*************@*****.***
Karthik Ragunath Mani
Associate Architect
Omaha, NE
Responsibilities include Project delivery ownership, Regular risk auditing and monitoring of systems, Compliance implementation, Designing and testing of new IT solutions, Provision of business support at a high level and to a range of key stakeholders in relation to ongoing security improvements, Project management and project architecture, Review and analysis of delivered projects, people activities.
Experience in HP Voltage integration with applications has different technologies stack like Java, C and .NET to meet security compliance. Hands on IBM Guardium Infoshpere DAM
(Database Activity Monitoring). Certified Ethical Hacker V9 by EC-Council and HP Voltage Security consultant certified by HP. Subject Matter Expert in Payment Card Industry, Data Security Standard compliance, Software and Database security, Enterprise Risk Management. Hands on experience in conducting Web Application Security scan, Network Penetration Testing and methodologies such as OWASP Top 10. Responsibilities:
Project Management
Security Consultation
Vulnerability Assessment
Security Design and Implementation
Vulnerability Assessment
HP Voltage Integration
Experience at Virtusa (May 08 2018 - Till Date)
First Data Corporation (May 2018 – Till Date)
Associate Architect
Activity : HP Voltage Integration
Project Role: Performing the role of Voltage Developer Technology: Java, Angular JS, Oracle DB
Responsible for developing Interface components to integrate web application with Voltage to encrypt/decrypt PCI/PII fields from UI to DB.
Responsible for developing Voltage utility to encrypt/decrypt PCI/PII fields in data at rest.
Responsible for developing Voltage utility for field level and full file encryption in batch.
Provided guidance and standardize the way Voltage Integration is being done by different applications through usage of these components.
Client Coordination with offshore for successfully building common functionalities related components.
Responsible for on time delivery to application team using the components developed to integrate with HP Voltage.
Role to design the Components/Utilities to integrate with all application without major change in the existing architecture.
*************@*****.***
2 of 4
Experience at Cognizant Solutions – US Corp (May 2014 – May 2018) Sallie Mae Inc (Jan 2017 – May 2018)
Associate - Projects
Activity: Corporate Security Assessment
Project Role: Role Onsite Corporate Security Consultant
Provided security code reviews using the Source Code Analysis Product and evaluated results for security vulnerabilities for Sallie Mae websites.
Trained, documented and advised application developers for security risks, secure coding best practices, with practical remediation guidance to developers.
Black box Web Penetration test for Sallie Mae website and Tag Management code review for vulnerability in including new tags in Sallie Mae website for advertising.
First Data Corporation (June 2016 – Dec 2016)
Associate - Projects
Activity : Develop Voltage Integration Components in Java, C and C#. Project Role: Role Onsite Security Consultant & Lead
Building components/utilities in java for common functionalities related to encryption/decryption with Voltage that is needed by multiple applications.
Provided guidance and standardize the way Voltage Integration is being done by different applications through usage of these components.
Client Coordination with offshore for successfully building common functionalities related components.
Responsible for on time delivery to application team using the components developed to integrate with HP Voltage.
Role to design the Components/Utilities to integrate with all application without major change in the existing architecture. Xerox Healthcare (April 2014 – June 2016)
Associate - Projects
Business Problem:
As part of HIPAA compliance, the Xerox Corporation Ltd Healthcare Services has initiated a data de-identification program to sanitize data present in non-production environments of IT organization. To comply with the security standards and to protect data breach, data de-identification needs to be done in all the non- production environments.
The De-Identification solution is integrated with the existing data refresh process, so that whenever a data is copied from production to non-production environment, the production data will be de-identified before being refreshed into non-production environment.
*************@*****.***
3 of 4
Project Role:
Module lead for this project taking care of masking MMIS-MT and Platform application for different states spread across environment.
Developed Masking algorithm for different formats of PII/PHI) in Java, and developed stored procedures for masking at rest.
Involved in identification of sensitive elements (PII and PHI) per the HIPPA regulations and coordinating with application team in getting the approval for the identified sensitive elements.
Responsibility in delivering documents, companion guides preparation, review configuration and successfully delivered MMIS-MT application masking.
Experience at HCL Technologies (Jan 2010 – May 2014) Xerox Business Service
Lead Engineer (March 2013 – May 2014)
Business Problem: Fix bugs while submitting jobs to Xerox Free Flow Print Service FFPS through various protocols like IPP, JDF, HTTP, ISGW etc., of this layer and add new features to this layer as requested by the client. Project Role:
Involved in fixing Action Requests and AR raised by client.
Involved in developing new features for JDF protocol requested by client.
Involved in system testing and integration testing
Involved in quality audits
THALES, US
Software Engineer (Jan 2010 – March 2013)
Business Problem: The iSeries Database Configuration (iDCT) tool is a proposed web based application for the Top Series IFE which allows a user to create a complete database package through a standard web browser. A user may also update/modify an existing database package or create one from a pre-existing template. The iDCT consists of a centralized database which contains the user interface selections, the GUI interface modules, validation modules, component modules and all the created configuration packages. The tool will validate the specified configuration against a set of logic rules, and generate a database package which may be loaded in the IFE System. Project Role:
Involved in gathering system requirements for the project.
Involved in preparing High Level and Low Level design documents.
Took ownership for many modules and developed modules in both Java and Flex.
Undergone flex training for supporting the UI team for developing Flex modules.
Involved in creating normalized database.
Framed test cases to cover all the scenarios and prepared STP document.
Written stored procedures for synchronizing the database package
*************@*****.***
4 of 4
Education
Bachelor of Computer Science Engineering, Anna University - 2009
Diploma in Computer Technology, Panimalar Polytechnic - 2006 Certifications
Certified Ethical Hacker V9 – EC-Council
HP Voltage Secure Data - HP Virtual Classroom Training Achievements
O3 award from HCL Technologies for continuous outstanding performance for 3 years.