Alok Kumar
Summary
Experienced, certified, trusted and Result-driven security engineer protecting applications against bad actors, successfully built from scratch and now leading team and oversee preventing and reactionary security program & implementation for applications and APIs on-prem and in Cloud (AWS/Google/Azure) enterprise wide. Successfully led various product developmental projects as Dev and Tech lead.
Overview
23
23
years of professional experience
1
1
Certification
Work History
Lead Application Security Engineer
TSYS & Global Payments, Inc
01.2015 - Current
- Lead Web Application Firewall policies deployment and tuning in on-prem device such as F5 ASM , Imperva and F5 Silverline Cloud as well in AWS cloud across enterprise
- Oversee Security Champions program
- Conduct application security, OWASP Top10 training for security champions and developers
- Assist PCI team with Application security audit
- Oversee Static , Dynamic and open source scanning of Web Applications and API
- Build security violations use cases for Threat Management to setup alerting
- Constant review and upgrade of the application security incident handling and response.
Tech & Dev Lead
TSYS & Vertex Consulting
01.2007 - 01.2015
- Led the PEGA conversion project for Creditcare platform
- Led the migration of Credit Care platform from Weblogic to JBoss server
- Led the conversion of EJB 2.0 to EJB 3.0 on the Credit Care platform
- Led the the architecture and implementation of Electronic statement feature end to end for PCB bank
- Led strategy development and technical design specifications, analysed and estimated feasibility, time and compatibility and ensured that expected application performance levels can be achieved
- Led the design, coding/configuration, testing for quarterly and half yearly releases of product enhancements and client’s implementation
- Monitor and control of projects as they move through all SDLC phases
- Led the resolution of high priority production issue if happens for any client
- Code review of Developer’s code and Tester’s Test plan and scripts
- Serve as Mentor to team members, delegate tasks as appropriate
- Oversee the selection of tools and methodologies for projects, support, evaluate and recommend new technical directions and approaches to senior management
- Commit to overall deliverables with customers and/or management
- Still perform programming activities such as coding, unit testing, debugging.
Tech Lead and Sr. Developer
Tata Consultancy Services
01.2005 - 01.2007
- Tech Designed and outlined development and testing guidelines for off shore developers
- Conducted Java & RAD training for Off shore Java developers
- Developed various User Interface screens, controller and business components using JSPs, Struts, Session Beans, Log4j
- Created Order Web Service and test clients using Apache AXIS to expose the Stateless session bean’s methods to another application called EFP
- Developed Stateless session beans to encapsulate business rules as well as to communicate with IBM DB2 database, used JTA to manage transactions across two databases
- Designed complicated SQL queries
- Configured Struts validator framework and knowledge transferred the same to team members.
Lead/Developer
Tata Consultancy Services
01.2004 - 01.2005
- Implement all customizations required to be implemented for GE
- Customized frameworks according to the business requirements
- Performed unit testing, Integration testing and system testing as per the test cases supplied by the client and logged the test result for QA department.
Module Leader and Developer
Tata Consultancy Services
01.2003 - 01.2004
- Provided equivalent mapping Cobol construct in C language for development of a tool (Cobol2C) to convert Pro
- COBOL code to Pro
- C
- Customized frameworks according to the business requirements
- Developed various User Interface screens, controller and business components using JSPs, Struts, Session Beans, Log4j
- Inspected generated code in Pro
- C and fixed bugs in the tool Cobol2C as found
- Helped the team understand how to debug the Pro
- C code in case the output generated doesn’t match to what was expected
- Implemented 32 bit FML buffers to send input data from front end to backend and to receive the response from backend
- Performed unit testing, Integration testing and system testing as per the test cases supplied by the client and logged the test result for QA department
- Involved in preparation and execution of the Unit and integration testing phase and subsequently lending offshore UAT and production support to the delivered application.
Developer
Tata Consultancy Services
01.2002 - 01.2004
- Developed various User Interface screens, controller and business components using JSPs, Struts, Java Beans, JDBC, Log4j
- Used JavaScript for Front-End Validation
- Coded DAOs and built SQL queries
- Learned to use and implement call to Symark Power broker and Power password to gain access to Unix boxes
- Improved Application performances by analyzing the codes and replacing with optimized elements
- Involved in code review and also analyzed source of the most common errors
- Involved in preparation and execution of the Unit and integration testing phase and subsequently lending offshore support to the delivered application
- Provided UAT and production support.
Developer
Tata Consultancy Services
01.2001 - 01.2002
- Developed a backend deamon (Socket program) in ‘C’ to process concurrent requests coming from front end Java
- Developing backend processor program in Pro
- C for processing account queries related to Current Account, Saving Account and check book requests
- Understanding ISO 8583 International messaging protocol to decode the request came to backend and to encode the response in 128 bit pattern
- Developed various User Interface screens and application components using JSPs, Java, Servlets, Java Beans
- Used JavaScript for Front-End Validation
- Integrated and tested backend code with Front end Java.
Education
Skills
- Certified Security Professional
- Certified AWS Cloud Professional
- Certified Java & Oracle Professional
- Proactive and Reactive Defense
- Security Assessment
- Secure Coding Best Practice
- Security Framework and Standard
- Mitre ATT&CK
- Problem Solving
- Incident handling and response
- Communication and Collaboration
- Leading from the front
Certification
- AWS certified security specialty
- AWS certified cloud practitioner
- GIAC certified Security Essentials (GSEC)
- GIAC certified Web Application Defender (GWEB)
- PEGA certified System Architect
- ORACLE certified Professional, Java EE 5 Business Component Developer
- Sun Certified Web Component Developer for Java 2 Platform Enterprise Ed 1.4
- Sun Certified Programmer for the Java 2 Platform 1.4
- IBM Certified Associate Developer - Rational Application Developer for WebSphere V6.0
- IBM Certified Database Associate DB2 Universal Database V8.1 Family
Timeline
Lead Application Security Engineer
TSYS & Global Payments, Inc
01.2015 - Current
Tech & Dev Lead
TSYS & Vertex Consulting
01.2007 - 01.2015
Tech Lead and Sr. Developer
Tata Consultancy Services
01.2005 - 01.2007
Lead/Developer
Tata Consultancy Services
01.2004 - 01.2005
Module Leader and Developer
Tata Consultancy Services
01.2003 - 01.2004
Developer
Tata Consultancy Services
01.2002 - 01.2004
Developer
Tata Consultancy Services
01.2001 - 01.2002