Now you can Instantly Chat with Ramakrishna!
About Me
Have been working on Application security for the past 8 yrs. My work includes Static Application Security Testing (SAST) using Appscan & Fortify,remediation of security vulnerabilities and deploying into production with jenkins, Threat Modeling u...
Worked on various java/j2ee web development projects including Struts, Spring core,MVC, Spring Boot, Spring Security, REST API, AngularJS etc.
Show MoreSkills
Portfolio Projects
Description
Description
This project is about making client applications secure through Threat Modeling, Static code analysis and remediation support.
Responsibilities:
- Get security requirements using SD Elements tool.
- Do Threat modeling based on high level design.
- Come-up with finalized security requirements/issues from SDE tool and Threat Modeling.
- Do static code analysis and provide remediation support to development team.
Technology / Tools
SD Elements, Appscan, MS Threat Modeler, OWASP, ESAPI, Eclipse
Show More Show LessDescription
Description
This project is about making client applications secure through remediation work, secure design etc. Various client applications undergo SAST and DAST testing giving list of security vulnerabilities. Our team did remediation of these issues by analysis, code fixing and deploying to production.
Responsibilities:
- Get security vulnerabilities from onsite and assign to team based on availability.
- Track status of on-going remediation work and assist team technically in remediation work.
- Do review of deliverables like code fixes, test cases etc.
- Provide various reports (No. of issues closed, velocity of closed vulnerabilities etc.)
to senior management whenever required.
Show More Show LessDescription
Perform static analysis of various ADP applications in security perspective. Primary task would be to scan given application code using Appscan tool, remove false positives reported by tool and do manual review. Prepare a final report with confirmed security vulnerabilities to respective application team by suggesting remediation fixes.
Responsibilities
- Do static analysis review of applications (mainly J2EE applications) in security perspective.
- Bring security awareness among application teams at ADP by taking sessions on secure coding
practices.
Show More Show LessDescription
Description
Objective of this project is to build a “Collections and Payouts Management Systems” for the client. This application is interlinked to current system “Life Asia” and will provide features like – automation of Pre-Receipting, Payout process, reconciliation, vendor management etc.
Responsibility
- Delivering ‘Payout’ module with a team of 4 people.
- Getting detailed design documents from team, review & rework
- Development & Unit testing done from the team
- Support for Payouts module in UAT
Description
Description
The project is about reconciliation of Bulk Funding Files that are received from the Plan Sponsor as part of contributions for HSA account. The contribution files received from Plan Sponsor will be validated and a new fund request file will be generated by FTM that is to bank for credit/debit transactions into HSA account. The contributions will be reconciled in FTM system after getting response file from bank.
Responsibility
- Client Interfacing
- Involved in requirements gathering.
- Involved in documenting high level design through client sessions.
- Estimations
- Involved in preparing estimations for development phase.
- Leading offshore team
- Worked with offshore team in development and testing phases. The activities involved mentoring offshore team, knowledge transfer sessions with offshore team, reviewing the code, coordinating unit testing and integration testing.
- Shell Script writing and executing Written shell scripts using VI editor for running java programs in UNIX environment.