SUMMARY:

• 6 years IT experience in all phases of software development life cycle (SDLC) of project & product that includes system analysis, design, development, integration, testing, deployment, troubleshooting and maintenance.
• Highly motivated, detail oriented, ability to work independently and as a part of the team.
• Expertise in design and developing security tools and fixing web application vulnerabilities

TECHNICAL SKILLS:

Programming Languages: Java 1.8, Moscow ML(functional programming), C, C++, Prolog, Scheme

Security Tools: OWASP, AppScan, SSLScan, Fortify scan, Firebug

Development/project Management tools: Intellij Idea, Eclipse, IBM RAD, Ralley, JIRA, Crucible

Frameworks: Struts 1.x, Struts 2.1, Spring MVC, Spring batch, Hibernate 2.x, 3.x, JSP Servlets, EJB, SOAP,JAX - WS and JAX-RS, Restful Web Services, vert.x, Design Patterns

Java Standard Edition: Lambda s & functional programing, Streams, Collections, IO, Threads, JDBC, Annotations

Source Control Management: SVN, Clear Case, CVS, Acurev, GIT

Build and CI Tools: Apache Maven, Bamboo, Hudson, Jenkins

Test Automation: JUnit, SoapUI, JMeter

Database: MySQL, Oracle, DB2

PROFESSIONAL EXPERIENCE:

Confidential, Foster City, CA

Java Consultant

• Developed security gatekeeper product, which act as single entry point for all cyber source internal and external application and resolve all cross cutting security concern of application like authentication, and authorization and secure filtering using vert.x and java 1.8 leveraging stream API and lambda functional interfaces.
• PII and PAI data encryption and decryption for rest data.
• Developed security filters as Restful web services which addresses OWASP top 10 and SANS top 25 concern.
• Developed Http signature based authentication libraries.
• Developed cgk gatekeeper as docker image along with it’s dependencies.
• Deployed gatekeeper docker images to docker container.
• Perform Personal Identity Information (PII) and Personal Account Information (PAI) data analysis of 60 internal and 10 external facing application which include around 155 database tables with average 4 column per table
• Developed libraries for software based local and Remote encryption and decryption with SAfeNet HSM key caching functionality.
• Enhance all internal and external facing application to support encryption, decryption and hashing around PII and PAI data.
• Developed Spring Batch based Backfill utilities which backfill around 25.6 billion records of 115 database tables without affecting live transaction or any P1 issue.
• Fixed OWASP top 10 security vulnerabilities for around twenty internal and externally exposed application.
• Analysis and fixes of AppScan, Fortify and White Hat report findings.
• Implement custom log4j to identify all credit cards and PII, PAI and password data and mask at low logging level.
• Developed interface for redis based cache support for distributed environment.
• Designed token based solution for cross-site request forgery CSRF attacks.
• Developed Solution for software based data center director for requests.

Java Consultant

• Worked on various process and pages to determine Benefits Eligibility.
• Worked as web Sphere portal developer (JSR 286 specifications).
• Worked on Spring MVC Portlet.
• Worked on Jaas extension library to plug Authentication module.
• Worked on spring security framework and provided role base component and menu access system by creating roles and permissions for a core user.
• Created contact log portal for logging customer details and ER Diagrams and data model.
• Have used DWR (Direct Web Routing) framework to implement AJAX.
• Developed and maintained the application using JSP, HTML, CSS, JavaScript and Ajax.
• Used GIT version control tool, Hudson build tool to generate war/ear files.
• Used Jenkins tool to check test cases success percentages and recent builds.
• Wrote many send and receive batch processes using bean I/O and flat pack.
• Developed the application using Test Driven Development.
• Used Altova uml modeling tool to create class diagrams and sequence diagrams.
• Used Jmeter for performance testing to simulate different loads and concurrent access of application.
• Worked on Eligibility Determination and Benefits Calculations Module.
• Worked on Recovery Accounts for Medical Programs.
• Worked on Financial and Non-Financial Intake Data collection.
• Worked on various modules for benefit programs.

Java Consultant

• Confidential is the name of the ISD2 replacement system selected to provide a platform that is flexible, and easy to expand and maintain. ISD2 is the eligibility determination and case management system that supports the administration of public assistance programs in New Mexico. The system is also used in the establishment of claims and has numerous interfaces.
• Working in a track called Front Office.
• Created Functional requirements using Storyboards and snagit.
• Used a custom framework called fast4J (similar to struts) layered architecture with EJB, BO and DAO layers.
• Used cargo and collections to carry data between different layers.
• Servlets and JDBC were used in retrieving data.
• Developed and Deployed modules on IBM WebSphere Application Server
• Developed more than 20 java server pages and used java script for client side validations.
• Used Ant scripts to build and deploy the application.
• Extensively used RAD as an IDE for building, developing and integrating the application.
• Provided SQL scripts and PL/SQL stored procedures for querying the oracle database.
• Provided Maven build tool for building and deploying the application.
• Provided Log4j support for the application for debugging the system.

Java Consultant

• Worked on Functional specification designs.
• Used Spring framework in conjunction with Hibernate for porlets development.
• Used Ajax and Jason to communicate between UI and controller layer.
• Used IBM AppScan Baseline Application Vulnerability Assessment tool for security vulnerabilities before production deployment.
• Used Hudson as a build tool to generate war and ear files.
• Used Ldap connections and configuration to access Cisco internal user information.

Business Application

• Reviewed High-level Design (HLD), Functional requirements.
• Used IBM RAD as development environment and deployed application on Web Sphere Application server.
• Extensively used Core Java such as Exceptions, and Collections in Application.
• Used CVS version control tool to manage source repository.
• Developed highly scalable, transactional and reusable components using J2EE technologies.
• Prepared Program specifications and Test cases based on Detailed Design documents.
• Used Java EE Connector Architecture for connecting application servers and enterprise information systems (EIS) as part of EAI solutions.
• Used XML parser APIs such as JAXB in the web service's request response data marshaling as well as un-marshaling process.