Pranjali Deo
Pune
Summary
Seasoned Security Specialist with 12+ years of IT experience, including over 9 years in Application Security, Cloud Security and 3 years in Web Application Development. Expertise encompasses Web Application Security, Manual Secure Code Review, Vulnerability Assessment, Risk Reviews, Cloud Security and Penetration Testing. Completed certifications such as SANS GWAPT, SANS – GPCS (Public Cloud Security - AWS, Azure and GCP), CEH V 7.1, AWS Solution Architect Associate, and Zend PHP 5.5, with a comprehensive understanding of the OWASP Testing framework and risk assessment techniques. Proven ability to deliver high productivity while ensuring optimal security outcomes through critical thinking and effective communication.
Overview
17
17
years of professional experience
1
1
Certification
Work History
Technology Security Specialist
Accenture Pvt. Ltd.
Pune
08.2021 - Current
- Perform architectural reviews and risk assessments for applications, SaaS applications, APIs, software products, and cloud services from Azure, GCP, and OCI.
- Identify security risks and vulnerabilities in the design stage of the SDLC cycle while working with application architects.
- Design, develop, and recommend security controls based on the security assessment conducted.
- Design and develop industry standards, baselines for Accenture applications, and cloud services.
- Perform application security, mobile application security, and cloud environments (Azure, GCP, OCI) reviews, and document the risks and controls for a variety of stakeholders.
- Define baselines for Application Security, Encryption, Public Key Infrastructure (PKI) environments, DevSecOps, cloud services, etc.
- Developed security policies and procedures for the organization in accordance with industry standards.
- Provided technical support to users on security issues related to application security, encryption, cloud security, etc. And implement protection measures.
- Coordinating with external vendors for the HTTP headers, application security, and cloud security controls.
ISR Senior Analyst
HSBC HSDI
Pune
04.2019 - 08.2021
- Perform automated and manual application security testing of multiple web applications for HSBC
- Conduct manual and automated source code reviews
- Perform security assessment of web services
- Prepare detailed security testing report with PoCs
- Discuss the report with project team & other stakeholders
- Retest the issues fixed by team
- Work with development teams in fixing the issues
- Perform Peer Report review
- Ensure timely delivery of status updates and final reports to clients
- Keep updated on the latest IT Security news, exploits and hacks
Information Security Analyst
Amdocs India
Pune
06.2017 - 04.2019
- Perform automated and manual application security testing of multiple web applications for Amdocs
- Conduct manual and automated source code reviews
- Perform security assessment of web services
- Prepare detailed security testing report with PoCs
- Perform security assessment of internal network with Nessus & NMAP
- Conduct configuration reviews for OS, DB
- Discuss the report with project team & other stakeholders
- Retest the issues fixed by team
- Work with development teams in fixing the issues
- Perform Peer Report review
- Ensure timely delivery of status updates and final reports to clients
- Keep updated on the latest IT Security news, exploits and hacks
Information Security Analyst
Network Intelligence India Pvt. Ltd
Pune
12.2015 - 06.2017
- Conduct vulnerability assessment and penetration testing of Client network, web applications, mobile applications and thick client applications
- Conduct configuration reviews for OS, DB
- Conduct manual and automated source code reviews
- Prepare detailed reports and provide proof of concepts
- Ensure timely delivery of status updates and final reports to clients
- Handle client queries
- Keep updated on the latest IT Security news, exploits and hacks
Software Developer
Ansh Systems Pvt. Ltd
Pune
07.2013 - 12.2015
- Developing ERP application in Zend framework
- Conducted Source code reviews with security and performance perspective
- Analyzing the output from the tools and manually verifying the vulnerabilities to eliminate false positives
- Working closely with development team for fixing the vulnerabilities identified
- Verifying, retesting and ensuring the vulnerabilities identified in security assessments are closed by development teams
- Preparation of weekly reports, monthly reports, process documents
PHP Developer
Agile Technosys
Pune
08.2010 - 11.2011
- Responsible for developing web applications
- Some of the projects mentioned below:
- Developed web applications in PHP and MySql
- Worked on many PHP frameworks like Joomla, Magento, Drupal, Zend etc
- And customized these frameworks according to client requirements
- Worked as a team leader
- Interaction with clients for understanding requirements
- Worked on smarty templates, LMS Framework and Image creation functionalities etc
- Some of the projects on which I worked on are Property Dukaan- Smarty Template, Atutor – LMS Framework, Heroshots Online System- PHP Image creation Functionalities
Trainee Programmer
Netwin Infosolutions
Nasik
10.2009 - 05.2010
- Responsible for developing web applications:
- Developed web applications in PHP and MySql
- Worked on many PHP frameworks like Joomla, Magento, Drupal, Zend etc
- And customized these frameworks according to client requirements
- Worked on many small projects and also PHP frameworks
- Some of the projects on which I worked on are Labamo- Magento Framework, Nexus Facilities Management Company – Joomla Framework
Lecturer
K.K.Wagh Polytechnic
Nasik
08.2007 - 05.2008
- Teaching and mentoring Network Management, Object Oriented Development Analysis and design, Data Structure etc subjects to Diploma Students in college
Education
B. E. - Information Technology
North Maharashtra University
01.2007
Skills
- Risk Assessment Reviews
- Establishing Cloud Service Controls
- Code Review and Analysis
- Application security testing (Web, Thick client) and Encryption Security
- Application and Cloud Security Architecture
- Mobile app security testing and Network Security
- Web application development and scripting
- Web Services/API security testing
Certification
- SANS - GPCS (GIAC Public Cloud Security – AWS, Azure, GCP), 07/01/23
- SANS – GWAPT, 11/01/22
- CompTIA Sec+, 04/01/22
- AWS Solution Architect – Associate, 06/01/21
- CEH (Certified Ethical Hacker), 01/01/13
- ZCE PHP-5.5 (Zend Certified Engineer - PHP 5.5), 01/01/13
- DevOps Plus Certification from Cognixia, 12/01/18
Languages
- English
- Hindi
- Marathi
Extracurricular Activities
Successfully Completed Mentorship in Mentor-Mentee 6 weeks program organized by InfoSecGirls Community. Participated in many Infosec Awareness Campings.
Personal Information
Marital Status: Married
Passportvalidtill
12/31/31
Timeline
Technology Security Specialist
Accenture Pvt. Ltd.
08.2021 - Current
ISR Senior Analyst
HSBC HSDI
04.2019 - 08.2021
Information Security Analyst
Amdocs India
06.2017 - 04.2019
Information Security Analyst
Network Intelligence India Pvt. Ltd
12.2015 - 06.2017
Software Developer
Ansh Systems Pvt. Ltd
07.2013 - 12.2015
PHP Developer
Agile Technosys
08.2010 - 11.2011
Trainee Programmer
Netwin Infosolutions
10.2009 - 05.2010
Lecturer
K.K.Wagh Polytechnic
08.2007 - 05.2008
- SANS - GPCS (GIAC Public Cloud Security – AWS, Azure, GCP), 07/01/23
- SANS – GWAPT, 11/01/22
- CompTIA Sec+, 04/01/22
- AWS Solution Architect – Associate, 06/01/21
- CEH (Certified Ethical Hacker), 01/01/13
- ZCE PHP-5.5 (Zend Certified Engineer - PHP 5.5), 01/01/13
- DevOps Plus Certification from Cognixia, 12/01/18
B. E. - Information Technology
North Maharashtra University
Similar Profiles
K. Swetha VallikaK. Swetha Vallika
Project Manager at Accenture Pvt. Ltd.Project Manager at Accenture Pvt. Ltd.
MANSI JAINMANSI JAIN
NA at Accenture Pvt. Ltd.NA at Accenture Pvt. Ltd.
Purva BhesaniyaPurva Bhesaniya
Security Delivery Associate at Accenture Pvt. Ltd.Security Delivery Associate at Accenture Pvt. Ltd.