RAKESH

Email: adl9zp@r.postjobfree.com

Contact: +91-741*******

EXPERIENCE SUMMARY:

Having total 2+ Years of experience in Web Application Security, Vulnerability Assessment and Penetration Testing.

Hands on experience on web-based vulnerability scanning tools i.e., Burp Suite Pro, Nessus, HCL App Scan, Nmap, Kali tools, Metasploit. Wireshark, SQL Map.

Having experience on manual security testing to verify false positives and identify false negatives.

Vulnerability Assessment includes analysis of bugs in various applications spread across N-tier on various domains by using both manual and Automation tools.

Having experience on OWASP 10.

Having knowledge on SQL injection, Clickjacking, Server-side request forgery, Cross origin resource sharing (CORS), XSS, CSRF, Browser Cache Weakness, IPS, IDS, Firewalls, LAN/WAN.

Strong problem solving and troubleshooting skills, highly motivated and ability to work as an individual and also as a dynamic member in a team.

Ability to quickly learn new technologies and applying its full range of capability.

EDUCATIONAL QUALIFICATIONS:

Bachelor of Technology(B-tech) from JNTU(HYDERABAD). TECHNICIAL SKILLS:

Application Vulnerability Scanners: HCL App scan Enterprise, Burp suite pro, Kali Linux. Nmap, Nessus, Rapid7.

Application Proficiency : MS-Office (MS Word, MS PowerPoint, MS Excel, MS Access & MS Outlook).

Working knowledge of MS Excel

PROFESSIONAL EXPERIENCE:

Organization: RBS IT SOLUTIONS

Duration : DEC 2018 - Till Now.

Designation : Cyber Security Analyst.

Roles and Responsibilities:

Manual walkthrough of the application to understand the application functionality

Identified risk parameters and gathered information specific to parameters.

Performed Vulnerability Assessment by using HCL Appscan Standard Edition.

Analyze the Vulnerability assessment reports.

Performing the manual security testing by using Burp Suite Proxy to identify False Positives

Proficient in Penetration testing based on SANS 25 and OWASP Top 10 vulnerabilities like XSS, SQL injection, CSRF, Source code review assessment

Prepared comprehensive security report detailing identifications and recommendations for the Vulnerabilities.

Conduct re-assessment after mitigating the vulnerabilities found in the assessment phase.

Well knowledge of Firewalls, LAN/WAN.

In depth knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS).

Network scanning using tools like Nmap and Nessus.

Performed application and infrastructure penetration tests along with physical security reviews.

Adding New Vulnerabilities to the Vulnerability Database for various platforms with proper exploits, verifications and references.

Perform pen tests on different applications in a week.

Monthly Reviews carried out over the Vulnerability Assessments.

Identifying the critical, High, Medium, Low vulnerabilities in the application based on OWASP Top 10, CWE and prioritizing them based on the criticality.

Experience of penetration testing on various applications in different domains.

DECLARATION:

I hereby declare that the particulars given by me in the foregoing are true to the best of my knowledge.

Date:

Place: Bangalore. (RAKESH)