Web Application Audit/penetration Tester Resume
4.00/5 (Submit Your Rating)
SUMMARY
- 6+ years of experience in Security (Network and Application), SIEM Solution, Incident handling (Includes log analysis of network logs), auditing and penetration testing of (Web based applications, android applications).
TECHNICAL SKILLS
Information Security: ArcSight ESM & Express, ArcSight Logger, Connector Appliance
Web Technologies: HTML, Javascript
Database: ORACLE, MS SQL SERVER, MySQL
Webserver: Apache
Operating Systems: Windows XP/VISTA/10, Linux (Medium level)
Security Tools: Nmap scripts, Skipfish Nmap, Metasploit, sqlmap, nikto, netcat, wget, Wireshark, burpsuite, Python Scripts
PROFESSIONAL EXPERIENCE
Confidential
Web Application Audit/Penetration Tester
Responsibilities:
- Application security audit of critical and non - critical web applications which Include platform type’s asp, Asp.Net, VB, Java applications, PHP, CMS based Applications.
- Security testing of web applications for vulnerabilities list of OWASP Top 10 and exploitation - Ethical Hacking.
- Utilized automated tools such as Metasploit for reducing the attack surface / during the audit process.
- Worked on Information gathering, Reconnaissance, Vulnerability analysis, Exploitation and Reporting.
- Conducted Penetration Tests and server configuration Audits for several web applications of National Informatics Centre (Government Organization for hosting needs consists of more than 10,000 websites).
- Presentation of vulnerabilities and exploits.
- Risk analysis and proposing recommendations/countermeasures.
- Practice Development: Preparation & review of baseline documents (Checklist, Methodology, reports).
- Scoping, Requirement Capturing, Audit Reviews & threat mitigation.
Confidential
SIEM Administration and Management
Responsibilities:
- Ensure application/OS is updated with patches & bug fixes when released by OEMs.
- Resolve all hardware and software issues related to Arcsight and its sub systems by coordinating with OEM (if required). Liaise with Backend support team.
- Creation of new SIEM dashboards, rules &reports as demanded by NICNET Users.
- Monitor integrated log sources for discontinuity and troubleshoot with required teams towards resolution.
- Doing preventive checks and giving suggestions to ensure minimal down time.
- Review monthly and quarterly SOC SLA reports to NIC.
- Coordinate and provide expertise for developing flex connector for SIEM unsupported log sources.
- Monitor of all the NICNET assets and alerting the concerned security teams for any real or suspected security incident.
- Analysis of real-time& archived logs of all the firewalls (network & application) and IPS sensors of NIC HQ.
- Regular scanning of NIC network for open ports/vulnerabilities and taking the corrective measures.
- Initiating remedial steps such as blocking at the firewall /gateway level for abnormal activity in the network.
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
