Itha Shiva Kumar

• Verifying Test Environment. • Understanding and Analyzing Test Requirements. • Prepared and Executed Test cases as per system Requirements. • Involved in all testing related documentation. • Involved in weekly review meetings

• Performing VAPT on all Internet facing financial Web applications on companies and reporting to the respective teams of the organization • Vulnerability Assessment and Penetration Testing. , Performed Weekly, Monthly, Half yearly, yearly vulnerability assessments. Maintaining and analyzing the security risks on to the whole network, Servers and the systems through several vulnerability tools • Payment Gateway & Merchant Gateway applications security testing from ecommerce application • Active participating in Patching the vulnerability by collaborating with various teams • Working against Zero days vulnerabilities and patching them with temporary & permanent solutions • Validation of description of information as declared by the Project Team in the asset profiling sheet. • Validation of Solution architecture describing different components, their connectivity, redundancy, etc.

• Analyzing the FSD (Functional Specification Document) and provide suggestions and queries to the business team • Understanding the Payment gateways for security • Understanding of business validation issues. • Reporting the Critical & Major issues in initial stage of fixing issues in the earliest • Reporting the issues by using Internal bug tracking tool • Performing regression testing • Providing the newly designed format of QA signoff for Bank release • Conducting meetings with respected developing teams and discussing about issues and impact of issues for every month and interchanging the suggestions and advices to get the robust product out. • Active participating in Patching the vulnerability by collaborating with various teams • Conducting meetings with clients explain about reports, issues and mitigations. • Giving security reviews for New products and new CR’s at Design levels & implementing Secure SDLC procedures

• Understand the product and identity management and access control • Introduce the new security testing report format for the present organization for Product and maintain the same report for future • Preparing plan for the testing activities. • Implement the standards on running the automatic security scan on monthly bases using tools Acunetix, Burp pro • Implement the new issue mitigation techniques • Understanding the issues in both application and code level to get better vulnerabilities. • Understanding of Identity management issues, Identity access. • Giving seminar to the organization people about security, assets etc. • Active participating in Patching the vulnerability by collaborating with various teams • Application Security Report shall be provided to the Project Team for their validation and Security UAT goes ahead. • Conducting meetings with respected developing teams and discussing about issues and impact of issues for every month. • Conducting meetings with clients explain about reports, issues and mitigations. • Implementing Secure SDLC procedures • Report writing with OWASP standards