Summary
Overview
Work History
Education
Skills
Certification
Disclaimer
Timeline
Generic

Gowthaman Karunakaran

Cyber Security Analyst - Application Security
Kangeyanallore

Summary

  • 8 Years 11 Months of experience in Application Security Testing
  • Experience in Security testing process that includes Requirement gathering, Test planning, Test execution, Analysis and Reporting
  • Strong Hands-on in Web Application DAST, Manual Penetration Testing (MPT), Source Code Review, Web Services Security Testing (API), IoT Static Firmware Analysis, Threat Modelling.
  • Exposure to Mobile Application Penetration, Thick Client Penetration Testing
  • Experienced in conducting Vulnerability Assessment, False Positive Validation and provide appropriate Mitigation Strategies to secure the applications.
  • Proven ability to work efficiently in both independent and team environment.
  • Mentored and groomed trainees/Junior associates on Application Security Domain
  • Managed Team, worked on roadmaps,conducted status calls to get project updates to efficiently run the project.
  • Worked on Business Proposals to understand the Application Posture/Criticality and provide appropriate Assessment Solution to secure the applications.
  • Pioneered in working on Web/ Mobile Application to control IoT Devices and Static analysis of IoT Device Firmwares
  • Participated in internal White Paper Contests and Won Rewards

Overview

9
9
years of professional experience
15
15
years of post-secondary education
2
2
Certifications

Work History

Senior Test Engineer

BNP Paribas Securities Services
05.2023 - Current
  • Successfully conducted Web Application Manual Penetration Testing and API Manual Penetration Testing for the internal application and managed stakeholder expectations by consistently delivering high-quality products that met or exceeded specifications.
  • Managed multiple projects concurrently, maintaining strict deadlines while not sacrificing quality of the assessments.
  • Collaborated with developers to resolve issues and provide recommendations for the vulnerabilities identified during the testing phase
  • Mentored junior test engineers, enhancing their skillsets and overall team performance through On Job internal sessions and Knowledge Sharing Sessions
  • Served as Panelist in Technical Interview Panel and Contributed in Resource Management by leading a team , managing project roadmaps and tracking the project updates.

Security Tester

Tata Consultancy Services
Chennai
05.2021 - 05.2023
  • Understand the Business Flow and Architecture of the application.
  • Identifying the attack surfaces.
  • Perform Manual Penetration Testing on Web Application based on OWASP - ASVS Checklist L1 Items.
  • Report Identified Vulnerabilities.
  • Provide walkthrough on the Report Vulnerabilities to Business Stakeholders.
  • Recommend Best Practices and Mitigation Strategies for securing the Application.
  • Groomed Junior Team Members on Security Testing Approaches and Methods enhancing the Team Performance
  • Served as Panel Member in Technical Interviews.
  • Tools Used: Burp Suite Professional Edition, Cookie manager (Firefox/chrome addon), Developer Tools (Built-in)

Application Security Analyst

Cognizant Technology Solutions
Chennai
06.2016 - 05.2021
  • Understand the Business Flow and Architecture of the application.
  • Identifying the attack surfaces.
  • Perform Security Testing on Mobile Application, Web applications, API and IoT Based Application based on OWASP Top 10 & OWASP Mobile Top 10 2016, IoT OWASP Top 10.
  • Perform False Positive Analysis.
  • Report Generation.
  • Recommend Best Practices for securing the Application.
  • Tools Used: HCL Appscan, Burp Suite, Cookie manager (Firefox/chrome addon), Ready API, JD-GUI, Nmap, Otool, APK Tool, Dex2Jar, iMazing, Binwalk, Firmwalker

Education

Computer Application

Vellore Institute of Technology
Vellore, India
04.2001 - 01.2016

Skills

HCL AppScan

Checkmarx

Veracode

Ready API

Burp suite - Professional

Nmap

undefined

Certification

Certified Ethical Hacker (CEH) - V9

Disclaimer

I hereby declare that all the above mentioned information given by me is true and correct to the best of my knowledge and belief.

Timeline

Senior Test Engineer

BNP Paribas Securities Services
05.2023 - Current

Security Tester

Tata Consultancy Services
05.2021 - 05.2023

Application Security Analyst

Cognizant Technology Solutions
06.2016 - 05.2021

Computer Application

Vellore Institute of Technology
04.2001 - 01.2016
Gowthaman KarunakaranCyber Security Analyst - Application Security