Work Preference
Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Timeline
Generic
Archana Verma
Open To Work

Archana Verma

Senior Technical Specialist - Product Security Lead
Bangalore

Work Preference

Job Search Status

Open to work
Desired start date: Open to discussion

Desired Job Title

Senior Technical Specialist (Product Security Lead)Associate ArchitectTest Lead-SoftwareSenior ConsultantSenior QA Engineer

Work Type

Full Time

Location Preference

HybridRemoteOn-Site
Location: Bangalore, IN
Open to relocation: Yes

Salary Range

3900000/yr - 4500000/yr

Important To Me

Company CultureCareer advancementWork-life balanceFlexible work hoursWork from home optionPersonal development programsHealthcare benefitsPaid time offTeam Building / Company RetreatsPaid sick leave401k matchStock Options / Equity / Profit Sharing4-day work week

Summary

Up-to-date with changes in technology & business implications / applications of new technologies aspire to yearn my career of 16 Years in Software Testing, Product Security and Privacy, Performance testing within IT Domain with abilities to generate innovative ideas and integrate them into desired results offering my key strengths comprising as ability to ensure a quality management system enforces the required standards of security and safety, legality, quality, compliance and performance of products. I have a proven track record of hiring and developing individual to become high performance team members. Handled effective communication in terms of providing the vision and insight needed to be able to influence and provide strategic and capital decisions to senior managers. Being an experienced professional, she can optimize internal processes for maximum efficiency.

Overview

16
16
years of professional experience
3
3
Certifications

Work History

Senior Technical Specialist (Product Security Lead)

Nokia
08.2022 - Current
  • Defining and managing the AI-based security and privacy management of Fixed Network Insights products deployed in on-premises, hosted GCP, and SaaS variants. Actively involved in different security evaluations of cyber risks, privacy evaluations and compliance, and developing and implementing security and privacy across the product line for different customers. Supports different product teams, management, and customers for effective product security solutions.
  • Roles and Responsibilities.
  • Developed and enforced robust security policies and procedures to safeguard the confidentiality, integrity, and availability of Nokia’s data and assets.
  • Conducted security testing on AI LLM models used in FNI, including Gemini 1.5, and contributed to exploring vulnerabilities in LLM models.
  • Conducted comprehensive risk assessments to identify and evaluate potential security threats, subsequently devising effective mitigation strategies.
  • Managed and resolved various security incidents, including cyber-attacks, data breaches, and physical security violations.
  • Oversaw and supported security and development teams, providing necessary resources, training, and guidance for optimal performance by using different AI tools, i.e., Cursor AI.
  • Ensured privacy and compliance management across all products and operations, aligning with global regulatory standards.
  • Implemented and validated industry-leading security and privacy best practices, including:
  • System hardening and risk assessments Compliance with GDPR, UK, and China regulations - Privacy Impact Assessments (PIA) and personal data inventories.
  • Data protection impact assessments (DPIAs) and privacy risk evaluations - Spider chart analysis for security performance visualization
  • Secure code analysis and security threat risk analysis - Penetration testing, robustness testing, and network security assessments
  • Web vulnerability testing, OS image security testing, and database security testing

Associate Architect

Dover Corporation
12.2020 - 08.2022
  • Contributing to the security management of multiple Dover products and applications. Actively involved in different security evaluations of cyber risks, faults in existing security strategies, and developing and implementing security solutions across different OPCOs. Supports different product teams, management, and OPCOs team for effective product deliveries.
  • Roles and Responsibilities
  • Developing efficient strategies to protect the system, the networking infrastructure, data, and information systems against potential cyber risks.
  • Routinely create and perform threat analysis on various products, and publish the report with management.
  • Defining and updating cybersecurity criteria and validation procedures.
  • Worked on assessing the potential impact of vulnerabilities on their assets, and helped determine proper mitigating controls.
  • In-depth understanding of business requirements and work to define appropriate remediation solutions and technologies to meet business needs.
  • Extensively worked on researching new strategic tools and processes to enhance and advance our vulnerability management program and operations.
  • Managing meetings with other product teams to address safety problems.
  • Estimating and categorizing security issues for different product teams.
  • Perform OSLV scans on different products, create a technical report relating to the tests performed, and share it with different product teams and management.
  • Giving professional suggestions and guidance to new team members, and supporting them to learn security tools.
  • Identifying, developing, and implementing security solutions to meet the needs of Dover Products.

Test Lead-Software

Carl Zeiss
10.2013 - 12.2020
  • Leading and managing quality management across multiple medical products, ranging from platforms, APIs, mobile and web applications, and working closely with different product teams, management, and QA teams for effective product deliveries.
  • Roles and Responsibilities
  • Ensuring continuous improvement within the quality control systems and culture.
  • Reporting results and project updates to senior management.
  • Effectively worked with a cross-functional team and traveled for project transitions.
  • Implementing the quality management system and adhering to the quality management guidelines.
  • Extensively worked on agile methodologies. SDLC and STLC.
  • Expert in product management, requirement gathering, test planning, test strategies, creation of traceability matrix and gap analysis report, test estimation, resource allocation, resource training, budgeting, conflict management, and created and published team dashboard.
  • Created and worked on functional and non-functional requirements for different products, along with the product team. Immensely worked on security and performance requirements, tool analysis, and implementation.
  • Making sure that products meet the standard quality and product requirements according to legal and customers' requirements.
  • Meeting with the cross-functional product team and handling change requests and escalations.
  • Liaising with QA and QMS teams to implement process improvements to achieve effective product deliveries.
  • Making sure that the quality standards are clearly set up, and are communicated within the team.
  • Benchmarking and monitoring expectations as they apply to individual contributors.
  • Worked on planning a designing of automation framework. i.e., hybrid model, data-driven framework, and BDD.
  • Worked on ASP.NET, C#, C++, Linux, JavaScript, SQL Server 2008 R2, SQLite, and Prism.
  • Experienced in software engineering processes and Windows technologies.
  • Worked on TestComplete, JMeter, REST APIs, test planning, test creation, test execution, test results reporting, and test automation using Core Java, Selenium, TestNG, REST Assured, and Maven (basic).
  • Handling the product security and application security of different Zeiss products.
  • Extensively worked on business requirements, and worked to define appropriate remediation solutions and technologies to meet business needs.
  • Explore and implement new strategic tools and processes to enhance and advance our vulnerability management program and operations.
  • Worked on Burp Suite, AppScan, Nmap, and Wireshark.
  • Hands-on experience in requirement engineering, design, and implementation of complex projects.
  • Conducted secure product reviews, leveraging both automated (i.e., SAST, DAST, SCA, etc.). Manual activities (penetration testing)
  • In-depth knowledge in vulnerability remediation for host, web, and cloud environments.
  • Hands-on experience in working with Azure DevOps, TFS, DOORS, and ALM 11.0 for requirements, build and releases, defect tracking and closure, and reporting.
  • Worked on testing tools (i.e. Gherkin, JMeter, Fiddler, Postman, and AppScan.
  • Worked on standards, healthcare standards (i.e., DICOM, HL7) and PACS

Senior Consultant

Capgemini
08.2011 - 10.2013
  • Leading and managing the BI and ETL QA team for client Praxair, USA. I was managing the end-to-end deliverables of the Praxair report tracking system and data warehouse based on Cognos reports, SSIS packages, and ETL tools, which include different subject areas, i.e., Drivers, Gauge Reading, deliverables, etc. Each subject area consists of different internal reports that are generated from data fetched from different tables of the DataMart.
  • Roles and Responsibilities
  • Handled client management for multiple projects. Project management, budgeting, resource allocation, procedural control, and process improvements.
  • Implementing the quality management system, I reported the project updates to senior management and clients on daily and weekly calls.
  • Worked on requirement gathering, direct client interaction regarding requirement and involved in client call and technical discussion.
  • Experienced in Agile development process, sprint planning, conducted daily standup team calls and ensured the implementation of continuous process improvement within the quality team.
  • Created and implemented on security requirements on various cognos dashboards, data management and product lines.
  • Extensively Cognos functionality, ETL Design, Data model design and database Testing and supporting the team with queries.
  • Created and worked on functional and non-functional requirements for different.
  • Worked on secure product reviews leveraging both automated (i.e. SAST, DAST, SCA, etc.) & manual activities (Penetration Testing)
  • Product along with product team. Immensely worked on security and performance requirements, tool analysis and implementation.
  • Worked on Burp suite and App Scan.
  • Expert in requirement gathering, test planning, test strategies, creation of traceability matrix and gap analysis report, test estimation, resources allocation, resources training, conflict management, created and published team dashboard.
  • Extensively worked on different testing practices specifically Smoke, Integration, system, accessibility, compatibility, security and performance tests.
  • Benchmarking & monitoring expectations as they apply to individual contributors.
  • Exposed to tools & technologies for instance ALM, JMeter, Microsoft technologies like ASP.net, VB.net, SQL 2005, Web applications, sql server 2008 R2 and IBM Cognos.
  • Involved in the Client interaction via WebEx to analyze the customer concerns, point of view on product and proposed enhancement.

Senior QA Engineer

Photon Infotech Pvt Ltd
02.2010 - 07.2011
  • Leading, contributing, and managing multiple projects and clients. Handled and worked with multiple QA, audit, and NFR teams for clients like Contributing and Colman, Johnson & Johnson, USA, Amazon, Cisco, Bupa Project Details, Listerine, and Listerine Kids (Migration), Vistakon eVantage (Migration), Zappos (Mobile Shopping), SVM, CD, ADA, IMDA, and ADA.
  • Roles and Responsibilities
  • Making QA operations and processes better through the smart use of IT, technologies, and innovations.
  • Handled client management for multiple projects. Project management, budgeting, resource allocation, resource training, and process improvements.
  • Expert in simulator, iPhone, Android, and web application testing.
  • Implementing the quality management system, reported the project updates to senior management and clients on daily and weekly calls.
  • Provided demo to clients, management and closely worked with product teams of different clients. involved in requirement gathering along with BA, client direct interaction regarding requirements and involved in client call and technical discussion.
  • Worked on secure product reviews leveraging both automated (i.e. SAST, DAST, SCA, etc.) & manual activities (Penetration Testing)
  • Experienced in Agile development process, sprint planning, conducted daily standup team calls and ensured the implementation of continuous process improvement within the quality team.
  • Worked and Managed NFRs especially in terms of security and performance testing of different products and applications.
  • Created and worked on functional, localization and non-functional requirements for different products along with product team. Immensely worked on security and performance requirements, tool analysis and implementation.
  • Expert in requirement gathering, test planning, test strategies, creation of traceability matrix and gap analysis report, test estimation, resources allocation, budgeting, resources training, conflict management, created and published team dashboard.
  • Extensively worked on different testing practices specifically Smoke, Integration, system, accessibility, compatibility, security and performance tests for web and mobile applications. Exposed to tools & technologies for instance ALM, JMeter, Simulator and mobile apps
  • Worked on Burp suite, Postman

Engineer QA

Artech Infosystems
02.2010 - 07.2010
  • McAfee is redesigning its new website to support its business needs as per recent updating technologies. This project basically deals with TeamSite, website redesigning, staging phases, CMS, and GMS pages redesigning. Most of it is about McAfee products and the services they provide to their clients and customers. The project follows agile methodologies.
  • Roles and Responsibilities
  • Making QA operations and processes better through the smart use of IT. Communicating and influencing at all levels.
  • Performed secure product reviews, leveraging both automated (i.e., SAST, DAST, SCA, etc.). Manual activities (penetration testing)
  • Ensure that all staff are appropriately trained to meet the job-specific requirements of their role.
  • To perform functionality, usability, regression, database, and exploratory testing on different applications that support McAfee products.
  • Worked on web-based applications and their testing.
  • Performed security testing on the McAfee web application.
  • Worked on Soap API testing, writing SQL queries using SQL Toad.
  • Performed verification on both Marketing Changes and Business Changes on all the McAfee portals.
  • Exposure to TeamSite functionality, GMS, and CMS pages testing.
  • Extensively worked on Smoke, Ad hoc, Integration, Recovery Testing, and System Testing.
  • Worked on testing experience with Microsoft technologies, such as ASP.NET, VB.NET, SQL 2005, and web applications.
  • Hands-on experience in regression, accessibility, and compatibility testing for different McAfee portals.
  • Exposure to security testing and data protection.
  • Understanding requirements, creation of test scenarios, test cases, traceability matrix, and performing gap analysis, test estimation, resources, and published team dashboard.
  • Extensively worked on different testing practices, specifically smoke, integration, system, accessibility, compatibility, security, and performance tests for web and mobile applications. Exposed to tools and technologies, for instance, ALM, JMeter, Simulator, and mobile apps.
  • Worked on Burp Suite, Postman.
  • Worked on performance fine-tuning, load/stress testing using LoadRunner.

Education

Master of Computer Application - Computers

IGNOU
01-2007

Bachelor of Engineering - Electronics & Communication

I.E.T Khandari
Agra, UP
01-2006

Bachelor of Science - Life Sciences

Agra College
Agra, UP
01-2002

Skills

Worked on AI Tools, Threat Modeling, Visio, Static code analysis, Product and Application Security Testing, Pen Testing, Security Hardening, Docker Image Scanning, Malware Scanning, WAF, and Cloud security testing for on-premises, hosted and SAAS solutions, PKI & CA Certificates

Extensively worked on PIA, PDI, Privacy risk assessment and participated in security/privacy audits and reviews

Extensively Use AI tools like Microsoft copilot, Cursor AI and others for security enhancements

Conducted Security and Privacy awareness sessions and training

Knowledge and Experience with legal, security, privacy and regulatory compliance standards such as ISO 27001, ISO 9001, ISO 62304, ISO 13485, ISO 14971, PCI- DSS, SOC2, HIPPA, MDR, NIST, GDPR, UK TSR etc

Extensively worked on BFSI (Domain) for Insurance, Mobile devices, medical device and Healthcare, Financial, Retail, Data warehousing Projects, IOT devices and cloud computing Projects

CI/CD pipeline, GCP, Azure

Accomplishments

  • Step-up Award from Fixed Network Insights team (Nokia) from Saravanan Thangavel. Thanks for your significant key contribution for SAAS development which will be one of the significant milestones for product growth and supported by you every time is really appreciated.
  • Fearless Award for PSL in action from Gururajesh Elango. Thanks Archana for jumping into PSL role and performing all the needed stuffs to ensure the product milestones are achieved along with the security requirements done.
  • Awarded for Celebrating Everyday Excellence at Nokia has received from Hanlon-Rodemich
  • VR One Contest Winner Issued by Carl Zeiss Aug 2015Issued by Carl Zeiss Aug 2015 for VR One Contest (Innovation & Digitalization)-Most Liked idea on using VR One as a smartphone App for Physically Challenged One Contest (Innovation & Digitalization)-Most Liked idea on using VR One as a smartphone App for Physically Challenged.
  • Project Award Issued by Carl Zeiss Jun 2014 Valuable contribution from ZEISS Medical Technology to the growth of Centre of Application and Research India for Generic Device Project.
  • Project Star Award issued by Capgemini Dec 2012 for outstanding performance and lasting contribution in Praxair_Logistics_R5.R6 REM

Certification

ISTQB and CEH certified

Timeline

Senior Technical Specialist (Product Security Lead)

Nokia
08.2022 - Current

Associate Architect

Dover Corporation
12.2020 - 08.2022

Test Lead-Software

Carl Zeiss
10.2013 - 12.2020

Senior Consultant

Capgemini
08.2011 - 10.2013

Senior QA Engineer

Photon Infotech Pvt Ltd
02.2010 - 07.2011

Engineer QA

Artech Infosystems
02.2010 - 07.2010

Bachelor of Engineering - Electronics & Communication

I.E.T Khandari

Bachelor of Science - Life Sciences

Agra College

Master of Computer Application - Computers

IGNOU

Similar Profiles

  • Rahul SuraparajuRahul Suraparaju

    Architect at Konica MinoltaArchitect at Konica Minolta

  • M Shoeb RaihanM Shoeb Raihan

    Senior Cyber Security Manager at Western Sydney international AirportSenior Cyber Security Manager at Western Sydney international Airport

  • Emmanuel EzeEmmanuel Eze

    Senior Cloud Security / Infrastructure Engineer at OFWATSenior Cloud Security / Infrastructure Engineer at OFWAT

  • John KayJohn Kay

    Senior Manager/Technical Lead – Risk Advisory – Detect and Respond at Deloitte Canada Inc.Senior Manager/Technical Lead – Risk Advisory – Detect and Respond at Deloitte Canada Inc.

CREATE PROFILE
Archana VermaSenior Technical Specialist - Product Security Lead