Overall 16 years of professional experience in working with Microsoft technologies like Java, C#, VB.Net, ASP.Net (Core / MVC). API's using both SOAP and REST architectures. Over 6 Years of Professional experience in Application Security, Security Life Cycle, SDLC, Penetration Testing, and Vulnerability Assessment using OWASP, NIST and CWE/SANS Special Publications.Hands - on experience in reviewing and defining requirements for information security solutions and mitigation techniques.
Have hands on project experience followed on SOLID principles and Lazy Loading, Factory and Dependency injection design patterns. Experience in creating interactive web application and single page application using Angular. Proficient experience in building service-oriented applications using Spring Boot. Working experience in Database design and writing Stored Procedures, Functions, Triggers, Views, Joins, performing Query Optimization and Performance Tuning in SQL Server Databases. Proficient in writing Unit Test Cases for business logic, Controller and Repository. Proven ability to analyze problems, root causes, and develop innovative solutions to business challenges and streamlining operations.
Collaborated with clients and company teams defining requirements for security and operations programs including vulnerability Management, patch management, disaster recovery and access control.
Performed scoping engagements, vulnerability assessments, web application penetration testing, network penetration testing, and phishing campaigns to test security controls and policies.
Lead two teams of developers having 5 to 6 developers in each team.
Ensured team members stayed on task.
Assigned coding tasks to various team members.
Regularly monitored work and cut problem members before issues became large.
Directed team meetings to check on progress and plan code directions.
Designed, developed, documented, refined and maintained web applications in Microsoft-centric environment for different departments.
Built and maintained full stack applications for different clients.
Conducted a thorough needs analysis by surveying internal and external stakeholders.
Performed manual security testing (Penetration Testing) on critical client applications.
Uncovered high vulnerabilities at the infrastructure level for internet facing websites.
Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, integration, Authentication, Authorization, Auditing and logging.
Involved in all the phases of Software Development Life Cycle (SDLC) including Requirements gathering, Designing, Programming, Testing and Documentation of various projects.
Used AGILE SCRUM methodology to deliver in sprints and Status Meetings, Code Review Meetings.
Designed Angular Modules and Controllers using different directives like ngShow, ngRepeat, ngApp, ngController and many more.
Implemented Security, Routing, bundle configuration, Action Selectors, Action Filter, and Caching in MVC controllers for application development.
Implemented Two-way Databinding in Angular which makes the application to handle the automatic synchronization of data between the model and view components.
Implemented Angular Services to bind the data and provide access to the data on the server.
Used Entity Framework and LINQ to access the two databases so the user could create, edit, display, and delete data from the application's UI.
Designed, developed SOA Web Services using Restful API with .NET, C#.NET and Hosted on IIS and Unit tested with MS Unit Framework, C#.
Worked with database design, writing stored procedures and queries using LINQ.
Used GIT version control to manage the source code and integrating GIT with Jenkins to support build automation and integrated with JIRA to monitor the commits.
Created database tables and wrote SQL Queries and stored procedures to create complex join tables and to perform CRUD operations.
Performance tuning of SQL queries, procedures using SQL Profiler and Index Tuning Wizard.
Environment: Angular, Web API, .NET Framework, IIS, ASP.NET C#, Entity Framework, Bootstrap, Visual Studio, SQL Server, HTML, CSS, ADO.NET, MVC, JQUERY, NUnit, SQL Server Management Studio, Azure.
Work cross-functionally with various teams including: Product management, QA/QE, various product lines, and/or business units to drive forward results
Develop architecture for our web services security platform which supports authentication, authorization, isolation and policy management
Identify areas where our programs can be improved (especially through automation), and where possible implement those improvements
Develop and deliver training around secure development lifecycle and secure coding practices
Develops software solutions by studying information needs; conferring with users; studying systems flow, data usage, and work processes; investigating problem areas; following the software development lifecycle.
Determines operational feasibility by evaluating analysis, problem definition, requirements, solution development, and proposed solutions.
Documents and demonstrates solutions by developing documentation, flowcharts, layouts, diagrams, charts, code comments and clear code.
Prepares and installs solutions by determining and designing system specifications, standards, and programming.
Improves operations by conducting systems analysis; recommending changes in policies and procedures.
Updates job knowledge by studying state-of-the-art development tools, programming techniques, and computing equipment; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
Protects operations by keeping information confidential.
Provides information by collecting, analyzing, and summarizing development and service issues.
Accomplishes engineering and organization mission by completing related results as needed.
Supports and develops software engineers by providing advice, coaching and educational opportunities.
Completed programming assignments to enhance automated data research applications and software within network and client/server environments. Improved functioning of databases, communication systems, storage area networks and server configurations.
Developed UML use case diagrams using Rational Rose. Analyzed and debugged production issues in .NET applications and implemented fixes and conducted handover sessions to provide system setting, source code review, configuration and Special instructions.