Dec 2022 – Jan 2026 · 3 yrs 1 mo

• Managing Delivery of Appsec, achieving a 35% reduction in vulnerability remediation time.
• Managed client communications for security scoping, progress updates, and project delivery.
• Conducted SAST, DAST, VAPT and Threat Modelling requirements, reducing project setup time by 20%.
• Enabled the customer to reduce redundancy by integrating Azure DevOps Pipeline for CI/CD.
• Applied security best practices using Wiz to enhance cloud security posture through continuous risk monitoring and remediation.
• Conducted SCA for third-party direct and transitive dependencies.
• Enabled customers with security standards and secure code review of GEN AI applications using OWASP LLM guidelines
• Developed security reports and conducted SME reviews, guiding clients to compliance with GDPR, PCI DSS, and ISO 27001.
• Collaborated on Risk Assessment, vulnerability management and mitigation plan with development teams and clients.
• Facilitated risk exemption meetings with stakeholders and Supported pre-sales for RFPs.
• Onboarded and trained new analysts on security processes and tools.

Dec 2021 – Nov 2022 · 11 mos

• · Led a security team of 4, coordinated client deliveries, and planned vulnerability mitigation.
• · Planned vulnerability assessments & Configured security scanning tools.
• · Conducted penetration testing, DAST (OWASP ZAP/ Burp Suite), benchmarking (CIS CAT) and fuzzing of applications.
• · Tested web services with SoapUI and Postman.
• · Oversaw application security and risk exemptions.

Dec 2019 – Nov 2021 · 1 yr 11 mos · Noida, Uttar Pradesh, India

• Led security team for client deliveries and vulnerability mitigation.
• Configured security scanning and conducted penetration testing.
• Performed DAST/SAST (AppScan, Burp Suite, Checkmarx, Nowsecure)
• Tested web services (SoapUI, Postman) and managed test execution.

Nov 2016 – Nov 2019 · 3 yrs

• Tested UK/US banking applications (web, thick client, web services) against OWASP and banking standards.
• Performed DAST and manual penetration testing (Burp Suite).
• Reported defects and recommended remediation to development/client teams.

Oct 2013 – Oct 2016 · 3 yrs · Noida Area, India

• Performed dynamic application security testing (DAST) and Functional testing.
• Contributed to test case design and execution.
• Supported defect management using ALM and JIRA.

Apr 2013 – Oct 2013 · 6 mos

• Experience of testing Web Applications and Desktop Applications in windows and IOS Operating system.
• Experience of testing Mobile Applications on Android, Windows and IOS platforms (I phone, I pod and I pad).
• Proficient in Manual testing – functional & non-functional.
• Knowledge of Database testing-SQL.
• Well versed with Software Development Life Cycle (SDLC), Software Testing Life Cycle (STLC).
• Proficient in designing manual test cases based on Functional Specification Document.
• Excellent knowledge and working experience in test planning test execution and test results analysis and Test Summary.
• Hands on experience on SDLC tool HP Application Lifecycle Management 11.5 & 12, JIRA and Mantis.
• Bug reporting, creating and testing defects.
• Ability to handle work under pressure following the SLA for resolving issues and meeting the deadline.
• Retaining the ownership until the issue gets resolved, following the Issue Escalation Process.