Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Nandita Chowdhury

New Delhi,India

Summary

Experienced information security professional with over 6 years of hands-on experience in securing web, mobile, API, and thick clients.


Believe in making security an enabler for businesses rather than a bottleneck.

Overview

6
6
years of professional experience
1
1
Certification

Work History

Senior Penetration Tester

Bold
12.2020 - Current
  • Performed Web Application VA-PT for various in-house products in career growth domain, such as resumes, cover letters, payment services, etc.
  • Introduced Shift Left Security by performing feature reviews for newly developed features every sprint.
  • Conducting in-depth web service vulnerability assessment and penetration testing.
  • Implemented API pentest automation from scratch.
  • Conducting mobile applications (VA-PT for various in-house products.
  • Performing penetration tests for applications hosted on Azure cloud
  • Pivotal in development and execution of security integration plan in SDLC
  • Assisting development teams to mitigate vulnerabilities discovered in security review
  • Educating developers about various secure coding practices through training from the beginning of the software development lifecycle.

Technical Analyst

Fidelity International
06.2020 - 12.2020
  • Conducted Web Application VA-PT for various products in the financial domain, such as investment services, payment services, insurance services etc
  • Conducted Thick Client Application VA-PT for various internal as well as external applications
  • Conducted in-depth web services vulnerability assessment and penetration testing
  • Conducted manual as well as automated code reviews of applications
  • Raised Non Compliance (exceptions) for vulnerabilities found in security assessment with risk acceptance till date of patching
  • Assisted development teams to mitigate vulnerabilities discovered in security review.

Associate (Cyber Security)

Fiserv
06.2018 - 05.2020
  • Conducting Web Application VA-PT for various products in the financial domain, such as electronic payment solutions, biller solutions, card services, investment services etc
  • Conducting in-depth web services vulnerability assessment and penetration testing
  • Conducting thick client vulnerability assessment and penetration testing
  • Helping development teams in patching of software built in-house for various financial domain clients
  • Addressing client grievances and ensuring client satisfaction.

Junior Associate (Technology)

GlobalLogic
11.2017 - 06.2018
  • Started career as software developer with Global Logic
  • Was primarily responsible for: Software Development based on iOS
  • Developing elementary code to make UI look better using XCode with UI View, Table View, Seague and Progress HUD
  • Technology/Tools Used : Xcode, Swift4

Education

Bachelor of Technology -

Bharati Vidytapeeth's College Of Engineering
Delhi, India
06.2017

Skills

  • OWASP Top 10
  • Web Application/Thick Client/Mobile Application Security
  • Vulnerability Assessment
  • Penetration Testing
  • Source Code Analysis
  • PCI/DSS
  • Cloud Security
  • API Automation

Certification

  • Microsoft Certified Azure Security Engineer Associate, Certification ID: 991676011
  • ICSI CNSS Certified Network Security Specialist, Credential ID: 18236835


Timeline

Senior Penetration Tester

Bold
12.2020 - Current

Technical Analyst

Fidelity International
06.2020 - 12.2020

Associate (Cyber Security)

Fiserv
06.2018 - 05.2020

Junior Associate (Technology)

GlobalLogic
11.2017 - 06.2018

Bachelor of Technology -

Bharati Vidytapeeth's College Of Engineering
Nandita Chowdhury