8 Years 11 Months of experience in Application Security Testing
Experience in Security testing process that includes Requirement gathering, Test planning, Test execution, Analysis and Reporting
Strong Hands-on in Web Application DAST, Manual Penetration Testing (MPT), Source Code Review, Web Services Security Testing (API), IoT Static Firmware Analysis, Threat Modelling.
Exposure to Mobile Application Penetration, Thick Client Penetration Testing
Experienced in conducting Vulnerability Assessment, False Positive Validation and provide appropriate Mitigation Strategies to secure the applications.
Proven ability to work efficiently in both independent and team environment.
Mentored and groomed trainees/Junior associates on Application Security Domain
Managed Team, worked on roadmaps,conducted status calls to get project updates to efficiently run the project.
Worked on Business Proposals to understand the Application Posture/Criticality and provide appropriate Assessment Solution to secure the applications.
Pioneered in working on Web/ Mobile Application to control IoT Devices and Static analysis of IoT Device Firmwares
Participated in internal White Paper Contests and Won Rewards
Overview
9
9
years of professional experience
15
15
years of post-secondary education
2
2
Certifications
Work History
Senior Test Engineer
BNP Paribas Securities Services
05.2023 - Current
Successfully conducted Web Application Manual Penetration Testing and API Manual Penetration Testing for the internal application and managed stakeholder expectations by consistently delivering high-quality products that met or exceeded specifications.
Managed multiple projects concurrently, maintaining strict deadlines while not sacrificing quality of the assessments.
Collaborated with developers to resolve issues and provide recommendations for the vulnerabilities identified during the testing phase
Mentored junior test engineers, enhancing their skillsets and overall team performance through On Job internal sessions and Knowledge Sharing Sessions
Served as Panelist in Technical Interview Panel and Contributed in Resource Management by leading a team , managing project roadmaps and tracking the project updates.
Security Tester
Tata Consultancy Services
Chennai
05.2021 - 05.2023
Understand the Business Flow and Architecture of the application.
Identifying the attack surfaces.
Perform Manual Penetration Testing on Web Application based on OWASP - ASVS Checklist L1 Items.
Report Identified Vulnerabilities.
Provide walkthrough on the Report Vulnerabilities to Business Stakeholders.
Recommend Best Practices and Mitigation Strategies for securing the Application.
Groomed Junior Team Members on Security Testing Approaches and Methods enhancing the Team Performance
Served as Panel Member in Technical Interviews.
Tools Used: Burp Suite Professional Edition, Cookie manager (Firefox/chrome addon), Developer Tools (Built-in)
Application Security Analyst
Cognizant Technology Solutions
Chennai
06.2016 - 05.2021
Understand the Business Flow and Architecture of the application.
Identifying the attack surfaces.
Perform Security Testing on Mobile Application, Web applications, API and IoT Based Application based on OWASP Top 10 & OWASP Mobile Top 10 2016, IoT OWASP Top 10.
Perform False Positive Analysis.
Report Generation.
Recommend Best Practices for securing the Application.