Rachana Gupta
Austin,TX
Summary
Diligent Application Security Engineer with a strong foundation in security engineering, specializing in secure software development, vulnerability assessment, and threat analysis. Proven ability to identify, analyze, and remediate security vulnerabilities in applications and systems, with expertise in infrastructure and platform security. Skilled in integrating security into the SDLC with Threat Modeling, Architecture Review, Manual Code analysis, tools like SAST/DAST and OWASP Top 10.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Security Engineer- Application Security
Amazon
03.2024 - Current
- Collaborated closely with cross-functional teams, including security engineers, software engineers, and product managers, to enhance security across critical infrastructure and WebApp/Payment/PHI/API related applications.
- Conducted end-to-end security assessments and system design reviews, identifying vulnerabilities and driving remediation efforts to improve platform and infrastructure security.
- Leveraged an engineering-focused approach to develop and implement security solutions, ensuring alignment with business needs and risk management objectives.
- Designed and executed penetration tests, manual code reviews, and automated security scans to uncover and address security gaps in platforms and services.
- Delivered actionable security recommendations and executive summaries to stakeholders, effectively communicating complex security concepts to diverse audiences.
Security Engineering Intern - Application Security
Amazon
05.2022 - 08.2022
- Designed Open Source Intelligence (OSINT) strategies to automate procedures of Threat Modeling phase of Amazon's internal applications
- Developed automated process for scanning and validating AWS resource threats, enhancing application tester's operational efficiency by 60%(from days to couple hours)
- Implemented internal tools and coded custom rules on Scoutsuite targeting AWS component misconfigurations and delivering an HTML report for a visual threat chart
Security Engineering Intern - Third Party Security
Amazon
05.2021 - 08.2021
- Designed a real time data breach scanner to check for Amazon third party data breaches utilizing Silobreaker threat intelligence
- Executed a VERIS framework-based response plan to effectively manage risks through mitigation, acceptance, or avoidance strategies
- Ensured enhanced security controls and measures for third-party vendors post-breach, allowing Third Party Security (TPS) Analysts to save > 2 weeks during TPS assessments
Cybersecurity Analyst Intern - Vulnerability Management
Copart
01.2021 - 05.2021
- Performed Vulnerability Management using the Rapid7 InsightVM tool for monthly scans to extensively probe asset devices for known vulnerabilities aligned to the CIS benchmarks, exploits, and policy rules reducing risk by 27%
- Used frameworks like ISO 27001, NIST to monitor networks, check IP ranges, and console configurations to constantly ensure the scan engine discovers vulnerabilities accurately
Cybersecurity Intern - Penetration Testing and Forensics
MPInfotech
08.2020 - 10.2020
- Collaborated on a penetration test, and conducted a black-box, white-box pen-test for clients and the company's new website using Nmap, Nikto, ZAP, Burpsuite
- Presented executive summaries to the clients
Education
B.S. - Computer Science
The University of Texas at Dallas
05.2023
Skills
- Threat Modeling
- Secure Architecture Principles
- Manual Code Analysis
- Penetration testing skills
- Infrastructure and Application security
- Security Guidance
https://www.linkedin.com/in/therachanagupta/
Certification
CompTIA Security+
Tools
- BurpSuite Pro
- Nmap
- OWASP ZAP
- Metasploit
- Beef
- Fortify
- Scoutsuite
- Wireshark
Programming Languages
Java
Python
C++
TypeScript
JavaScript
Timeline
Security Engineer- Application Security
Amazon
03.2024 - Current
Security Engineering Intern - Application Security
Amazon
05.2022 - 08.2022
Security Engineering Intern - Third Party Security
Amazon
05.2021 - 08.2021
Cybersecurity Analyst Intern - Vulnerability Management
Copart
01.2021 - 05.2021
Cybersecurity Intern - Penetration Testing and Forensics
MPInfotech
08.2020 - 10.2020
B.S. - Computer Science
The University of Texas at Dallas
Similar Profiles
Ruben Frausto JrRuben Frausto Jr
Maintenance Technician III at AmazonMaintenance Technician III at Amazon
Sreeram TRSreeram TR
Catalog Manager at AmazonCatalog Manager at Amazon
Yashvvi JangidYashvvi Jangid
Senior Risk Analyst at AmazonSenior Risk Analyst at Amazon
Vivian MaxwellVivian Maxwell
Associate at AmazonAssociate at Amazon
Tatiana T. TorresTatiana T. Torres
Senior Enlisted Advisor at U. S. Navy, Recruit Training CommandSenior Enlisted Advisor at U. S. Navy, Recruit Training Command