We provide IT Staff Augmentation Services!

Jr/mid Security Assessor Resume

Arlington, VA


  • Over 11 years of software testing experience of testing different components of web applications, client server applications on Java and .NET platform.
  • Manual GUI testing for web applications as well as backend testing in IBM Mainframe application, performed real - time transaction and batch processing to create the data file. Performed system testing, system integration, user acceptance testing, regressing testing, and performance testing.
  • Automation testing for Desktop UIs, Web UIs through common web browsers, using Selenium Web Driver, Selenium IDE and Selenium Grid; also hand on knowledge on HP UFT and IBM Ration Functional Tester. Used different tools such as Java core, JavaScript, TestNT, JUnit, Maven, Firebug.
  • Used data driven framework as well as behavior driven framework for automation the web element, based on page object model (POM) design pattern for automation test script development; Cucumber Behavior Driven Development for User Stories, Selenium Data Driven Development for testing multiple data from MS Excel data file.
  • Worked on Agile and Waterfall methodology. Knowledge on scrum agile process as well as different artifacts such as epic, product/release backlog, sprint planning to select user stories from backlogs, ceremonies, retrospective for further progress, velocity chart to see the progress in work based on user story points completed per iteration, burn-down chart to see the outstanding work based on work left and time spend on the task.
  • Performed to query the test data using SQL queries to retrieve test data from multiple table from database.
  • Web service API testing using SoapUI tool, knowledge on different HTTP methods for both HTTP Request and HTTP Response when performing data validation; HTTP GET, HTTP POST, HTTP DELETE etc.
  • Hands on knowledge on Amazon Web Service, commit and push the automation test scripts in gitHub, setup and checking the continuous integration of new code in Jenkins for the regression test.


Operating Systems: Windows Server 2012 R2, Windows Server 2008 R2, Windows Server 2003 R2, Windows NT, z/OS TSO, Unix, Linux (Kali Linux, Ubuntu, RedHat), Apache, VirtualBox - Vmware, Unix (Putty), OS/390 (IBM Mainframe), MacOS.

Servers: WebSphere Application Server, SSL Server, Middleware Server (RedHat, Linux), Business Web Application Server (BWAS), DNS, z/OS Security Server, Proxy Server, Apache HTTP Server, CI Servers (e.g. Jenkin, Bamboo).

Database: Sun/Oracle IAM suite, ACRS, Oracle 9i and Oracle 10g, TOAD, Microsoft SQL Server, DB2, MySQL, Database Table Query Form, IBM MQSeries, WebLogic/WebShare, z/OS Security Server, MS Access Database, CRM Database

Protocols: TCP/IP, SSL, TLS, UDP, HTTP/HTTPS, SSH, SMTP, FTP/SFTP, Sign-Sign-On(session & user authentication service), SecureFX.

Networking: Active Directory, LDAP, DNS, WAN, LAN, VPNs, OSI model (all 7 security layers of the application).

Languages Java, JavaScript, JavaApplet, ActiveX, JDK, JRE, JVM, JCL, JMS, JBoss, JSP, J2EE, .NET, ASP.net, HTML, XML, SQL, T-SQL, Jnit, Gherkins, WSDL, Maven, VBScript, API, AIX, AJAX, ASCII.

Microsoft Office Tools: MS Office 2003/2007/2010, Outlook, Project Manager, Microsoft Office365.

Automation tools & technology: Selenium, WebDriver, Selenium IDE, Junit, Maven, Eclipse, Cucumber, Bamboo, SOA, SoapUI, REST API.

Security Tools: OpenFISMA, Security Center, Nessus Vulnerability Scanner, Burp Suite, Splunk, Security Audit & Analysis System (SAAS), CyberArck.

Repository: LDAP, Active Directory.

Other Tools: HP Application Life Cycle Management (ALM) tools such as Quality Center (QC), QTP, JIRA, Confluence, IBM Rational tools (TestManager, ReqPro, ClearCase, ClearQuest, RQM ), BMC Remedy, SCM Harvest, Team Foundation Server (TFS), TSO, COBOL OpenVMS application, AutoSys - GUI form, Visual Basic, IAM, eDoc, Command Center, Siebel Financial Service - CRM tool, Centropy system, Direct Loan Servicing system (DLSS), Microsoft SharePoint, Microsoft Visio 2005, MS PowerPoint.

Defect Tracking Tools IBM Rational ClearQuest, HP KISAM (Knowledge Incident/Problem Service Asset Management), Bozilla, JIRA, HP Quality Center.

Section 508 Testing Tool: WAVE, JAWS, WAT, Inspect, Java Ferret.

Reporting System: Crystal Report, Business Intelligent Reporting (BI), SQL Server Reporting System (SSRS), SSIS, Physician Quality Reporting System (PQRS), Electronic Reporting System (ERS).

Third Party Tools: COTS products such as Identity Manager (IDM), Access Management tool, SiteMinder, Selenium, Bamboo.

Native Tools: Query Analyzer, Query Developer, SQL Profiler, Active Monitor, DBCC tool DMV

Cloud Service: Amazon Web Service (AWS), Jenkin (for continuous integration), gitHub (to update and deploy the code in cloud), Planning and Budgeting Cloud Services (PBCS)


Jr/Mid Security Assessor

Confidential, Arlington VA

  • Security testing to mitigate different security control issues on Confidential related different applications such as WinServ, MidServ, DCOM, Voice Video etc.
  • From quality assurance prospective, performed to approve and reject the finding by technical and non-technical assessment/testing, based on provided evidence on different security issues such as configuration, access control issues, authentication & authorization, audit and accountabilities etc.
  • Followed different NIST SP 800 security compliance of FISMA, such as NIST SP 800 53, 53A, 37, 171 etc. for the quality assurance prospective.
  • Scheduled meetings, interacted with clients via conference call, in-person meeting, Skype meeting, shoulder surf meeting, in regards to collect evidence to mitigate the findings.

Automated Test Engineer

Confidential, Hanover MD

  • Automation UI testing for critical event management system and task order for training to military personnel based on different user role and responsibilities as well as type of organization i.e. cyber mission force and non-cyber mission force organization.
  • Created automation test scripts in Selenium Web and Selenium IDE under Ubuntu desktop environment.
  • Created test data in the MS Excel sheet for data driven testing framework
  • Used different tools and technology such as Eclipe, JRE, JDK, Junit,TestNG, POI libraries, Selenium jar files, apache POI libraries, Java, JavaScript, Maven, Cucumber etc.
  • Created automation test script for UI testing for the forms as well as some login functions for behavioral driven development process by using Gherkin language.
  • Use maven install command to build the code and upload & deployed the automation test script in gitHub using Bash command and stored in Amazon Web Service (AWS) using terminal.
  • Monitored the continuous integration of code in Jenkins for regression testing to ensure the codes are not breaking down due to new code in night batch job process.
  • Also performed some web service API testing using SoapUI testing for backend data validation by validating HTTP network traffic of HTTP Request from client application and the HTTP Response from Application Server. Also perform XML verification to get the correct xpath value to get the expected web element for automation test script.
  • Managed defects and created tickets in JIRA

QA Tester

Confidential, Washington DC
  • Working under ETA - OIST project on different applications such as UI, eGrants, EBSS, TAACCCT, RAPIDS, Youth Offender, eDVRS etc.
  • Actively participated in all phases of SDLC and STLC from requirement gathering to test scenarios and test script development (both manual and automation) and tested both front end and back end data table are displayed correct data in client application as it displayed in the Web Application Server.
  • Key QA person to manage, document as well as approved/rejected documents in SCM Harvest after verification and validation of documents in Service Desk & Service Management tool (BMC Remedy); before it goes for deployment.
  • Created automation test script in Eclipse using Selenium WebDriver, Java, JavaScript.
  • Section 508 Compliance testing, by using the tools, such as WAVE, Inspect, WAT and Java Ferret.
  • Created test cases in QC ALM and logged and tracked defects. And created defect reports and graphs.
  • Documented different documents in SharePoint.

IACS Web Application Tester

Confidential, Columbia MD
  • Worked on three different interfaces of Individual Authorized Access to CMS Computer Services (IACS) applications for identity management and authentication services on the Federal Government project for department of Health and Human Resources.
  • Reviewed & analyzed different documents such as requirement, detail design and technical documents. Wrote test plan, test scenarios, test case, log file, report files.
  • Developed requirement traceability matrix by mapping requirements, business rules, test scenarios and test cases.
  • Performed testing on different user interface CMS applications such as HIPAA Eligibility Transaction System (HETS) User Interface (UI), Electronic Health Records (EHR) and so on.
  • Created automation test script for web application in Selenium WebDriver, Selenium IDE as well as Cucumber for testing of behavioral functionalities.
  • Wrote SQL query to retrieve data for testing purpose as well as data validation in the database.
  • Tested application for black box testing, white box testing, system testing, system integration testing, system acceptance testing, regression testing, functional testing, parallel testing, patch bundle testing, performance testing, browser compatibility testing.
  • Defect tracking and management of defects, documentation.
  • Scheduled meetings and participated scrum meeting as well as different review meeting like test readiness review, peer review, QA review.
  • Web service testing by using SoapUI for backend testing for HTTP request and response to ensure the data communication between client application and application server.
  • Executed test cases both manually and some automated; used QTP automation tool.
  • Some security testing in Burp Suite by intercepting data for proxy test.
  • Hands on knowledge on healthcare medical claim processing testing

Engineer Software Quality 3 (Software Tester)

Confidential, Lanham MD
  • Worked as a system acceptance (SAT) Tester on TIPS Task Order 5 for e-Authentication and E-Transcript application for ID proofing to access different Confidential applications for Taxpayer users within Confidential Enterprise Life Cycle.
  • Performed testing on the Registration module of Registered User Portal (RUP) for e-authentication of ID proofing of the tax-payer users under Integrated Customer Communication Environment (ICCE) and Enterprise Integrated Testing Environment (EITE).
  • Experienced on multi-tiered applications using IBM WebSphere and Data Tier. Has deep understanding of architecture and infrastructure of these applications.
  • Test was performed according to the Authentication Matching Rules and the Authentication Eligibility Verification Rules for ID proofing of taxpayer user for both quality assurance and quality control perspective.
  • Verification of XML flat file for reason to fail to get data from client server application i.e. Business Web Application Server (BWAS).
  • Analyzed and developed different flat files, reports and documents, track defects & performed regression testing to make sure the issues are resolved from quality assurance perspective. Used different tools.

System Consult Analyst - SQA/Mainframe Tester

Confidential, Germantown MD
  • Worked on maintenance & enhancement project of Direct Loan Servicing system on system integrated and system acceptance testing environment. It was student loan system of US Department of education.
  • Performed different types of testing like smoke test, black box test, integration test, regression test, backend test, user acceptance test, parallel test, patch bundle test, web service test.
  • Ran SQL queries to retrieve test data from multiple tables as well validate the data in the database.
  • Analyzed different documents such as detail design document, requirement document, technical documents. And developed test plan, test strategy, test scenarios, test scripts, log files, test result documents, Requirement Verification Traceability Matrix.
  • Back end testing: FTP the data file from test resign to the server, created input files and ran batch job, ran scheduled jobs such as daily/weekly/monthly jobs; created report files and data files, generated fill reports such as borrower history activity report.
  • Worked on different middleware such as CICS, JCL, JSP, CFOL, OLTP, MVC, JBoss, IAM.
  • Management of the defects, documentation management, mapped different business rules, test scenarios, and test scripts and developed requirement traceability matrix (RTM). And support the quality assurance of the application to meet the Confidential standard.
  • Wrote SQL statement to retrieved test data from multiple tables as well as verified & validated data.
  • Created automation test script in IBM Rational Functional Tester by recording the functionalities of each components of the application and re-run the script.
  • Developed PowerPoint presentation of test result documents and presented to the client. And satisfied the client by answering each cross questions related to the application based on the given requirements.
  • Automation by using Rational Functional Tester, used to create test suite, test plan, create test script and run, put the break points and check the object repository for files when error message shows while running the scripts.

Software Test Engineer

Confidential, Washington DC
  • Manual test for Web Application from the client site for different functionalities of the different forms for reservation as well as status reporting form.
  • Analyzed different documents such as requirements, detail design, test scenarios as well as created Test Plan, Test Scenarios, Test Cases/Scripts and reports
  • Logged the defects and created reports as well as closed the defect after the issue had been resolved

Hire Now