CHAITANYA KUMAR

• Conducting regular vulnerability scans using Qualys across the organization's network, applications, and systems.
• Administration of Qualys tools, including configuration, updates, and troubleshooting.
• Automating scanner deployment on AWS infrastructure.

Client: IKEA, Sweden.

• End-to-end security planning and implementation of various security measures and tools.
• Threat modeling of applications, system networks, enterprise distributed networks, etc.
• VAPT of Staging and Production Application.
• Integration of SAST and SCA tools into the CI/CD (Jenkins and GitHub) pipeline.
• Working closely with multiple development teams and QA teams to deliver the highest quality software releases in a timely manner.
• Support the software development team via various CI tools and build systems, identifying opportunities to continuously improve our processes with appropriate automation and reporting.
• Ensuring continuous code quality checks with Black Duck, Polaris, SonarQube, and GHAS.
• Managing GCP cloud security vulnerabilities using Google SCC.

• VAPT of web application, Mobile application, thick client applications and APIs.
• Code Quality/review by using checkmarx tool.
• Integration of SAST tools to various enterprise products.
• QC Analysis of Client provided VAPT reports.
• Tracking of the reported issues and ongoing mitigations.

• Penetration testing of web application, Mobile application, Thick client applications, servers and network devices.
• Infrastructure Vulnerability Management using Tenable Security Centre and Rapid 7 Nexpose (Insight VM).
• DAST of web and mobile applications using automated tools.
• Configuration audit of network devices and security Devices.

Client: Texas Instruments, Bengaluru.

• Project: Penetration Testing and Vulnerability Management.
• Penetration testing of critical web applications, servers, and network devices.
• Infrastructure Vulnerability Management on Tenable Security Center and IO.
• Web application testing using HPE WebInspect and Burp Suite.

• Performed VAPT and Configuration Audit Assessments for the following clients in varying horizons.
• Preparing security test strategy and test cases.
• Analysis the identified vulnerabilities and give appropriate recommendations to patch the vulnerability.
• Web application security Manual and automated testing as per OWASP top 10.

• Client: Cognizant Technology Solution, Noida 135.