ݺߣ

ݺߣShare a Scribd company logo

Umapathi_Resume

umapathi raja
umapathi raja

The document provides a summary of the candidate's experience in web application security testing. It lists 3 years of experience performing application security testing, vulnerability assessments, and penetration testing on various e-governance projects. It also provides details of the candidate's technical skills which include expertise in OWASP vulnerabilities, SQL injection, XSS, script injection protections and penetration testing tools such as AppScan, Burp Suite, and Nessus. Project experience is listed for 3 projects involving security testing for the Tamil Nadu health systems, Puducherry state service delivery gateway, and the Government of India's eProcurement solution.

1 of 3
Download to read offline
UMAPATHI. M +91 9790097761 mumapathi.cse@gmail.com Carrier Objective To contribute my best to the organization I work for, by being a good team player and to grow and glow with the organization with a sense of commitment. Experience Summary Total 3.2 Years of experience in Web Application Security Testing, Vulnerability Assessment and Software Quality Assurances in the e-Governance domain.   Application Security Testing (Manual & Automated), Vulnerability Assessment and penetration testing of various e-governance & QAT projects.  Well-equipped knowledge in Open Web Application Security Project (OWASP TOP 10), Web Application Security Project (WASP)  Having real time experience in DDos, SQL Injection protection, XSS protection, Script Injection and Major hacking protection techniques  Web Application Security Testing in e-Payment Net banking domain.  Vast hands-on experience in detecting security defects in Web Application using/ based on AppScan 9.0 [IBM].  Specialist in dealing with Source code Auditing tools, Penetration testing tools and Vulnerability scanning tools such as Acunetix, Nessus Vulnerability Scanner.  Identification of Application Vulnerability and exploit the weakness in the application based on OWASP Top 10 standard  Preparation of Document for application security plan, Test Case, Test Scenario, Test design development &Execution  Good knowledge in protocols such as TCP, UDP, FTP, SFTP, HTTP, HTTPS, SOAP, SSL and SMTP  Vast hands-on experience in using Proxy tools i.e. Burp Suite, Web Scarab  Handling IT – Services operation as Internet/ LAN Connectivity / Modem or Access point Configuration / Trouble Shooting.
Experience Profile Employment Summary Organization Designation Role Duration Tata Consultancy Services Pvt. Ltd. Assistant System Engineer Cyber Security Analyst June 12- Feb 14 PROFESSIONAL EXPERIENCE (Confidential, June 2012 – Present) Web Application Security and Vulnerability Assessment Project 1 Project Name Tamil Nadu Health Systems Project (TNHSP) Customer Government of Tamil Nadu(World Bank) Tools Manual Test, App scan 9.0, Web scarab, Pros, Burp suit and Paros. Description Tamil Nadu is ranked among the high-performing States in India, in the area of human development. The State is noted for its low mortality rates and effective healthcare services. The State has a long track record of innovations in the health sector. In 2005, the World Bank approved the Tamil Nadu Health Systems Project for a total cost of Rs. 597.15 crores. The World Bank’s involvement in the project has been extremely advantageous. It has helped in introducing new approaches in the way the health sector functions in the State. Team Size 2
Project 2 Project Name Pondicherry SSDG (State Service Delivery Gateway). Customer Government of Puducherry(Infosys) Tools Manual Test, App scan 9.0, Web scarab, Pros, Burp suit and Paros, Wire Shark Description National e – Governance Plane envisage for providing easy and convenient service delivery to citizens. This is achieved through common service Centers. Enables “electronic form” application through state portal and state Service delivery gateway. This section provides information on creation of the right governance and institutional mechanisms, setting up the core infrastructure and policies and implementation of a number of Mission Mode Projects at the Center, State and integrated service levels. Application Security project for 135 e-Services were carried out. Team Size 3 Project 3 Project Name Government eProcurement Solution of NIC (GePNIC) Customer National Informatics Centre(NIC),Government of India Tools Manual Test, App scan 9.0, Web scarab, Pros, Burp suit and Paros, Wire Shark Description A generic e-Procurement software solution, called GePNIC, has been developed by National Informatics Centre (NIC) to cater to the procurement / tendering requirements of the Government departments and organizations. The solution can easily be adopted for all kinds of procurement activities such as Goods, Services & Works. It aims at enhancing transparency in all activities relating to tendering process and non discrimination amongst bidders. Team Size 2 Functional Skill Set  Ability to handle a team of Support and co-ordinate smoothly handled the issues.  Training the new members in the team and getting them productive quickly.  Strong client facing skills.  Problem solving capability peered with strong communication skills

More Related Content

Umapathi_Resume

  • 1. UMAPATHI. M +91 9790097761 mumapathi.cse@gmail.com Carrier Objective To contribute my best to the organization I work for, by being a good team player and to grow and glow with the organization with a sense of commitment. Experience Summary Total 3.2 Years of experience in Web Application Security Testing, Vulnerability Assessment and Software Quality Assurances in the e-Governance domain.   Application Security Testing (Manual & Automated), Vulnerability Assessment and penetration testing of various e-governance & QAT projects.  Well-equipped knowledge in Open Web Application Security Project (OWASP TOP 10), Web Application Security Project (WASP)  Having real time experience in DDos, SQL Injection protection, XSS protection, Script Injection and Major hacking protection techniques  Web Application Security Testing in e-Payment Net banking domain.  Vast hands-on experience in detecting security defects in Web Application using/ based on AppScan 9.0 [IBM].  Specialist in dealing with Source code Auditing tools, Penetration testing tools and Vulnerability scanning tools such as Acunetix, Nessus Vulnerability Scanner.  Identification of Application Vulnerability and exploit the weakness in the application based on OWASP Top 10 standard  Preparation of Document for application security plan, Test Case, Test Scenario, Test design development &Execution  Good knowledge in protocols such as TCP, UDP, FTP, SFTP, HTTP, HTTPS, SOAP, SSL and SMTP  Vast hands-on experience in using Proxy tools i.e. Burp Suite, Web Scarab  Handling IT – Services operation as Internet/ LAN Connectivity / Modem or Access point Configuration / Trouble Shooting.
  • 2. Experience Profile Employment Summary Organization Designation Role Duration Tata Consultancy Services Pvt. Ltd. Assistant System Engineer Cyber Security Analyst June 12- Feb 14 PROFESSIONAL EXPERIENCE (Confidential, June 2012 – Present) Web Application Security and Vulnerability Assessment Project 1 Project Name Tamil Nadu Health Systems Project (TNHSP) Customer Government of Tamil Nadu(World Bank) Tools Manual Test, App scan 9.0, Web scarab, Pros, Burp suit and Paros. Description Tamil Nadu is ranked among the high-performing States in India, in the area of human development. The State is noted for its low mortality rates and effective healthcare services. The State has a long track record of innovations in the health sector. In 2005, the World Bank approved the Tamil Nadu Health Systems Project for a total cost of Rs. 597.15 crores. The World Bank’s involvement in the project has been extremely advantageous. It has helped in introducing new approaches in the way the health sector functions in the State. Team Size 2
  • 3. Project 2 Project Name Pondicherry SSDG (State Service Delivery Gateway). Customer Government of Puducherry(Infosys) Tools Manual Test, App scan 9.0, Web scarab, Pros, Burp suit and Paros, Wire Shark Description National e – Governance Plane envisage for providing easy and convenient service delivery to citizens. This is achieved through common service Centers. Enables “electronic form” application through state portal and state Service delivery gateway. This section provides information on creation of the right governance and institutional mechanisms, setting up the core infrastructure and policies and implementation of a number of Mission Mode Projects at the Center, State and integrated service levels. Application Security project for 135 e-Services were carried out. Team Size 3 Project 3 Project Name Government eProcurement Solution of NIC (GePNIC) Customer National Informatics Centre(NIC),Government of India Tools Manual Test, App scan 9.0, Web scarab, Pros, Burp suit and Paros, Wire Shark Description A generic e-Procurement software solution, called GePNIC, has been developed by National Informatics Centre (NIC) to cater to the procurement / tendering requirements of the Government departments and organizations. The solution can easily be adopted for all kinds of procurement activities such as Goods, Services & Works. It aims at enhancing transparency in all activities relating to tendering process and non discrimination amongst bidders. Team Size 2 Functional Skill Set  Ability to handle a team of Support and co-ordinate smoothly handled the issues.  Training the new members in the team and getting them productive quickly.  Strong client facing skills.  Problem solving capability peered with strong communication skills