accomplished security test architect with successful track record of developing security testing frameworks using like Burp suite pro, Fortify, IBM Appscan, Nessus and Nmap. DVA/DAST, SVA/SAST, OWASP, HP Fority Webinspect, ZAP, IBMAppScan, Fortify SCA, Qualys Security Tools
Successfully cleared CEH V10 (Certified Ethical Hacking Version 10)
Successfully cleared ECSA
AZURE Certified security engineer
As an individual contributor has hands-on experience in performing Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST)
Penetration Testing for Web apps, Mobile apps and API, Network and Infrastructure Security Assessment
7.5 years of security testing experience in Vulnerability assessment, Penetration testing and Source code analysis. Well-versedwith security testing tool like Burp suite pro, Fortify, IBM Appscan, Nessus and Nmap. DVA/DAST, SVA/SAST, OWASP, HP Fority Webinspect, ZAP, IBMAppScan, Fortify SCA, Qualys
Experience in using Automated Source Code Scan tool – Fortify SCA for SAST/SVA (Static Vulnerability Assessment), perform False Positive analysis, and publish reports.
Having experience in doing Manual Vulnerability assessment for both Web and Native Mobile apps and prepare Manual Assessment Reports and taking vulnerability walkthrough calls with developers to guide them to fix the identified vulnerabilities.
Experience in doing Infrastructure/Network security assessments using Qualys tool, performed Windows and Linux OS Infrastructure assessment.
Strong knowledge on standard Security testing methodologies OWASP and SANS 25.
Exposure on PCI DSS compliance and doing internal risk assessments.