I am security enthusiast with in depth knowledge in secure code review.
Previous Projects
Web Application Security (SAST) and DevSecOps tools Integration (08/2018– 07/2021)
Skills and Tools used: Veracode, Java, Angular, JavaScript, Veracode, Git, Jenkins, .Net, Python, C++.
Helped developers in making the project more secure by mitigating the vulnerabilities at jar (SCA) and code level. Vulnerabilities such as XSS, CRLF Injection, Cryptographic Issues etc...
Work on Veracode. I reviewed source code for applications across BNYM to review false positives and helped the developers to mitigate the vulnerabilities.
Helped teams to onboard onto our Gitlab CICD pipeline which took care automated scans on various security tools.
I was nominated to be a part of Secure Code Warrior, a secure coding company with innovative solutions helping App Sec enthusiasts to thrive in this domain. Here we had to find the vulnerabilities in source code from different languages such as Java/Servlets, Java/Spring, Angular, etc., and provide fixes for them.
Pensioner Project and IAS Web (12/2017 – 07/2018)
Skills and Tools used: Java, Spring, Spring Boot, Angular, HTML, CSS, JavaScript, JSP, Eclipse, Git, Jenkins, Veracode.
Migrated two applications from old legacy technologies like Flex and JSP to Angular 7 using http services, template driven-forms ensuring best resiliency practices followed.
Worked on implementing various rest services in Java Spring for fetching tax forms, check image and email calls.
Implemented new additions to the program like single sign on, programmed in Java and Spring framework and created new database objects (Oracle) like tables with proper constraints for new client onboarding.
Build shell script to automate data feed for client and send an error file back to client which got discrepancies.
Did Import Tuning via shell script and database knowledge in our project that bought down the time of import from 4 hours 48 minutes to 1 hour 26 minutes.
Containerized our application where we moved out of VM’s to Docker.