Profiles search

Mark Vermilya

Senior Information Security Specialist at U.S. Bank
Danielson, CT, United States

Details

Education: MS

Computer Engineering

Manhattan College

1990 : 1992

BA

psychology / philosophy

Eisenhower College

1978 : 1982
Experience: 2015 : Present

U.S. Bank

Senior Information Security Specialist

• Web Application Penetration Testing – Conducted Penetration tests against bank applications including web services, rated and and reported issues to application teams.

• Security Awareness – Weekley and Quartely emails and documentation in support of Web Applications Security.

• Security Consulting – Supported Web App Security for the Reference Data Systems and Payment Systems Applications Portfolios in eComm Division.

• Issue Tracking and Remediation – Report Out meetings, risk ratings, evaluating source code scans, tracked issues in Archer.

• Security Toolkit – participated on coding Java library wrapping OWASP’s ESAPI security toolkit.

• POC of new software – evaluated and introduced NTO Spider as a DAST tool into the bank.

• Associate Recruiting and Interviewing - conducted numerous job interviews in order to recruit new team members.

2012 : 2015

Bank of America

Web Applications Security Engineer / Penetration Tester

• Build Engineer – Responsible for working with design and app teams to build out apps in the Corp Staff Support Domain.

• Hosting - Supported Intranet Portal and highly secure Person Number System.

• Security - Responsible for securing middleware applications and code. Remediation and tracking of numerous infrastructure security issues.

• SPOC – (Security Point of Contact) for Intranet Portal

2006 : 2012

Bank of America

Senior Web Hosting Engineer

Team lead - Responsible for code builds and deployment package creation along with Tier 3 level Applications Support.

2004 : 2006

Bank of America

Intranet Portal Application Support Team

Java Developer

2002 : 2004

Bank of America

Java Development Team for Intranet Portal
Company: U.S. Bank
Years of Experience: 29

Skills

agile methodologies, databases, information security, Java, java enterprise edition, penetration testing, project management, Security, shell scripting, soa, software deployment, system deployment, unix, web applications, web logic, Weblogic, web services

About

Highly experienced and credentialed Web Application and Security Professional seeking a position that will challenge my existing skills and further develope my experience and knowledge of IT Security. 20+ years of experience with Client/Server systems in the financial industry that includes design, consulting, coding, system administration, scripting, technical support, troubleshooting and deployment. Extensive knowledge of OWASP top 10 and SANS top 25. Experienced web application pen tester. Passion for learning new technologies, troubleshooting root cause and breaking applications. Proven track record of being able to adapt to dynamic environments, formulate plans, and effect well thought out solutions. Available for travel.