DUTIESANDRESPONSIBILITIES
Non-ProdDAST- Configuring and Setup AppScan/Veracode
•Conducting manualr evalidation for those detected vulnerabilities by using Burp pro, Fiddler, Postman, SSlyze and Google Chrome add ons and DevTools of all browsers.
•Generating final report and submit it to the application team.
WhiteHat Sentinel
•This was the AIG third party team testing their Production Environment, my role on the team is I am the person in charge handling open cases like errors of their configuration and ensuring that all their Automation and Manual testing findings are True Positive.
Production DAST and Manual Testing
•AIG assigned me to focus on their Remediation Validation Request to verify all conducted fix in their applications and sometimes their requesting on how to replicate the detected issues. I also cleaning their duplicate vulnerabilities in their ThreadFix- where all data of vulnerabilities of the AIG applications stored.
Remediation Assistance
•We have weekly call with application team to discuss all issues that they need to know on how toreplicate or what is the best solution to resolve the detected issues.
