Professional Summary: * Over 10+ years of experience in Web Application Security, Security Architecture & Design, Penetration Testing and Secure Coding. * In-depth knowledge of Mobile Application Security, Application Security Controls and Validation, IT Risk Assessments, Regulatory Compliance and Secure Software Development Life Cycle (secureSDLC) and Continuous Integration (CI) and Continuous Delivery (CD) of security scanning. * Hands-on with Penetration Testing, DAST, SAST and manual ethical hacking. * Experience in conducting IT Security Risk Assessments in accordance to NIST and FFIEC framework. * Worked with global security teams performing application and IT infrastructure security assessments. * In-depth knowledge of penetration testing for web and mobile (iOS and Android) applications. * Performed security design and architecture reviews for web and mobile applications * Hands-on experience in developing threat models, security controls, threat analysis, creation of risk control matrices and risk mitigation strategies.
Description
