Senior Security Engineer/security Architect Resume
2.00/5 (Submit Your Rating)
Denver, CO
SUMMARY:
Highly - accomplished, visionary and innovative Application Security Architect/Engineer with 12 successful years of enterprise security experience implementing architecture, strategies, standards, controls and guidelines for security technologies and solutions.
TECHNICAL SKILLS:
- Expertise in evaluating and applying new and emerging security technologies and solutions.
- Hands on experience with design and code reviews of C#, ASP.NET, Java, HTML, CSS, Oracle, SQL, PowerShell, Perl, Python, C++ and other languages and identifications of code logic flaws.
- Proficiency in handling application, network and system level attacks and mitigation methods.
- Skilled in application vulnerability assessment using SAST and DAST testing tools such as HP Fortify, Checkmarx, Web Inspect, Burp Suite, Wireshake, Qualys, NMAP, etc.
- Experience with training development teams on writing secure code, methods of identifying and fixing vulnerabilities, and security strategies that minimize risk.
- Specialized in pen test techniques in Windows, Linux and Mobile platform applications using manual and tool techniques - Certified Ethical Hacker(CEH).
- Knowledge of threat modeling or other risk identification techniques.
- Thorough understanding of Networking Protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.), Firewalls, IDS/IPS, Proxy and VPN.
- Security development experience using C#, ASP.NET, Java, Oracle, SQL, etc.
- Security and automation scripting experience using PowerShell, Perl and Python.
- Experience with PCI DSS compliance standards and controls.
WORK EXPERIENCE:
Confidential, Denver, CO
Senior Security Engineer/Security Architect
Responsibilities:
- Made recommendations and participated in the development of security policies and procedures.
- Conducted security BRD, design and code reviews including Secure SSDLC requirements throughout the development lifecycle.
- Implemented secure development practices into SDLC (SSDLC) with agile application development methodology.
- Led application security reviews and assessments and remediated any identified vulnerabilities including OWASP Top 10, SANS 25, PEN tests and SSDLC findings.
- Employed an enterprise-wide application assessment scanning automation solutions using security assessments tools such as Checkmarx, Burp Suite, Qualys, etc.
- Prepared a risk report for each threat modeling assessment listing out attack surfaces, threats, flaws and providing remediation guidance.
- Specialized as a SME for web application vulnerabilities and business logic flaws and threats.
- Worked with product owners, developers, penetration testers and other security architects on efforts to mitigate identified risks in existing products.
- Programmed security controls such as session management, strong password policy, recapture, mutual authentication, inquiry logging, etc., as well as vulnerability remediation solutions.
- Scripted security remediation and automation solutions.
Confidential, St Petersburg, FL
Application Security Architect
Responsibilities:
- Implemented secure software development practices and frameworks.
- Performed application security assessments including architecture review and code review.
- Remediated vulnerability in the application, system and network which included PEN tests and SSDLC findings.
- Trained application teams on secure coding practices and the usage of security tools.
- Created security scripts using Python, Perl and Power Shell for automotive security processes and vulnerability remediation solutions.
- Worked with developers, engineers, subject matter experts and stakeholders to develop practical and well-understood standards and milestones for secure application development.
Confidential, Hopkinton, MA
Senior Security Engineer/Architect
Responsibilities:
- Implemented security and best practice standards.
- Participated in secure development lifecycle activities and process assessments.
- Conducted sophisticated security code reviews of applications.
- Led security assessments using white box and black box techniques.
- Automated application security scanning tools such as HP Web Inspect and Fortify.
- Developed security automation and figure printing tool.
Confidential
Software Security Engineer
Responsibilities:
- Performed application security assessments including architecture review, code review and penetration testing.
- Conducted application vulnerability assessments using security tools to evaluate attack vectors, identify vulnerabilities and develop remediation plans and security procedures.
- Remediated vulnerability in the application system and network which include PEN test and SSDLC findings.
- Developed vulnerability management tool and web applications using C#.NET.ASP.NET, Java and SQL server.
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
