• Leading the Cyber Security Program for Salesforce Go-to-Market Initiatives• Collaborating effectively across multi-functional teams to promote security culture and drive technology and process innovations• Leading security programs from scratch, developing security processes and tools, and fostering a "shift left" security mentality• Conducting offensive security exercises (e.g., penetration testing, red teaming) to identify vulnerabilities in web, mobile, APIs, Cloud and develop effective countermeasures• Designing and implementing defensive security solutions (e.g., security architecture review, threat modeling, incident response) to protect against advanced threats• Developing and maintaining security frameworks, standards, and tools to ensure compliance with industry regulations and best practices• Automating repetitive tasks and implementing efficient solutions to optimize security workflows, resulting in increased productivity, and reduced manual effort

•Leading Visa central M&A Security team where engage in the initial requirements definition including analysis of threats and risk and alignment with Visa Security, Engineering, IT and Architecture standard for acquired entities and to be acquired entities.•Work with M&A team to provide security solution to bring the acquired entities in Visa Data Center, develop security champion program, provide training and best practices to development team. •As a Security Architect develop references architectures, design patterns, standards, guidelines and other company-wide deliverables to align security requirements to the IT Strategy.•Act as product security champion by driving Security Architecture and Design, Implementation, and Optimization for Web, API and Mobile backend application across Visa and acquired entities.•Leading security engineering team which is responsible to perform advance penetration testing, threat modeling and design review as part of central M&A Security team.•Support acquired entities to be complaint with various industry standard like PCI, ISO 27001 etc.

● Part of specialized VA team (Team6) which provides vulnerability assessment to very high-risk Citi applications which includes web applications as well as thick clients.● Worked with System Architects and perform threat modelling for applications.● Develop Burp Extension or tools to automate the testing process.● Perform POC on vulnerabilities identified globally and asses its impact on Citi business also learn new security concepts and present to VA group.● Provide training and awareness about new security concepts to developer.

● Performed penetration testing of high risk applications and find business logic issues which are hard to find. ● Provide training and awareness about new security concepts to development team.● Performed penetration testing of Citi internal Cloud service as well as Next Gen Applications developed using micro-services.

● Perform manual source code review to find Vulnerabilities in product source code which are hard to find by tools. ● Perform research from security perspective on new technologies going to be incorporated in product● Designed and lead the development of downstream system which worked as data center for Corporate Actions. ● Developed stored procedure in Oracle to create and maintain the users for application● Automated the deployment of application using Unix script, Python and ANT.● Hands-on experience working with Websphere, Tomcat, JBoss servers, IBM MQ.

• Developed a critical module of product which was specific for Global Processing of Corporate Action.• Worked on the front end of the application using technologies such as JSP, JSF, Facelets, Servlets and JavaScript.• Responsible for design and development of the front-end using HTML,Jquery , Nodejs, Jenkins, JSP, CSS, JavaScript

• Used the Model View Controller (MVC) architecture to decouple the business logic and data.• Used UML and Rational Rose suite for designing the System.• Used the DAO Pattern and J2EE framework facilitated the integration and deployment of DAO, Servlets, JSP and XML. • Used the Spring Framework for Customer authentication services. • Implemented JSF applications for login, logout, locale settings, profile administration, account transactions and layout customization. • Accessible Web page was for users with low visibility or negligible visibility.• Web page was recognizable to all available major screen reader in market like JAWS, Windows Eye etc.