EXECUTIVE SUMMARY:

• Overall 6+ years of experience in IT and 3+ years of experience in Web Application Security/Penetration Tester on Vulnerability Assessment. Expertise in performing Application Security risk assessments throughout the SDLC cycle. Performed Application security which includes Application Security design, review, testing and remediation.
• Experience on manual penetration testing, application security, patch and vulnerability assessment.
• Experience in automated testing using various tools like Acunetix.
• Knowledge in various web app scanning tools e.g. Burp Suite, Web Inspect and IBM AppScan
• Experience in penetration testing, generating reports, SQL Injection XSS and major OWASP Top 10 hacking protection technique
• Analyze & implements security specific solutions for improving the security level in terms of operational security and risk management.
• Responsible for managing all aspects of the Vulnerability Risk Management Program including vulnerability identification, analysis, remediation coordination and reporting.
• Knowledge on NIST, HIPPA, PCI and proactive vulnerability detection.
• Knowledge on network security such as DNS, TCP/IP, IDS/IPS, Routing Active Directory and IOS devices.
• Involved in Security Development Life Cycle (SDLC) to ensure security controls are in place.
• Implemented and maintained firewall for preventive measures and being compliant with laws and regulations.
• Good team player and ability to learn the concepts effectively and efficiently.
• Ability to work in large and small teams as well as independently.

TECHNICAL SKILLS:

Automated Test Tools: Acunetix, QTP, Selenium IDE

Bug Reporting Tools: ALM/Quality Center, Jira

Database Systems: SQL Server, IBM Data Studio, Oracle SQL Developer

MS: Office (Word, Excel, PowerPoint, and Outlook), SharePoint

Operating System: Windows 2008/2010/Vista/XP/2000/98/95, Linux, SOAP UI

WORK EXPERIENCE:

Confidential - Hartford, CT

Application Security Engineer

Responsibilities:

• Performing vulnerability assessment and penetration testing on enterprise application and recommending mitigations to the development team.
• Acquainted with various approaches to Grey & Black box security testing.
• Proficient in application level vulnerabilities like XSS, SQL Injection, CSRF, authentication flaws etc.
• Conducting Web Application Vulnerability Assessment & Threat Modeling, secure code review on the applications.
• Skilled using Acunetix scanner for web application penetration tests.
• Generated and presented reports on Security vulnerabilities to both internal and external customers.
• Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Authentication, Authorization.
• Vulnerability assessment of various web applications used in the Manual testing using Emulators and Handheld Devices.
• Assisting customer in understanding risk and threat level associated with vulnerability so that customer may or may not accept risk with respect to business criticality
• Assisting in review of business solution architectures from security point of view which helps avoiding security related issues/threats at the early stage of project.
• Update with the new hackings and latest vulnerabilities to ensure no such loopholes are present in the existing System.

Environment: Application level vulnerabilities, SQL Injection, XSS, Automated Testing Vulnerability Management, OWASP TOP 10

Confidential - Mayfield, OH

Quality Assurance Analyst

Responsibilities:

• Analyzed the user requirements and functional specifications to develop Test cases to cover overall QA testing based on requirements.
• Involved in complete SDLC Methodology.
• Involved in meetings with the Development team and SME to understand the Business Requirement Document workflow of the application and created Test Data for various Test Cases.
• Worked closely with SME to understand the workflow and executed Manual Test cases as part of Regression suite in ALM.
• Verifying a token is being passed from all the Web Services and WCF Services by performing Manual Testing using Netmon Tool and executing Test Cases in ALM.
• Wrote and executed SQL queries using SQL Server.
• Provided weekly status report that included Testing Metrics to stakeholders.
• Prepared detailed Test Plans and Test Cases for Functional, System, Regression and Unit Testing using ALM. Also involved in importing the Test Cases into ALM from MS Excel.
• Performed Functional and Regression testing by using Quick Test Professional (QTP); Performed Regression testing by using various checkpoints.
• Generated weekly Status Reports to the Team Manager & participated in weekly status meeting with Team Members, Team Manager & Technical Team.
• Logged Bugs/Defects using ALM and performed Regression Testing after rectification from Developers.

Confidential - Mayfield, OH

Quality Assurance Analyst

Responsibilities:

Environment: UFT/QTP, ALM/Quality Center, .NET, MS Office Tools, MS Outlook Express, Web Services, Netmon Tool, SQL Server.

• Worked closely with the development team on day-to-day basis to test and deploy tasks / projects and content in a fast paced, dynamic environment
• Involved in complete SDLC Methodology.
• Analyzed the user requirements and functional specifications to develop Test cases to cover overall QA testing based on requirements.
• Compare IE9 and IE11 page side by side and performed Visual Testing and Black Box Testing.
• Executed SQL queries for Back end testing thru Microsoft SQL Server.
• Provided weekly status report that included Test Metrics to stakeholders.
• Prepared detailed Test Plans and Test Cases for Functional, System and Black Box Testing.
• Performed Smoke, Functional, Black Box and System Testing on IE and IE11.
• Performed Smoke Testing by using the Touch pad to verify the application works fine.
• Performed cross browser testing to ensure compatibility of the application on IE11.
• Generated weekly Status Reports to the Team Manager & participated in weekly status meeting with Team Members, Team Manager & Technical Team.
• Logged Bugs/Defects using ALM and performed Regression Testing after rectification from Developers.
• Worked closely with SME to understand the workflow and executed Manual Test cases as part of Regression suite in ALM.
• Executed full Regression Test Cases Manually and Automation by using the QTP.

Environment: UFT/QTP, ALM/Quality Center, .NET, MS Office Tools, MS Outlook Express, Web Services, Netmon Tool, SQL Server.

Confidential, West Palm Beach, FL

QA Tester/Analyst

Responsibilities:

• Designed test scenarios, test plans and test cases based on the business requirements for the project.
• Executed test cases manually and identified the mismatches
• Performed cross browser testing to ensure compatibility of the application on IE and Netscape
• Participated in bugs and enhancement review meetings
• Participated in problem resolution meetings.
• Created Quick Test pro (QTP) scripts for all the modules
• Reported defects in Test Director and followed through until defects were fixed.
• Performed regression tests after fixing of the bugs.
• Participated in weekly QA meetings.
• Reported to QA manager and Project manager for all the testing update from time to time.
• Executed SQL queries for Back end testing through Quick Test Pro (QTP) and Microsoft SQL Server.

Environment: QTP, Test Director, C++, SQL Server

Confidential - Fort Lauderdale, FL

Quality Assurance Analyst

Responsibilities:

• Worked closely with the development team on day-to-day basis to test and deploy tasks / projects and content in a fast paced, dynamic environment
• Developed test cases and scripts according to product requirements documentation and executed them in order to ensure that deliverables match specifications
• Tested web application for conformance to product specifications and standards to ensure deployment readiness.
• Participated in weekly QA meetings.
• Participated in bugs and enhancement review meetings
• Interacted with various teams across the organization to communicate and facilitate the QA process.
• Provided input for improving testing policies and procedures
• Logged, tracked, managed, and helped to drive the resolution of defects and "live site" bugs

Environment: Quality Center, C++, MS Office Tools, SQL Server