Profiles search

Ashish Pandya

Sr. CyberSecurity Engineer
San Francisco, CA, United States

Details

Education: Master of Science - MS

Computer Science

San Francisco Bay University



Bachelor's Degree

Electronics Engineering

Lokmanya Tilak college of Engineering
Experience: 2021 : Present

Moody's Corporation

Sr. Cybersecurity Engineer

2016 :

US Army

Specialist

Involved in 3 rd party vendor Security Assessment and Threat Modelling

Responsible to perform Application Security testing for SSDLC team along with Triaging and Identification along with PEN Testing.

Provide remediation & guidance to Vulnerabilities discovered based on automated tools inputs.

Provide remediation & guidance on open source vulnerability scanning using DependcyCheck tool.

As Lead engineer also responsible for API, UI Automation for CyberSecurity Project from scratch.

Technology used for automation : Cucumber, Selenium and ReadyAPI.

Technology used for Application Security : Checkmarx, Veracode, Acqunetix and Burp Suite tools.

2019 : 2021

Visa

Cyber Security Engineer

Responsible for Application Security, API, UI Test Automation for DocuSign’s signing functionality.

Automated IOS app based functionality.

Used inhouse emulators to mimic various IOS releases, phones and sizes.

Application security Threat Modelling and Integrating Security testing tools with Jenkins

Responsible to perform Application Security testing for SSDLC team along with Triaging and Identification along with PEN Testing.

Technology used for automation : Cucumber, Ruby and ReadyAPI.

Performing Security Testing as part of Automation.

2018 : 2019

DocuSign

SDET

- Working in Macy's Wallet Team as QE Lead where manage team, API automation and UI automation are amongst few responsibilities.

- Worked with Macy's on Scaling Project More Like This as Sr. QE for API automation using REST-Assured and UI Automation for same using Java and Cucumber.

- Worked recently with Machine Zone (gaming company) with Data Platform Team for Automation, Data Analytics and Hadoop.

- Responsibilities included development, QA automation, Data capturing and reporting for marketing Team, analysis and debugging.

- Tech used were Vertica, Hadoop, Java, Gobblin.

- Worked with Macys on MBMoney Gaming project. Involved in Automation for marketing Team for new promotion launches for various seasons.

- Developed POM based framework for various Retail sites using Selenium Java.

- Created and headed team to plan and design scenarios and coverage.along with Jenkins implementation.

- Doing Code Reviews for various teams.

- Performing early Regression.

- Involved in Macy’s MBMoney gaming project for Test Framework development and scripting testcases.

- Involved in functional testing, regression testing and User Acceptance testing for various combinations.

- Developing Hybrid framework using Selenium WebDriver and TestNG.

- For JUMP framework(Nisum's proprietary) involved into automation block for preparing jar for customers using various scripting languages(Java, Ruby, Python[in process]).

- Running test suite on Jenkins and analyzing failed cases

2016 : 2018

Nisum

Senior Automation Engineer
Company: Moody's Corporation
Years of Experience: 12
Spoken Language: English, Hindi

Skills

Agile Methodologies, API Testing, Application Security, C++, Cascading Style Sheets (CSS), CSS, DAST, Databases, Eclipse, HTML, Java, JavaScript, JDeveloper, JMeter, Leadership, Linux, Microsoft SQL Server, MySQL, Oracle, Penetration Testing, Quality Assurance, Red Hat Linux, SAST, Software Development, Software Development Life Cycle (SDLC), Software Security Testing, Software Testing, SQL, SQL Injection, Test Automation, Test Planning, VAST, Web Application Security

About

- SAST reviews for SSDLC using tools such as Checkmarx, Veracode and Synk.

- DAST reviews using Acqunetix and Invicti(Netsparker).

- Creating and Managing WAF on Cloud Flare at Org.

- Performing DevSecOps role along with PEN Testing.

- Provide remediation guidance of Vulnerabilities discovered using OWASP top 10 guide.

- Performing Open source vulnerability scan. assessment and providing remedy and guidance too.

- Report and Data Aggregation using Splunk for various AppSec tools.

- Performed security related testing : Data protection security, Cross site scripting, SQL injection.

- Performed Web User Interface back end web business logic and server side code analysis.

- Secure Software Development Lifecycle Training.

- WebServices/REST testing using SOAPUI Pro and Postman.

- US Citizen.



Skill set:



Programming : Java, Ruby, Data Structures, Groovy

Platform: Linux, Windows.

Database: Oracle 10g, MySQL, SQL server 2005/08, H2DB, Vertica, Splunk

Web Technologies: HTML, CSS, JavaScript, Grails, PHP.

Tools : Eclipse, IntelliJ, Appium, Jmeter,Selenium, HP QC, IBM CQ, Postman, SOAPUI Pro, Hadoop, Spark, Burp Suite, Checkmarx, Vercode, Acunetix.