New York, New York, United States
- Overseeing product security for consumer businesses namely Marcus Savings, Apple and GM cards - Managing end to end security for 100+ microservices deployed in AWS with a total user base of 12 million+ - Integrating security into the DevOps pipeline by automating security testing using cutting-edge tools - Working closely with engineering team to manage and remediate security risks - Contributing to security documentation and guidance including templates, patterns, and controls - Mentoring and supporting junior team members
- Worked alongside internal team (top Healthcare company) to introduce and improve security in their DevOps environment. - Performed penetration testing and manual ethical hacking across various domains for clients to mitigate security risks using methodical approach of Reconnaissance, Scanning & Exploitation. - Reviewed enterprise architecture for weaknesses and designing defensible security architecture. - Designing and implementing security for all layers of a hybrid cloud infrastructure. - Analyzed application source code using automated tools and manual techniques to identify design and code flaws (SAST). - Performed product security testing and exploiting programs on the Linux and Windows operating systems. - Contributed to company’s internal vulnerability database that contains general descriptions and remediation guidance for many common web application, network and code-related vulnerabilities. - Conducted cyber security training for clients to educate them about security risks and promote best practices.
- Performed Vulnerability assessment and remediation of Web applications and Web services - Developed a python scripting tool to integrate assessment reports and UPS Security Standards - Developed UPS Application Vulnerability Remediation and Testing guides - Performed Penetration Testing on Web applications using manual and automated techniques
• Worked as Security Incident Analyst in an Onsite/Offshore delivery model for a large European Bank as part of SIMS (Security Incident Management System) project • Provided Security Operations Centre (SOC) support in real-time monitoring of bank enterprise assets for coverage in all areas of Information Security • Created correlation rules by analyzing log files from various environments like databases, infrastructure and applications for security monitoring • Discussed specifications with the client and created security procedures for both offshore and onsite teams