Bitopan Dutta

Security Engineer

Guwahati, Assam, India3 yrs 9 mos experience

Key Highlights

Stackforce AI infers this person is a Cybersecurity Specialist with expertise in vulnerability assessment and web application security.

Vulnerability AssessmentWeb Application Security Testing

Source Code ReviewSASTBurp SuiteCheckmarxPostmanmobSFNmapWebInspectNessusVAPTISO 27001AWS SecurityOWASPSocial EngineeringNetwork Security

3 yrs 9 mos

Total Experience

2 yrs

Average Tenure

1 yr 9 mos

Current Experience

Jul 2024 – Present · 1 yr 9 mos · Bengaluru, Karnataka, India

Jul 2022 – Jul 2024 · 2 yrs · India · On-site

Job Responsibilities:
Perform automated and manual Vulnerability Assessment on Web(DAST & SAST), API and Mobile applications by industry professional tools such as Burp Suite, Checkmarx, Postman, mobSF, Nmap, WebInspect, Nessus, Otool etc.
Checked the applications resilience against the OWASP Top 10, SANS Top 25 and CWE such as SQL injection, RCE, SSRF, Directory Traversal, Authentication Bypass, Broken Access Control, LFI, RFI, XSS, CSRF, Sensitive Information Disclosure etc.
Information gathering, understanding the web application workflow and functionalities, and preparing test cases for potential vulnerability checks in the web application.
Documenting formal security assessments reports for each penetration test using company’s standard reporting format.
Participate in conference calls with clients to review assessment results and consult with the clients on remediation options.
Retesting security vulnerabilities that have been fixed and republishing reports to indicate the results of retesting

Source Code ReviewSASTBurp SuiteCheckmarxPostmanmobSF+5

Sep 2021 – Mar 2022 · 6 mos · Hyderabad, Telangana, India · On-site

Job Responsibilities:
Conduction Web Application Security Testing.
Identify and assess vulnerabilities in Web Application, document findings and recommend remediation strategies.
Checked application resilience against the OWASP TOP 10 vulnerabilities using automated tool and manual approach.
Interaction with Clients.

VAPTBurpsuiteWeb Application Security Testing