Write My Paper Button

WhatsApp Widget

George Mason IT Professional with Years of Experience in Information Security Resume

Share this post on:

George Mason IT Professional with Years of Experience in Information Security Resume – Description

Professional Summary

An IT professional with  years of experience in Information Security

Hands on experience with Tenable network security.

Proficient in communicating with stakeholders for understanding their requirements
Gathering feedback about system performance from end users so as to bring necessary changes
Have hands-on experience in application security, vulnerability assessments, and OWASP along with different security testing tools.
Experience as an Information Security Analyst involved in OWASP Top 10 based Vulnerability Assessment of various internet-facing point of sale web applications and Web services.
Capable of identifying flaws like Injection, XSS, Insecure direct object reference, Security Misconfiguration, Sensitive data exposure, Functional level access control, CSRF, Invalidated redirects.
Experience in different web application security testing tools like Acunetix, Metasploit, Burp Suite, SQLmap, OWASP Zed Attack Proxy, and HP Fortify.
As a Security Consultant involved in enhancing the security stature of the project by initiatives like Threat Modelling, Security awareness sessions.
Simulate how an attacker would exploit the vulnerabilities identified during the dynamic analysis phase.
Hands-on experience in conducting Web Application Security scan, Ethical Hacking using commercial and non-commercial applications and methodologies such as SANS Web application assessment, OWASP Top 10, and CVSS Scoring using IBM App Scan.
Good experience in Web technologies like HTTP, HTML, CSS, Database Connectivity.
Experience using automated vulnerability assessment tools Qualys, Nmap, Retina, Nessus.
Knowledge in Cyber Security and Vulnerability Management.
Perform security tests on different static application security testing, dynamic application security testing, and manual penetration testing of applications.
Skills
HP Web Inspect

OWASP Top 10

Vulnerability Assessment

Paros Proxy

Live HTTP Header

Tamper data

Burp Suite

Web ScarabDirBuster

Sqlmap

Nikto

Metasploit
Kali Linux
Qualys
Tenable network security.
Experience
Technology Analyst
Performed gray box testing of the web applications

Executed and crafted different payloads to attack the system for finding vulnerabilities with respect to input validation, authorization checks, and more 

Reviewed and Validate the User Access Compliance on a quarterly basis 

Reviewed the requirements for privileged access on an everyday basis and provide recommendations
Reviewed and validate the privileged users and groups at Active Directory, Databases and application on a periodic basis
Documented information security guidance in step by step operational procedures
Performed static code reviews with the help of automation tools
Performed a threat analysis on the new requirements and features
Burp Suite, DirBuster, Hp Fortify, NMap tools were used as part of the penetration testing, on daily basis to complete the assessments
Established and improved the processes for privileged user access request

Reviewed firewall rules and policies in web proxy

Highlighted the user access and privileged user access risks to the organization and providing the remediation plan

Environment: MS SQL, MySQL, Web scarab, HTML, Kali Linux, OWSP, DirBuster, NMAP, IBM AppScan, Burp Suite, HP Fortify, Windows XP, PHP

Security Tester   
Performed security research, analysis, and design for all client computing systems and the network infrastructure
Security assessment of online applications to identify the vulnerabilities in different
Categories like Input and data Validation, Authentication, Authorization, Auditing & logging
Vulnerability Assessment of various web applications used in the organization using Paros Proxy, Burp Suite, and Web Scarab, HP Web Inspect, Qualys
Coordinate with the dev team to ensure closure of reported vulnerabilities by explaining the ease of exploitation and the impact of the issue
Security testing of APIs using SOAP UI, OWASP Mobile Top Ten vulnerabilities
Experience in using Kali Linux to do web application assessment with tools like Dirbuster, Nikto, and NMap
Good knowledge of IBM AppScan to enhance web application security
Perform security code review of JAVA, .Net, PHP code using static code analysis tools e.g
HP Fortify and IBM source edition
Help the team to remediate security issues with sample code
Good knowledge of Tenable network security

Training the development team on the most common vulnerabilities and common code review issues and explaining the remediation

Good knowledge in programming and scripting in .net, Java

Follow up and ensure the closure of the raised vulnerabilities by revalidating and ensuring 100% Closure

Good experience in Web technologies like HTTP, HTML, CSS, Database Connectivity

Ensuring SDLC to be a Secure SDLC
Manual (DAST) security testing on web applications against OWASP’s top 10 standards.

The post George Mason IT Professional with Years of Experience in Information Security Resume first appeared on .

Share this post on:

Affordable and Dependable Platform for Your Academic Assignments

X