My work responsibilities and skills at Synopsys focus on the following1. Application Security Penetration Testing • Experience in performing web application penetration testing. This includes using automated tools like Appscan, Burp Suite followed by a triaging and deep business logic analysis.• Experience in performing API pen testing of SOAP and REST APIs• Worked with risk scoring standards such as NIST 800-30 r1, CVSS v3 • Helping developers with vulnerability reproducing and remediation efforts • Designed and developed security controls with PCI-DSS compliance2. Source code review• Experience in using SAST tools like Fortify, Coverity and Veracode.• Familiarity with the concepts of defensive programming, OWASP Top-10, and SANS Top 25 vulnerabilities• Experience with secure code review in languages like C#, Java, PHP, Android• Worked with frameworks like Spring boot, Struts• Hands on experience with IDE’s like Eclipse, Visual Studio3. Android Penetration Testing• Experienced in using tools like Frida, Apktool, Drozer, MobSF• Familiarity in Android device testing and services testing • Helped customers identify security issues in their Android Apps and provide remediation advice. 4. Threat Modeling & Architecture Risk Analysis• Have worked on threat models in different platforms like AWS, Signifyd, Sales Force, Workato• Worked on designing custom protocols and configuration of Secure Elements • Experience in working on ARA’s for Licensing systems5. Internal and External Network Penetration Testing• Experience in Kali Linux and tools like Nmap, Nessus, Metasploit• Helped clients secure their Internal and External Network.6. CI/CD customizations• Worked on creating a custom Fortify filter to be implemented in a CI/CD pipeline.• Experience in tools like Bamboo, BitBucket, Jenkins

Two years experience in Project Management, Vulnerability Assessment, Penetration Testing, Application Security Assessment, Source Code Analysis, Threat & Vulnerability Assessment.- Conduct independent Application Security Assessment, Vulnerability Assessment, and External Network Penetration testing.- Conduct Source Code analysis in Struts, Spring frameworks.

Two years experience in Client Engagement, Vulnerability Assessment, Penetration Testing, Application Security Assessment, External Network Penetration Testing, API Testing, Source Code Review and Threat & Vulnerability AssessmentWorked on solution offerings to various industry sectors like Banking / Financial services,Telecom Industry etc.- Conduct independent Application Security Assessment, Vulnerability Assessment, Infrastructure - Penetration Testing and API Penetration testing- Perform Technical Oversight for fellow Consultants to improve the quality of deliveries.- Developed an Offering to assist customers in availing External Network Penetration Testing, this included compiling detailed on-hands manual, and checklist. - Worked on developing IP material for internal training and report writing content.- Worked as an Associate Pod Lead to mentor few new recruits- Hands on experience on tools like:API Testing –POSTMAN, SOAPUI, NiktoInfrastructure penetration testing - Metasploit framework, Nessus, NmapApplication penetration testing - Burp Suite, Paros, web fuzzers (e.g, DirBuster), SQLmap, Appscan scanner etc.

Two years experience in Client Engagement, Client Presentations, Project Management, Vulnerability Assessment, Penetration Testing, Application Security Assessment, GPRS penetration testing, Wireless Penetration Testing, Infrastructure Security Solutions review and Threat & Vulnerability AssessmentWorked on solution offerings to various industry sectors like Banking / Financial services,Telecom Industry, Hotel, Automotive Industry, ITES etc.- Conduct independent Application Security Assessment, Vulnerability Assessment, Infrastructure - Penetration Testing and Wireless Penetration testing- Conduct configuration reviews on databases (e.g., Oracle, MSSQL), operating systems (e.g., - Windows, RHEL) and network devices (e.g., routers, switches, load balancers, firewalls)- Hands on experience on tools like:Vulnerability Assessment - Nmap, NessusInfrastructure penetration testing - Metasploit framework, Sapyto framework, Airmon tool kit, Wireshark, Ethereal etc.Application penetration testing - Burp Suite, Paros, web fuzzers (e.g, DirBuster), SQLmap, Acunetix scanner etc.Operating Systems – Windows XP, Windows 7, Backtrack