Download PDF

Summary

Insightful, results-driven IT professional with excellent oral and written skills, outstanding attention to detail and passion to provide outstanding service. Experience in leading the Web Application,API Security and Vulnerability Management projects  ensuring  security planning, testing, verification and risk analysis.Well-versed in direct and remote analysis with strong critical thinking communication and people skills. Able to thrive in fast-paced and challenging environments where accuracy and efficiency matter.

Expertise

  • In-depth knowledge of web application and API security vulnerabilities, testing techniques, and the OWASP framework.
  • In depth understanding of secure web application development, Java, Java development frameworks.
  • Thorough understanding of OWASP Top 10/SANS 25 application security risks.
  • Knowledge of security policies and standards and such as PCI-DSS and ISO 17799, 27001.
  • Able to prioritise workload and drive work to set deadlines.
  • Exposure to methods of promoting security awareness.
  • Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships up to senior levels of management.
  • Anticipates problems and identifies long-term implications of decisions and actions.
  • Ability to work alone and build relationships across the organisation.

Technical Purview

Operating Systems :

 Kali ,Windows XP/Vista/7/8/10

Network Scanners and analysis :

 Nmap, Zenmap,Wireshark

Web Application Vulnerability :

Burp Suite Pro, Fiddler, WebInspect ,Nikto,W3AF ,XSSer

Source Code Analysis

HP Fortify

Penetration Testing Framework :

Metasploit 

Programming and scripting

Java,C,C++,Python

Work Experience

Nov 2016Present

Product Security Engineer

HP inc
  • Responsible for manual and automated dynamic grey box testing on wide range of HP applications hosted in multiple pre-prod environments.
  • Provide analysis and remediation recommendations to application teams responsible for the maintenance of vulnerable web apps or API's.
  • Execute and provide analysis and remediation recommendations for automated static source code security testing.
  • Pro-actively testing all external facing HP applications for high or critical security risks.
  • Analyzing,compiling and presenting key application and API security metrics to executive leadership.
Jan 2014October 2016

System Engineer

Tata Consultancy Services
  • Identify application security risks and requirements for new projects and system developments.
  • Sign-off on application security prior to live implementation.
  • Develop security testing plans and integrate into the software development life cycle.
  • Perform/oversee security testing and manage remediation of identified vulnerabilities.
  • Monitor and proactively report on current threats and vulnerabilities to application security.
  • Designed training manuals to increase security awareness throughout company.
  • Prepare and monitor operational security metrics and trends.

Certifications

Feb 20162019

Certified Ethical Hacker

EC-Council


Education

20092013

B.Tech

Academy Of Technology

Passed with DGPA of 8.10(out of 10) with specialization in Information Technology. 

20082009

12th AISSCE

K.V NO.1 Kanchrapara

Passed with an aggregate of 81% 

20062007

10th AISSE

K.V NO.1 Kanchrapara

Passed with an aggregate of 84%