Palak Arora

Product Manager

Bengaluru, Karnataka, India7 yrs 3 mos experience

Most Likely To SwitchHighly Stable

Key Highlights

Over 6 years of experience in application and product security.
Expert in conducting security assessments and penetration testing.
Certified in penetration testing and ethical hacking.

Stackforce AI infers this person is a Cybersecurity specialist with a focus on application and product security.

Contact

Skills

Core Skills

Penetration TestingVulnerability Assessment

Other Skills

API Security TestingApplication SecurityApplication Security AssessmentsAttention to DetailCCloud SecurityCommunicationCore JavaCybersecurityDASTData PrivacyData Privacy AwarenessData Privacy Best PracticesData Privacy Risk ManagementData Privacy Training

About

As an Application and Product Security Engineer with 6+ years of experience, I specialize in identifying and mitigating security risks in software products. My expertise includes helping to implement secure development processes, conducting security assessments and design reviews, and providing guidance to development teams on secure coding practices. In addition, I am proficient in using security testing tools such as Burp Suite, AppScan, BlackDuck, Qualys, Nessus and various open source security tools to identify and address security vulnerabilities. My work has involved collaborating with cross-functional teams, including developers, product managers, to ensure that security is integrated throughout the software development lifecycle. I am committed to staying up-to-date with the latest security trends and technologies and have completed several certifications, including SANS GIAC Penetration Tester (GPEN) and Certified Ethical Hacker (CEH). In my current role at Cisco, I have successfully been helping in implementation of security controls for various products and services, resulting in improved security posture and reduced risk exposure. I am passionate about helping organizations prioritize security and mitigate risks to protect their customers and data. If you're interested in connecting or learning more about my experience, please don't hesitate to reach out.

Experience

Cisco

2 roles

Senior Product Security Engineer

Nov 2024 – Present · 1 yr 4 mos · Bangalore Urban, Karnataka, India

Product Security Engineer

Jun 2021 – Present · 4 yrs 9 mos · Bangalore Urban, Karnataka, India

Synopsys inc

Security Services Associate

Jul 2020 – Jun 2021 · 11 mos · Bangalore Urban, Karnataka, India

✓A Part of Managed Services group of Synopsys
✓Responsible for conducting DAST and Penetration Testing activities for web applications and web services.
✓Conducted the assessments in both Production and non-production Environments.
✓Preparation of detailed Pentest reports summarising the identified vulnerabilities with their business level impacts and generic remediation steps for the same.
✓Involved in the read-out calls for the identified vulnerabilities with the Clients/Stakeholders

DASTPenetration TestingWeb ApplicationsWeb ServicesVulnerability Assessment

Tata consultancy services

2 roles

Cyber Security Analyst

Nov 2018 – Jun 2020 · 1 yr 7 mos · India

✓Responsible for conducting Vulnerability Assessments and Penetration Testing activities for web applications using both automated DAST tools and manual approach.
✓Worked on the Penetration testing activities for SOAP web services and Rest APIs.
✓Conducted the assessments in both Production and non-production Environments.
✓Preparation of a detailed pentest reports summarizing the identified vulnerabilities with their business level impacts and generic remediation steps for the same.
✓Tracking the vulnerability remediation status for the assessments which with an annual penetration testing cycle.
✓Performing the retests for the identified vulnerabilities on ad-hoc basis.

Vulnerability AssessmentPenetration TestingSOAP Web ServicesREST APIs