Raghavendra Reddy P

Application security program management, Web & API Penetration Testing, DAST, Third-Party Vendor Management, AI Pentesting, Security Process automation, Remediation calls. Responsibilities included:

• Managing end-to-end application security assessment program using automated and manual approaches.
• Conducting Pentesting on enterprise applications by collaborating with external or internal pen testers, coordinating since planning, resource allocation until debriefing and closure.
• Working with external vendors to ensure timely delivery of application Pentests on enterprise applications that require security assessments through a third party.
• Collaborating with leaders of Business Units and Corporate Functions to ensure the development teams are remediating vulnerabilities identified during Pentests.
• Performing Pentest on D&B enterprise applications
• Working with internal team members on innovative ideas and automations to improve existing security process
• Working with security champions across Business Units and Corporate Functions to spread awareness and guide development teams to implement Security Best practices.

• Lead & Monitor a in house pentest team. Responsible for delivery of security assessments at offshore.
• Overlooking scoping, testing requirement gathering and resource allocation.
• Reviewing the deliverables to ensure timely delivery with quality.
• Perform and review technical security assessments of enterprise Web, Mobile apps and APIs to identify points of vulnerability and non-compliance with established information security standards.
• Perform Dynamic Application Security Testing using tools like AppScan, WebInspect, BurpSuite and provided results and recommendations to senior management or product owners.
• Develop, implement, and document security programs and policies
• Work with Application Managers and co-ordinate on Security testing. Co-ordinate, guide Development teams to implement Security Best practices.

• Performed detailed vulnerability assessment and penetration testings on Web applications, APIs and Mobile applications of multiple clients to identify the potential vulnerabilities.
• Conducted Static Application Security Testing on web applications of various clients.
• Provided application security consulting SME Support to developers and assist developers with understanding of security defects and risk.
• De-brief the identified vulnerabilities to respective Stake holders and recommending mitigations to the development team.