Sunanda Surath

Develop and document processes, procedures, and techniques for WAS Team in accordance with Application Security Standards and OWASP

• Generate executive reports according to management requirements.

Roles and Responsibilities:

· Identifying web application security vulnerabilities by performing scans to identify them in application with automated tools (SAST/DAST) and false positive elimination through manual analysis.

· Web Application vulnerability assessment and penetration testing using various tools like IBM App Scan, Burp suite.

· Performing end-to-end scanning of web applications using IBM Enterprise and IBM Standard tools.

· Performing end-to-end scanning of source code using Veracode tool.

· Preparing proper documentation for reported vulnerabilities and sharing them with Application teams as per request.

· Providing static code analysis (SAST) of applications via Veracode.

• Mentored junior analysts, fostering professional development while enhancing overall team performance.

• Contributed to frontend development of Single Sign-On (SSO) for login authentication using React JS
• Assisted in analysis, development, and testing of Deep links functionality in Authentication app
• Validated client-side server certificate using Spring Boot and React and worked on both frontend and backend
• Implemented LD feature in application
• Configured SSO and addressed client issues using Splunk monitoring tool
• Developed custom UIs using JavaScript, HTML, and CSS to enhance web application functionality
• Conducted unit testing using JUnit and created test data for clients in Mainframe system, with proficiency in TeraData SQL and CBM
• Collaborated within agile team, and familiar with monitoring tools such as Splunk, Kibana, and New Relic
• Proficient in Git, Jenkins, and SonarQube for source control, deployments, and continuous integration.
• Collaborated with cross-functional teams to develop high-quality software solutions, leading to increased client satisfaction.
• Maintained on-time rate for developmental deliverables.