Profiles search

Shweta Arora

Cloud Solution Security Architect
Alpharetta, GA, United States

Details

Education: Bachelor of Technology - BTech

Information Technology

Kurukshetra University

2002 : 2006
Experience: 2022 : Present

IBM

Cloud Security Architect

2020 :

Infosys Limited

Information Security Lead

Working as a Security Test Manager for BCBS Illinois, driving end to end project test execution right from understanding the project requirements, security architecture, built in security controls, defining the Test Strategy, coordinating with cross functional and product teams ensuring successful project implementation, test signoff and delivery

2019 :

Infosys Limited

Information Security Test Manager

Worked as Onshore Security Test Lead for the Suntrust Banks and managed the application security assessments throughout the project releases involving but not limited to Penetration tests, source code reviews, validating third party security controls.

Responsibilities :

• Security practice gap analysis

• Security requirement analysis

• Tool Configuration

• Application release level security service delivery strategy

• Client stakeholder management

• Security staff planning

2016 : 2019

Infosys Limited

Technical Test Lead

Worked as Onshore Security Team Lead for the Royal Bank of Scotland(RBS).

The client was planning to build another bank and wanted Infosys team to create application Security testing strategy and process for the systems of the new and the existing bank. The Requirements gathering and coming up with Test Strategy was scheduled with very aggressive timelines.

Key Responsibilities :

• Test Strategy

• Threat modeling and Penetration testing

• Review of security deliverables

• Co-coordinating with other vendor and testing streams

• Resource onboarding

• Leading entire offshore team of 6 people

2014 : 2016

Infosys Limited

Technical Test Lead
Company: IBM
Years of Experience: 16

Skills

Acunetix, Agile Methodologies, Application Security Assessments, Certified Information Security Manager (CISM), Code Review, Cybersecurity, DevSecOps, Fortify, Functional Testing, Microsoft SQL Server, Network Security, Nmap, OWASP, OWASP ZAP, Penetration Testing, pl/sql, Qualys, requirements analysis, Requirements Gathering, Secure Code Review, Security Architecture Design, Security Testing, Software Development Life Cycle (SDLC), Threat Modeling, Veracode Platform, Vulnerability Management, Vulnerability Scanning, Web Applications, Web Application Security

About

Astute Information Security Professional with 15+years of experience, spanning across Information Technology with last 8+ years in Application Security domain. Skilled in Project Management/Leadership, Customer Solution delivery pertaining to Cybersecurity, application security risk and network vulnerability assessments. Passionate in the field of Cyber security and pursuing the ISACA CISM certification



Core Skillset -

-Project Management and Leadership

-Enterprise Security against compliance and data security standards such as OWASP, PCI, CCPA, HIPPA, -ISO/IEC270001

-Application Risk Assessments and Penetration Tests

-DLP Cloud Testing

-Database Security and Monitoring

-Integrated Security in DevSecOps

-Third Party Security Controls and Risk Assessments





Hands on Experience on industry standard tools like IBM Appscan, Microfocus Fortify, Veracode, Portswigger Burpsuite, Qualys Vulnerability Scanner, Cenzic Hailstorm Vulnerability Scanner, Acunetix , Armorize Code Secure, ZAP Proxy, NMap, Nessus, Kali Tools, Wireshark