We provide IT Staff Augmentation Services!

Application Security Engineer Resume

Hartford, CT

SUMMARY:

  • Overall 6+ years of experience in IT and 3+ years of experience in Web Application Security/Penetration Tester on Vulnerability Assessment. Expertise in performing Application Security risk assessments throughout the SDLC cycle. Performed Application security which includes Application Security design, review, testing and remediation.
  • Experience on manual penetration testing, application security, patch and vulnerability assessment.
  • Experience in automated testing using various tools like Acunetix.
  • Knowledge in various web app scanning tools e.g. Burp Suite, Web Inspect and IBM AppScan
  • Experience in penetration testing, generating reports, SQL Injection XSS and major OWASP Top 10 hacking protection technique
  • Analyze & implements security specific solutions for improving the security level in terms of operational security and risk management.
  • Responsible for managing all aspects of the Vulnerability Risk Management Program including vulnerability identification, analysis, remediation coordination and reporting.
  • Knowledge on NIST, HIPPA, PCI and proactive vulnerability detection.
  • Knowledge on network security such as DNS, TCP/IP, IDS/IPS, Routing Active Directory and IOS devices.
  • Involved in Security Development Life Cycle (SDLC) to ensure security controls are in place.
  • Implemented and maintained firewall for preventive measures and being compliant with laws and regulations.
  • Good team player and ability to learn the concepts effectively and efficiently.
  • Ability to work in large and small teams as well as independently.

TECHNICAL SKILLS:

Automated Test Tools: Acunetix, QTP, Selenium IDE

Bug Reporting Tools: ALM/Quality Center, Jira

Database Systems: SQL Server, IBM Data Studio, Oracle SQL Developer

MS Access Packages: MS - Office (Word, Excel, PowerPoint, and Outlook), SharePoint

Operating System: Windows 2008/2010/Vista/XP/2000/98/95, Linux, SOAP UI

WORK EXPERIENCE:

Confidential - Hartford, CT

Application Security Engineer

Responsibilities:

  • Performing vulnerability assessment and penetration testing on enterprise application and recommending mitigations to the development team.
  • Acquainted with various approaches to Grey & Black box security testing.
  • Proficient in application level vulnerabilities like XSS, SQL Injection, CSRF, authentication flaws etc.
  • Conducting Web Application Vulnerability Assessment & Threat Modeling, secure code review on the applications.
  • Skilled using Acunetix scanner for web application penetration tests.
  • Generated and presented reports on Security vulnerabilities to both internal and external customers.
  • Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Authentication, Authorization.
  • Vulnerability assessment of various web applications used in the Manual testing using Emulators and Handheld Devices.
  • Assisting customer in understanding risk and threat level associated with vulnerability so that customer may or may not accept risk with respect to business criticality
  • Assisting in review of business solution architectures from security point of view which helps avoiding security related issues/threats at the early stage of project.
  • Update with the new hackings and latest vulnerabilities to ensure no such loopholes are present in the existing System.

Environment: Application level vulnerabilities, SQL Injection, XSS, Automated Testing Vulnerability Management, OWASP TOP 10

Confidential - Mayfield, OH

Quality Assurance Analyst

Responsibilities:

  • Analyzed the user requirements and functional specifications to develop Test cases to cover overall QA testing based on requirements.
  • Involved in complete SDLC Methodology.
  • Involved in meetings with the Development team and SME to understand the Business Requirement Document workflow of the application and created Test Data for various Test Cases.
  • Worked closely with SME to understand the workflow and executed Manual Test cases as part of Regression suite in ALM.
  • Verifying a token is being passed from all the Web Services and WCF Services by performing Manual Testing using Netmon Tool and executing Test Cases in ALM.
  • Wrote and executed SQL queries using SQL Server.
  • Provided weekly status report that included Testing Metrics to stakeholders.
  • Prepared detailed Test Plans and Test Cases for Functional, System, Regression and Unit Testing using ALM. Also involved in importing the Test Cases into ALM from MS Excel.
  • Performed Functional and Regression testing by using Quick Test Professional (QTP); Performed Regression testing by using various checkpoints.
  • Generated weekly Status Reports to the Team Manager & participated in weekly status meeting with Team Members, Team Manager & Technical Team.
  • Logged Bugs/Defects using ALM and performed Regression Testing after rectification from Developers.

Environment: UFT/QTP, ALM/Quality Center, .NET, MS Office Tools, MS Outlook Express, Web Services, Netmon Tool, SQL Server.

Applications: Agent Services, Billing, Commercial Lines, Customer, External Communications, Product and Quoting.

Confidential

Quality Assurance Analyst

Responsibilities:

  • Worked closely with the development team on day-to-day basis to test and deploy tasks / projects and content in a fast paced, dynamic environment
  • Involved in complete SDLC Methodology.
  • Analyzed the user requirements and functional specifications to develop Test cases to cover overall QA testing based on requirements.
  • Compare IE9 and IE11 page side by side and performed Visual Testing and Black Box Testing.
  • Executed SQL queries for Back end testing thru Microsoft SQL Server.
  • Provided weekly status report that included Test Metrics to stakeholders.
  • Prepared detailed Test Plans and Test Cases for Functional, System and Black Box Testing.
  • Performed Smoke, Functional, Black Box and System Testing on IE and IE11.
  • Performed Smoke Testing by using the Touch pad to verify the application works fine.
  • Performed cross browser testing to ensure compatibility of the application on IE11.
  • Generated weekly Status Reports to the Team Manager & participated in weekly status meeting with Team Members, Team Manager & Technical Team.
  • Logged Bugs/Defects using ALM and performed Regression Testing after rectification from Developers.
  • Worked closely with SME to understand the workflow and executed Manual Test cases as part of Regression suite in ALM.
  • Executed full Regression Test Cases Manually and Automation by using the QTP.

Environment: UFT/QTP, ALM/Quality Center, .NET, MS Office Tools, MS Outlook Express, Web Services, Netmon Tool, SQL Server.

Confidential, West Palm Beach, FL

QA Tester/ Analyst

Responsibilities:

  • Designed test scenarios, test plans and test cases based on the business requirements for the project.
  • Executed test cases manually and identified the mismatches
  • Performed cross browser testing to ensure compatibility of the application on IE and Netscape
  • Participated in bugs and enhancement review meetings
  • Participated in problem resolution meetings.
  • Created Quick Test pro (QTP) scripts for all the modules
  • Reported defects in Test Director and followed through until defects were fixed.
  • Performed regression tests after fixing of the bugs.
  • Participated in weekly QA meetings.
  • Reported to QA manager and Project manager for all the testing update from time to time.
  • Executed SQL queries for Back end testing through Quick Test Pro (QTP) and Microsoft SQL Server.

Environment: QTP, Test Director, C++, SQL Server

Confidential - Fort Lauderdale, FL

Quality Assurance Analyst

Responsibilities:

  • Worked closely with the development team on day-to-day basis to test and deploy tasks / projects and content in a fast paced, dynamic environment
  • Developed test cases and scripts according to product requirements documentation and executed them in order to ensure that deliverables match specifications
  • Tested web application for conformance to product specifications and standards to ensure deployment readiness.
  • Participated in weekly QA meetings.
  • Participated in bugs and enhancement review meetings
  • Interacted with various teams across the organization to communicate and facilitate the QA process.
  • Provided input for improving testing policies and procedures
  • Logged, tracked, managed, and helped to drive the resolution of defects and "live site" bugs

Environment: Quality Center, C++, MS Office Tools, SQL Server

Hire Now