This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

User:Gandhiasrn

From OWASP
Revision as of 07:23, 6 October 2010 by Gandhiasrn (talk | contribs)

Jump to: navigation, search

I am a Techical Lead working with McAfee (Information Security Space) for the last 5 years. Prior experience includes working with Client Microsoft, Wipro technologies, MBT establishing a Vulnerability Accessment Center with Common Criteria and SSE-CMM guidelines, auditing British Telecom Network, Microsoft Source code towards secuirty aspects and Signingoff towards Security aspect for all products that gets released by Microsoft to the Public. Conducting External & Internal Network Enumerations on the production builds.

I have been involved in the Information Technology industry for more than 13 years. My focus has been in application security including testing, code reviews, design reviews, Penetration testing and training. My background in web application development and automation helps stakeholders to find secure flaws and making the code complete. I has a M.B.A. in Finance and a M.I.E in Computer Science & Engineering.


Few of the key responsibilities includes...

- Proving technical expertise and support in the performance of architecture and application risk assessments for IT developed applications and third-party solutions

- Review new and existing applications for security vulnerabilities

- Perform penetration tests and vulnerability assessments of IT applications and websites

- Coordinate testing efforts with the IT Security Assurance Team

- Enforce the secure QA coding process

- Primary liaison between IT QA, IT Security Assurance, and IT application development to ensure all IT developedapplications and websites adhere to secure code standards

- Document the results of assessments and coordinate with the IT Security Assurance Team to driverecommendations to remediation

- Recommend application security tools and techniques for implementation in the QA process

- Participate in research and provide recommendations for continuous process improvements--

- Write security test plans and test cases for each assigned project

- Provide training to other QA and Development personnel to improve their security awareness and education