dinesh_jain

Dinesh Jain 0659278850

Senior Security Analyst [email protected]

Experience Summary

9+ Years - Overall IT experience in application development and testing.

3 + - ASP.Net Web development with SQL experience.

6+ Years - Vulnerability assessment/penetration testing of web applications including

manual/automated source code review and audits.

Skills Summary

Performing automated black-box web application assessments using commercial (IBM AppScan

Standard) and open-source tools(Burb Suite,SQL Map Etc) accompanied with manually penetration

testing.

Perform Threat model Analysis

Performing automated white-box assessment using IBM AppScan Source

Automated Network Infrastructure Scanning with QualysGuard

Excellent understanding of the web application security, secure coding

Development experience in SSRS,SSIS,ASP.Net.

Limited experience in Network Scanning(Qualysguard)

Automation of Tasks using VbScripting

Company Role Duration

Vishwak Solutions Software Engineer

June 2005 – Jan 2006

Infosys Technologies Senior Software Engineer Apr 2006 – Oct 2009

Accenture

Technologies Senior Software Engineer May 2010 – Mar 2012

TCS IT Analyst Apr 2012- jan 2014

CTS Senior Associate Feb 2014-Mar 2016

CTS Netherlands Security Consultant Apr 2016 - Current

of 4

Educational

Qualifications

Bachelor of Engineering (ECE), KCG College of Technology,

Anna University.

Subject Matter

Expertise

Application Vulnerability Assessment (DAST- Dynamic Application Security

Testing)

Manual/Automated code Review (SAST- Static Application Security Testing)

Application Design Review

Threat Modelling

Tools/IDE used

Web servers – IIS

Databases – Oracle ,SQL Sever

Programming Languages – VB 6, ASP,ASP.NET

Scripting – JavaScript,VbS

Application Security Tools used

- DAST – AppScan Standard Edition, Burpsuite,SOAP UI,SQL MAP, Fiddler,

etc

- SAST – AppScan Source Edition

IDE - Eclipse, Visual Studio

PROJECT DETAILS

Project Title Agile for a leading Telecom Client.

Role Security Consultant

Tools QualysGuard, Fiddler and Burp Suite.

SOAP UI.

Responsibilities

Agile Story owner

Aligment with business owners on Security stories

Performed black-box/white-box assessment on applications.

Automated vulnerability scanning using Qualys.

Manual vulnerability assessment using SOAP UI.

Co-ordination with development team about the findings from

the Security Testing.

Guide them to the fix the issues and confirm the fixes by re-

testing.

Provide Design recommendations and design review

Duration 7 Months.

Project Title DAST for a leading Retail Client.


of 4

Tools IBM Appscan Standard Edition, Fiddler and Burp Suite.

SOAP UI.

Responsibilities


Automated vulnerability scanning using IBM Appscan.






testing.


Duration 12 Months.

Project Title DAST for a leading Retail Client.



SOAP UI.

Responsibilities








testing.


Peform threat model

Duration 24 Months.

Project Title Application Vulnerability Assessment for a leading Insurance Client.



IBM Appscan Source Edition

of 4

Responsibilities

Performed black-box/white-box assessment on client

applications.


Automated source code scanning using IBM Appscan Source

tool.

Manual vulnerability assessment.

Manual source code audit for critical business functionality &

Executed business functionality security test cases.




testing.

Duration 22 Months.

Project Title Web Application Development for Leading US Carrier

Role Application Developer.

Tools Asp.net,VB,vb.net HTML, CSS, Sql Server and JS

Responsibilities

High level Design & programming with Asp.net 2.0, VB.net

Database Design and Stored procedure Creation in SQL

Server.

Involved in implementing Ajax UI.

Performance and Code Review of the Changes.

Code Review of Peers

Duration 39 Months.

dinesh_jain

Documents