Dhanush Chinnappa
Bengaluru
Summary
Adaptable professional with 9.8 years of proven creative thinking, leadership, and multitasking skills. Aiming to leverage my abilities to successfully fill the Information Security Consultant role at your company. Frequently praised as efficient by my peers, I can be relied upon to help your company achieve its goals. Good understanding on Red Teaming, Wireless penetration testing, Thick Client application Security Testing, Web application, Web Service security testing and Network security testing, Web Application Threat modeling, Android Mobile Application security testing, Source code Analysis, DevSecOps.
Experienced with advanced threat detection and mitigation techniques. Utilizes strategic risk management to enhance security frameworks. Track record of implementing robust incident response plans to maintain operational integrity.
Overview
10
10
years of professional experience
1
1
Certification
Work History
Senior Security Specialist
Wipro Technologies
Bengaluru
06.2023 - Current
Client 1: Antivirus Organisation
- Performed Secure Code Analysis on the Web Application, Mobile applications using Checkmarx tool.
- Performed VAPT on Web, Mobile, Thick Client applications.
- Third party library SCA scan using Blackduck and Synk Tool.
- Configured the Checkmarx and Synk tool to CICD pipeline.
Client 2: Banking Industry
- Performed DAST,SAST on Web, Mobile Applications and API.
- Collaborating with Development team to help them fixing the vulnerabilities.
- Leading the team of 5 and helping out with resolving the technical issue with Vulnerability assessment.
- Developed and implemented security protocols enhancing organizational safety and compliance.
Information Security Specialist
Larsen & Turbo Infotech Ltd.
Bengaluru
11.2021 - 06.2023
- Performed Secure Code Analysis on the Web Application, Mobile applications.
- Configured the Fortify SCA and SSC to perform Source code Analysis on web and mobile source code and removed the false positive from the result.
- Worked on Azure DevOps Platform to automate the Source code analysis process. Integrated more than 200+ plus Client’s Web application to Azure DevSecOps Platform with Fortify SSC and SCA.
Technical Lead- Security Consultant
Happiest minds technologies pvt ltd
Bengaluru
04.2019 - 11.2021
- Did Vulnerability Assessment on Thick Client Application, Web application, Web Service, Android Mobile Application Security and Network security, Web Application Threat Modeling.
- Leading the team of 10 and helping out with resolving the technical issue with Vulnerability assessment.
Associate Security Consultant
Cigital Asia Pvt Ltd
Bengaluru
11.2015 - 03.2019
- Did Vulnerability Assessment on Thick Client Application, Web application, Web Service, Android Mobile Application Security and Network security.
- Have hands on experience of Penetration Testing on Web Application.
- Have hands on experience on testing application security as per the guidelines/requirements from OWSAP, SANS.
- Experience in manual testing for web service API’s as well as the business logic testing and finding the root cause of the vulnerability.
- Ability to analyze root cause and deliver strategic recommendations during security review.
- Experience in report read out call with clients
- Have experience of taking internal training session.
- Worked as Technical Oversight, to provide help to assessors in technical problem.
- Created couple of tutorials for internal training for beginner and intermediate level.
- Have experience in working on client-side project.
- Total Years Experience : 9.8
Education
Bachelor of Engineering - computers
Visvesvaraya Technological University
06.2014
Skills
- Web application penetration testing
- Mobile security testing for Android
- Thick client vulnerability assessment
- Vulnerability testing in networks
- Web Application Threat Modeling
- AWS platform experience
- API vulnerability assessment
- Red Teaming and Penetration Testing
- Secure Code Analysis
Certification
- Certified Ethical hacker, EC -Council
- Certified Red Team Analyst (CRTA), Cyberwarfare.
- Certified Red Team professional (CRTP), Altered-Security
Tools
- Web Application Penetration Testing Tools: HCL APP SCAN, Rapid 7 AppSpider, Burp Suite, Dominator, OWASP Zap, Postman, SOAP Client, SQLmap, Nikto, Netspraker, Qualys Web Scanning tool, Fortify DAST Scanner.
- Secure Code Analysis: Fortify SSC, Fortify SCA.
- DevSecOps: Azure DevOps Platform.
- Mobile Penetration Testing Tool: APK tool, dex2jar, Burp Suite, Android Studio, Creta, Frida, Xposed, MobSF, JD-GUI, JADX, GHIDRA.
- Network Penetration Testing Tool: Nmap, Nessus, Rapid 7 Nexpose, Wireshark, Metasploit, Advance IP Scanner, Curl, TestSSLServer, Sslyze, OpenSSL, Enum4linux, smbclient, smbmap
- Wifi Penetration Testing: Wifi Pineapple tetra, Airmon-ng, Aireplay-ng, Evil-Portal, Aircrack-ng etc
- Thick Client Vulnerability Assessment: Echo Mirage, Burp Suite, Wireshark, Java Snoop, WinHex, Process Monitor.
- Red Teaming: NMAP, Recon-tools, Burp Suite, Powerview, Mimikatz.
Timeline
Senior Security Specialist
Wipro Technologies
06.2023 - Current
Information Security Specialist
Larsen & Turbo Infotech Ltd.
11.2021 - 06.2023
Technical Lead- Security Consultant
Happiest minds technologies pvt ltd
04.2019 - 11.2021
Associate Security Consultant
Cigital Asia Pvt Ltd
11.2015 - 03.2019
Bachelor of Engineering - computers
Visvesvaraya Technological University