Developed test data and testing procedures, analyzes and evaluates the results
• Advised on specification requirements and limitations to help managers define the problem
• Developed complex routines and detailed sequences of internal program logic by coding, testing and debugging
• Drew flow charts and write operating procedures, make minor changes to existing software systems
• Assist in resolving software/hardware interface and interoperability problems;
• Helped manage accounts, network rights, and access to systems and equipment;
• Developed complex routines and detailed sequences of internal program logic by coding, testing and debugging
• Analyzed the design and development of appropriate systems designs, and information security controls
• Assisted Testing and Requirement Management for the NET-T (NMCI (Naval & Marine Corps Internet) Enterprise Tool - Transition) to include the development of the documents preparation of system requirements, use cases, design specifications, test cases, and defect reports
• Performed traceability for all the clustered requirements
• Administered managed and tracked all the requirements through the Microsoft SharePoint
• Loaded base lined requirements into QC for the testing perspective
• Created use cases out of the requirements traceability matrix
• Created test cases from the use cases in Excel Spreadsheet and transferred the test scripts to QC
• Conducted the following QA testing: Positive, Negative, Boundary, Regression, Smoke, Ad Hoc, User Acceptance (UAT), Data Roll Over Verification, eMP (e Market Place), XML Output, Data Migration
• Performed defect tracking and summarized information for bug reporting through the JIRA

Environment: ASP.NET, C#, Adobe Flash Player, SQL Database Server 2005, and Windows 7 Professional

Confidential

Senior QA Test Engineer/ Automation Developer

Responsibilities:

• Supported all Test and Integration Management for the Global Combat and Support System - Joint (GCSS-J) to include the development and document preparation of Release Risk Assessments, Test Plans, and Test Problem Resolution in support of GCSS-J PMO software releases
• Provide onsite integration support.
• Assist with software installation, testing, troubleshooting, and engineering support for the build and release planning of GCSS-J application.
• Summarize information on test results and interoperability issues
• Ensure fielding needs are met during the actual fielding of the products and during the on-site requested visits.
• Analyzed with Agile Development and testing methodologies and principles in Global Combat Support System - Joint (GCSS-J) environment
• Supported all different kind of the following testing: Positive, Negative, Boundary, Regression, Smoke, SQT, Ad Hoc, User Acceptance (UAT), System Acceptance (SAT), KPP (Key Performance Parameter), End-to-end and Load/ Volume/ Stress, Truth Data, Data Validation, Data Migration
• Supported Automated testing using tools HP Quality Center (QC) and Quick Test Professional (QTP) by VB Script coding
• Supported the Ozone Widget Framework (OWF) in Java environment
• Elaborate experience on using GE (Google Earth) Plug-in for Flex and OWF environment and Adobe Flash Player Plug-in for JCA (Joint Capability Area) environment
• Performed Data migration and Data Validation action just before the fielding
• Back-End testing using SQL, PL/SQL in various Relational Databases like Oracle, and SQL Server
• Experienced in managing, developing, and executing Test Scripts in HP Quality Center and proficient in Defect/Bug Tracking and Reporting process through the Rally
• Subscribes for the meeting minutes and transferred to the Power Point Presentation (PPP) slides and distributed to all the WIPT external (including JITC, IDA, DOT&E, JS/J4 stakeholders) and internal attendees.
• Continue corresponding with all stakeholders for the upcoming meeting discussion point and also communicate with all the action item officers for their assigned action items status

Environment: ASP.NET, C#, Flex, Adobe Flash Player, SQL Database Server 2005, and Windows 7 Enterprise

Confidential

Test Analyst

Responsibilities:

• Analyzed current testing methods/processes to identify improvements to effectiveness and productivity. Examined current CM, requirements, and release processes as they effect testing to identify similar improvements.
• Supported the query and management of Sybase and Oracle data sets; independently create and manage data sets.
• Translated requirements into test scripts and independently write and maintain the code for the test scripts. Worked with the testing activities of the system developers to ensure a coherent and consistent set of test scripts across all testing functions.
• Executed Unix shell scripts and SQL queries for interface data loads and verification.
• Developed and execute test plans, test scripts and test analysis reports to facilitate consistency and ease of re-use of testing documentation between releases.
• Prepared and attend requirements phase reviews, internal and external to the testing team, to improve the testability and traceability of requirements from the focus of a tester.
• Used PVCS Version Manager and PVCS Tracker tools to manage requirements, changes to requirements, and testing baselines.
• Managed personal workload in accordance with the priorities established in the Release Plan and the Release Schedule.
• Worked in a mutually dependent and supportive relationship with the configuration management team, which is vital to the successful delivery of quality products to the Government. Supported the CM team to ensure that the testing environment is stable and that all software changes are forwarded to the testing team for formal testing in a controlled manner.
• Fully tested the software in accordance with the latest base line, approved requirements and associated testing plan. Identify problems encountered during testing within a formally controlled
• Cross train other members of the JPAS team to understand the Unit testing, and Interface testing processes, methods, and tools.
• Used internal program procedures in order to complete work assignments.

Environment: ASP.NET, C#, Oracle 10g, Sybase Server 2005, SQL, and Windows XP Professional

Confidential

System Analyst

Responsibilities:

• Created Business Process and Functional Requirement Specifications, designed/developed Test Plan and Test Approach artifacts with resource requirements and time estimates for DoD project
• Provided support for users with respect to accessibility and accuracy of data necessary for analysis and reporting
• Coordinate production problem resolution with vendors, including generating problem tickets and change requests
• Provided support and act as consultant for users for various data access and software tools available to the division
• Developed specifications for new software systems and documented procedures that allowed other users to test the system
• Created Test Plans, Test Cases, Test Scenarios and Test Scripts for manual testing using Microsoft Excel template
• Built automated test scripts using QTP and performed functional and regression testing
• Widespread use of tables utilizing MS Access 2007 queries in Application and Data Warehouse databases
• Administered bug tracking system with Microsoft SharePoint
• Made Forms used in reporting defects, for SCR, SRS and Test Request
• Occupied in Meetings/Walkthrough with various teams as required for better understanding of the business requirements, software specifications, and development process flow at various stages
• Used Microsoft SharePoint to bug track, Report, and Manage defect throughout the test cycle and attended Defect Status Meetings on weekly basis during testing cycle

Environment: ASP.NET, C#, Oracle 10g, MS SQL Server 2005, SQL, MS Access, and Windows XP Professional, MS Office suite, Visio

Confidential

QA Analyst

Responsibilities:

• Analyzed Business Process and Functional Requirement Specifications, designed/developed Test Plan and Test Approach artifacts with resource requirements and time estimates
• Decomposed business requirements and converted them into manual/automated testable modules
• Developed, published QA testing procedures and standards including test related artifacts, executed test plans, validated test cases, reviewed outputs generated from test files and reported results
• Implemented and documented standard QA workflow procedures
• Created Test Plans, Test Cases, Test Scenarios and Test Scripts for manual testing using HP Quality Center
• Administered bug tracking system-Quality Center
• Documented procedures that allowed other users to test the system
• Created Forms used in reporting defects, for SCR, SRS and Test Request
• Developed automated test scripts using QTP (VP Script Coding) and performed functional and regression testing
• Developed automated test scripts and performed load, stress and performance testing using LoadRunner, used VUgen for script development, enhanced the scripts by inserting transaction points, parameterize and inserting correlation, used Load Controller and measured response time to pin-point bottlenecks in applications, net- working and server settings
• Used SQL and PL/SQL against Oracle 10g database to analyze multiple source data and designed an approach for Data Sampling
• Involved in Meetings/Walkthrough with various teams as required for better understanding of the business requirements, software specifications, and development process flow at various stages
• Utilized HP Quality Center to Track, Report, and Manage defect throughout the test cycle and attended Defect Status Meetings on daily basis during testing cycle

Environment: .NET, Java/J2EE, Quality Center, Quick Test Professional (QTP), LoadRunner, Oracle 10g, MS SQL Server 2005, SQL, PL/SQL, IBM WebSphere, Unix, and Windows XP Professional

Confidential

Software Test Analyst

Responsibilities:

• Managed and implemented testing framework
• Reviewed and updated regression test scripts for accuracy and clarify
• Created and routed new test scripts for inter department approval of enhancements and new functional requirements
• Scheduled and monitored daily test status meetings between various department level testers (UAT Department, Project Managers, Business Resource Managers, IT Department, and Business Owners)
• Designed Test Steps/Scripts, managed and tracked defects and issues utilizing Mercury Quality Center
• Monitored and tracked progress of World Wide application testing
• Verified integrity of production sites against stage and integrated testing environments
• Responsible for testing over 40 screens of complex system managing company electronic sales order processes
• Created automated scripts using HP QTP and created regression test suites in Quality Center for saving the automated test scripts
• Developed test cases from Use Cases, Functional Specifications and Physical Data Models in order to maintain regression test matrices / scorecards
• Performed Performance testing of the application using LoadRunner, created virtual user scripts, transactions, scenarios, and responsible for running the performance scripts in testing environment, and analyzed test results with System Development team and user
• Extensive used of tables utilizing SQL queries in Application and Data Warehouse databases
• Created, analyzed, and updated all project defects in HP Quality Center
• Testing multiple emergency defect fixes over entire testing cycle, getting final approval for promotion into production environment
• Tested multiple production defects in each monthly release cycle

Environment: HP Quality Center, Quick Test Professional, LoadRunner, XP, Oracle, SQL, Unix, MS Visio, UML, Word, Excel, MS PowerPoint, Windows