Software Engineer Web Application
Resume:
Shile Akinrinmade
Mobile: +1-401-***-****
*********@*****.***
Cumming GA 30028
SKILLS
Penetration Testing
Burp Suite
Nmap
Weevley
DAST
Application Security Testing
Red Team
Agile Methods & Tools
Database Security Testing
Kali Linux
SQLMAP
Aircrack-ng
NIST SP 800-53 Rev. 5
Cyber Security Assurance
NIST SP 800-115
Infrastructure Security
Reporting
Web Application Security Assessment
Wireshark
API Testing
Azure Cloud
SSDLC
OWASP TOP 10
AWS Cloud
OWASP ZAP
Metasploit
Wireshark
Web Application Testing
OWASP ASVS
Postman
Metasploit
Threat & Vulnerability Management
Security Technologies
Cyber Risk Management
Network Penetration Testing
EXPERINCE
03/11/2024 - Present Solution Senior Consultant, Deloitte Consulting – Atlanta GA
Penetration testing – manual web security using OWASP methodology and tools such as Zap, Burp Suite and functional testing
Identified need to create security assessment project for existing internal projects.
Experience with penetration testing tools and frameworks such as Metasploit, Nmap, and Nessus.
Deep insight into conducting formal tests on web-based applications and networks using deep assessment parameters
Verse knowledge and understanding of XSS, CSRF, and Blind SQL Injection vulnerabilities. Local File Inclusion, Reverse shell/Remote Shell, Veil framework etc.
Strong understanding of how to use wordlist to test WPA/WPA2
Solid understanding of penetration testing standards and process, including the development of documentation such as rules of engagement, scope, and remediation reports
Good understanding of how to configure wireless setting for maximum security
Expert knowledge of OWASP Top 10 and ability to articulate web security risks.
Conducts complex analytical functions by performing security assessments and ethical hacks of high-risk sensitive applications
Provide accurate and timely reporting of findings and proposed remediation and mitigations
02/02/2020 - 12/31/2023 Lead IT Test Engineer, INCOMM Payment – Atlanta GA
Verse knowledge and understanding of how-to pentest system’s vulnerabilities using reverse shell or remote shell.
I developed ARP spoofing and hstshihjack scripts using better caplet to test HTTP, HTTPS & HSTS
Work with other functional groups within Information Security included, including Risk, Security Architecture, and SSDLC
Deep insight into conducting formal tests on web-based applications and networks using deep assessment parameters.
Verse knowledge and understanding of XSS, CSRF, and Blind SQL Injection vulnerabilities. Local File Inclusion, Reverse Shell/Remote Shell, Veil framework, etc.
Strong understanding of how to use wordlist to test WPA/WPA2
Solid understanding of penetration testing standards and processes, including the development of documentation such as rules of engagement, scope, and remediation reports
Good understanding of how to configure wireless settings for maximum security.
Expert knowledge of OWASP Top 10 and ability to articulate web security risks.
Conducts complex analytical functions by performing security assessments and ethical hacks of high-risk sensitive applications.
Provide accurate and timely reporting of findings and proposed remediation and mitigations.
Strong knowledge of Windows or Java Architecture Internals with experience in PHP or JavaScript and their associated Frameworks
Ability to build threat models and communicate risks in business terms.
Conducted PCI-required penetration test of e-commerce system.
07/07/2018 - 01/31/2020 Sr. Technical Architect, HCL Consulting – Alpharetta GA
Penetration testing – manual web security using OWASP methodology and tools such as Zap, Burp Suite and functional testing
Identified need to create security assessment project for existing internal projects.
Experience with penetration testing tools and frameworks such as Metasploit, Nmap, and Nessus.
Deep insight into conducting formal tests on web-based applications and networks using deep assessment parameters
Verse knowledge and understanding of XSS, CSRF, and Blind SQL Injection vulnerabilities. Local File Inclusion, Reverse shell/Remote Shell, Veil framework etc.
Strong understanding of how to use wordlist to test WPA/WPA2
Solid understanding of penetration testing standards and process, including the development of documentation such as rules of engagement, scope, and remediation reports
Good understanding of how to configure wireless setting for maximum security
Expert knowledge of OWASP Top 10 and ability to articulate web security risks.
Conducts complex analytical functions by performing security assessments and ethical hacks of high-risk sensitive applications
Provide accurate and timely reporting of findings and proposed remediation and mitigations
05/05/2017 - 12/31/2018 Sr. Penetration Tester, ADP – Atlanta GA
Verse knowledge and understanding of how to use net.sniff to spy on network devices for penetration testing.
Perform web Application and network penetration tests within the parameters defined by rule of engagement coordinated with client.
Perform open-source intelligence OSINT to gather for target customers for preparation for security assessments.
Provide details reports on the findings of work and application tests including mitigation and remediation activities.
Developed test cases to test web Applications according to OWASP and mapped every test case with NIST control.
Assess and evaluate risk based on threats vulnerability and shortfall uncovered in testing.
Examine assets to determine if vulnerabilities exist and if vulnerabilities are found proposes remediation strategies that can be applied to mitigate them.
Perform network security analysis and risk management for designated systems.
Assist the information security risk assessment program by identifying risk in the current security posture. Conduct risk assessment using NIST SP 800-53 v4 operational management and technical controls.
Conducted social engineering test exercise coordinator with the payroll department to determine the level of infiltration possible using a remote command and control framework.
Thorough knowledge of TCP/IP ports and protocols
Conducted IDOR pen-testing to retrieve objects belonging to other users.
11/10/2014 – 02/10/2017 Sr. QA Engineer, Deloitte Consulting – Atlanta GA
Lead the Defect Management process during the test execution phases performing daily triage meetings.
Communicated progress of the QA test plan by facilitating meetings with senior leaders and Product & Development teams.
Lead the Quality Assurance effort and Coordinate QA release deployment(s) and verification.
Performed Back-End integration testing to ensure data consistency on front-end by writing and executing SQL Performed web-based transactions, batch transactions, trading partner testing and file exchange testing.
Verified that successful integration can be achieved between the system and external entities.
Performed Navigation testing and cross-browser testing on IE, Firefox, and Chrome.
Used Color Contrast Checker to analyze webpage colors to verify the contrast and ensure better accessibility.
Wrote and Performed Smoke test and Functional testing on every build of the application.
Extensively used RQM for test planning and defect reporting, tracking, and executing manual test cases.
Perform Web Services and XML testing using Soap UI.
Using acceptance criteria which was produced by business analysts to perform UAT testing.
Used TestNG to create the Test Suites and to execute all the test scripts.
Identified and created automation test cases and test scripts using hybrid hybrid-driven framework and page object model (POM) to test the web application.
Environment: IBM RFT, RTC, RQM, Java, Manual testing, MS SQL Server 2008, Oracle 10/11G, and Selenium web driver.
Provide accurate and timely reporting of findings and proposed remediation and mitigations
04/11/2014 – 11/2014 Senior Software QA Engineer, Deloitte Consulting – Tallahassee FL
Worked on test team status reports and proactively addressed issues related to environment/integration/builds. Extensive experience with assistive technology web application Tools such as JAWS, Color Contrast Analyzer and mobile apps IOS & Android tools.
Performed different types of testing: Accessibility, Functional, System, User Interface, Regression, Mobile accessibility and Sanity testing for both Web and Mobile Native Applications.
Attended Defect Triage meeting. Informed Senior Management of Risks / Issues discovered while testing.
Ensured a top user experience by meeting with users and UAT teams to address testing defects.
Used TestNG to create the Test Suites and to execute all the test scripts.
Responsible for the implementation of Data Driven Automation Framework build using Selenium Web Driver, TestNG, and Maven technologies under the Java platform.
Created data from scratch or imported data into new data pools using a CSV file.
Performing testing of new software releases on Java-based web applications.
Extensively used RQM for test planning and defect reporting, tracking, and executing manual test cases. Maintained bug reports using Rational ClearQuest.
05/11/2012 – 03/2014 Software Test Engineer, EMC – Hopkinton MA
Worked with the product backend QA team verifying complex algorithm, data processing and results using Microsoft SQL 2008.
Responsible for writing ETL table test cases under general guidance of the test lead.
Performed functional testing, integration testing, regression testing, GUI testing, back-end testing, browser compatibility testing, and component testing on Windows.
Provide client, server, SAN storage array support for the configuration and maintenance of the engineering computer lab systems.
Managed higher availability and data protection using VMware vCenter Server Create and maintain storage allocation.
Execute test procedures for ensuring the quality and serviceability of new features and releases of software for EMC storage products VNX, VNXe and VPLEX.
Provide support for EMC storage including the design, implementation and support of EMC Storage arrays and software e.g. CLARiiON, VNX, Power-Path, EMC Celerra, and Data-Domain.
Participate in auxiliary projects such as adding features to the Master Equipment List website and management of lab equipment.
Environment: MS SQL Server 2008, Oracle 10G, Java, Manual testing, Windows 2003/2008 Server, MYSQL, Red Hat Linux, Java.
05/11/2005 – 04/2012 IT Support Specialist, BRIDGES INC. - Jamestown, RI
Provide desktop support for Windows XP and 2007 Pro along with MS Office 2003/2010 Pro and all supporting software applications.
Setting up permission, delegating permission, Routing Groups, and Routing Groups Connectors.
Hardware installs and maintenance for site servers, desktops, laptops, printers, scanners, projectors, video conferencing equipment, IP phone systems, and many other peripherals.
Performed installs, and maintained, network operations for a static addressed client-server environment including cabling, network stack build-out, and troubleshooting with CISCO routers and Netgear switches.
Apply OS patches and upgrades on a regular basis and upgrade administrative tools and utilities. Configure / add new services as necessary.
Determined the causes of networking problems and utilized diagnostic testing software and equipment to troubleshoot various technical problems under time constraints Managing and Monitoring Dynamic Host Configuration Protocol (DHCP).
Implementing an Active Directory Forest Domain Structure, Organizational Unit Structure, User, Group, and Computer Accounts & the Placement of Domain Controllers.
Designing an Active Directory and Network Infrastructure, Forest & Domain Infrastructure, and Site Infrastructure.
EDUCATION & CERTIFICATIONS
Graduated – 05/2013 B.Sc. IT / ISS, University of Phoenix, Boston, MA
AS Degree IT Support Specialist, Community College of RI, Warwick, RI
Professional Affiliations
CompTIA PenTest Certified
CompTIA A+ (Hardware & Software)
Certified SAFe 5 Scrum Master
Microsoft Certified: Azure Fundamentals
Contact this candidate