Identifying the critical, High, Medium, and Low vulnerabilities in the applications based on OWASP Top 10 and SANS 25 and prioritizing them based on their criticality.Develop and utilize custom tools and scripts for effectiveLed vulnerability assessments, managed SOC security incidents, and optimized vulnerability management processes.Collaborated with DevOps to integrate security best practices and conducted root cause analysis for incidents.Ensured compliance… Show more Identifying the critical, High, Medium, and Low vulnerabilities in the applications based on OWASP Top 10 and SANS 25 and prioritizing them based on their criticality.Develop and utilize custom tools and scripts for effectiveLed vulnerability assessments, managed SOC security incidents, and optimized vulnerability management processes.Collaborated with DevOps to integrate security best practices and conducted root cause analysis for incidents.Ensured compliance with industry standards and delivered real-time risk reporting and remediation tracking.Providing PKI support to users as Registration Authority (RA) and Sole ownership of all PKI-related activities.Experience in complex security assessments and advanced penetration testing.Conducted POC for various API security vendors like NoName and Salt Security. Working with Aws tool for ticket raising, CI/CD pipeline, and automating pipeline security scans.Work closely with product and platform teams to engineer and implement Cloud security controls with a focus on DevSecOps.Penetration testing Red teaming,and TLPT,CTF participationWorked on AWS and related services like EBS, RDS, ELB, Route53, S3, EC2, AMI, IAM through AWS console. Show less

Conducting application and infrastructure penetration tests, Security Consulting, physical security reviews, and Social Engineering tests for our clients.Perform Penetration Testing by OWASP standards and SANS 25 using manual techniques and Automated Tools.Experience with tools such as Rapid7 Nexpose and InsightVM vulnerability scanner.Managed and updated vulnerability databases, providing real-time reporting and dashboards to track remediation efforts and risk… Show more Conducting application and infrastructure penetration tests, Security Consulting, physical security reviews, and Social Engineering tests for our clients.Perform Penetration Testing by OWASP standards and SANS 25 using manual techniques and Automated Tools.Experience with tools such as Rapid7 Nexpose and InsightVM vulnerability scanner.Managed and updated vulnerability databases, providing real-time reporting and dashboards to track remediation efforts and risk scores.Trained SOC team members on vulnerability management processes, best practices, and tools to improve operational efficiency and response times.Ensured compliance with industry standards and regulatory requirements such as NIST, ISO, and GDPR by maintaining an up-to-date and secure environment.Experience in Android applications using Drozer security frameworks and some tools. Show less

Understanding of Vulnerability Management identification, analysis, metrics and reporting tools as well as processes enabling proper governance, risk and compliance.Configure and run the scans on web applications/Web services with IBM AppScan Standard and Enterprise.Experience in languages such as Java, Javascript, .net.Perform third-party libraries security assessment and dependency analysis such as owasp dependency checks for java and .net applications.

Involved in the project's analysis, design, implementation, and testing.Developed web services using Python.Implemented the presentation layer with HTML, XHTML, and JavaScript.Developed web components using JSP, Servlets, and JDBC.Designed tables and indexes.