Total IT Experience 13+ Years. Cyber Security Banking, Financial Services and Insurance (BFSI)/Healthcare/IT domain, IT Security professional with hands-on experience in Vulnerability Assessment and Penetration Testing, 9 Years.
Lead Vulnerability Assessment and Penetration Testing team on the client side.
Threat Modeling Design Architecture into TM-Tool.
Checkmarx SAST/DAST/IAST Source code scan.
AWS Cloud security.

In total Consultant has handled around 500+ in web application security, vulnerability assessments, network audits, penetration testing, information security, code review, source code review and ethical hacking.

Conducting systematic web application security assessments and penetration tests. The assessments involve manual testing and analysis as well as the use of automated web application vulnerability scanning/testing tools.

Conducted External/internal vulnerability assessment and penetration testing.

Application Security Assessment for a wide range of business applications: 200+ web applications in ITES/financial/Banking domain against standards such as OWASP Top 10, PCI DSS, NIST 800-115, SANS standards and OWASP ASVS.

Proficient in understanding and executing application level vulnerability attacks like - XSS (Cross Site Scripting), SQL injection, CSRF (Cross Site Request Forgery), Response Splitting, Session Hijacking, Variable Manipulation, Privilege escalation, Authorization Bypass, Weak Cryptography, Authentication flaws, Design level vulnerabilities etc.

Contributes towards the preparation and authorizes the implementation of necessary information security policies, standards, procedures and guidelines which include Windows, Linux, AIX, HP-UX, Oracle and MSSQL databases, IIS and Apache Web servers, Cisco IOS, Cisco Pix Firewall.
Recommend corrective measures and ensure the adequacy of existing information security controls. Develop risk remediation plans and security procedures.