S Basu Email & Phone Number

Greater Chicago Area

• Developed Application Security program (DAST and SAST) at the enterprise level to identify, report and remediate security vulnerabilities from applications deployed in DEV, PRE-PROD and PROD environments.
• Reviewed source code and developed security filters within IBM AppScan for critical applications.
• Managed security assessments to ensure compliance to firm’s security standards (i.e., OWASP Top 10, SANS25). Specifically, security testing has been performed to identify XML External Entity (XXE), Cross-Site Scripting.
• Rolled out IBM AppScan products such as AppScan Enterprise (ASE), Standard, Source, Developer plug-ins to various development teams across the business lines.
• Worked extensively with software development teams to review the source code, triage the security vulnerabilities generated by IBM AppScan, Burp Suite, HP WebInspect, HP Fortify and eliminated false positives.
• Generated executive summary reports showing the security assessments results, recommendations and risk mitigation plans and presented them to the respective business sponsors and senior management.

Hyderabad Area, India

• Designed and developed a suite of applications used by the internal audit department, including BPlanner, OATS, and Time tracking systems.
• Developed server-side business components using Java Servlets, JSPs, and Enterprise Java Beans (EJBs)
• Automated code deployment to production environment by creating tasks using ANT deployment tool.
• Developed stored procedures, views and triggers using Oracle PL/SQL.
• Design and implementation of RESTful Web services.
• Developed application presentation layer, which is based on Spring MVC framework involving JSP, Servlets and HTML, CSS