Gayathri Santhosh

Seasoned SDET: Versatile and results-driven Test Engineer and Scrum Master with over 15+ years of experience in quality assurance and agile project management. Skilled in designing, developing, and executing comprehensive test plans and cases, ensuring high-quality software deliverables. Proven expertise in both manual and automated testing techniques, with a strong command of various testing tools and frameworks. As a Scrum Master, adept at leading cross-functional teams, facilitating agile ceremonies, and fostering a collaborative environment to deliver projects on time and within scope. Strong problem-solving abilities, attention to detail, and excellent communication skills committed to driving continuous improvement and innovation in software development processes. Self-driven, inquisitive to learn, ambitious individual contributor as well as a team player.

Core Competencies: Test Planning and Execution | Manual and Automated Testing | Agile Project Management | Scrum Framework Implementation | Team Leadership and Collaboration | Quality Assurance | Defect Tracking and Management | Continuous Integration/Continuous Deployment (CI/CD) | Test Automation Tools | Agile Tools (e.g., JIRA, Confluence) | Risk Assessment and Mitigation | Reporting and Documentation.

Security Enthusiast: Detail-oriented and highly skilled Security Test Engineer with over 8+ years of experience in the cybersecurity domain. Proficient in conducting thorough security assessments, vulnerability analysis, and penetration testing to identify and mitigate potential risks. Demonstrates expertise in both manual and automated testing methodologies, with a strong background in various security tools and frameworks. Adept at developing and implementing robust security strategies to safeguard organizational assets and ensure compliance with industry standards. Excellent problem-solving abilities and a keen eye for detail, combined with exceptional communication skills, enable effective collaboration with cross-functional teams to enhance overall security posture. Committed to continuous learning and staying updated with the latest cybersecurity trends and threats to provide cutting-edge security solutions.

Core Competencies: Penetration Testing | Vulnerability Assessment | Risk Management | Security Audits | Network Security | Application Security | API Security | Threat Analysis & Threat Modeling | Compliance & Regulatory Standards | Incident Response | Security Tools (e.g., Nessus, Metasploit, Burp Suite) | Scripting and Automation (e.g., Python, Bash) | Reporting and Documentation

• Promoted to [Job Title] in [Number] months.
• Performed root cause analysis on [name of system or process] and developed and implemented corrective actions to improve efficiency by [number]%.
• Automated test fixtures and processes to eliminate [number] labor hours per month.
• Awarded with the [name of award] for contributions to [name of project].
• Achieved [Result] through effectively helping with [Task].
• Collaborated with team of [Number] in the development of [Project name].
• Supervised team of [Number] staff members.
• Documented and resolved [Issue] which led to [Results].

• Security and Vulnerability Testing of Wind River Hypervisor HVP, VxWorks RTOS, WRLinux and Workbench products, Team Lead & Scrum Master – Agile coach, conduct various scrum ceremonies, As part of the security assessment of the products, performed Threat Modeling of the applications | Advocate Secure coding | Perform Platform security, Operating system like Linux security patches, securing critical control planes & data planes, interconnected services, API security, and secure-by-default practices. | SAST Static Analysis using Coverity, DAST using Nessus, NMAP,Achilles | Supply chain security checks for known CVEs |Risk Assessments & mitigations | Penetration & Fuzz testing using AFL++ etc.
• Cloud network infrastructure (GCP) & Web Security Services Testing and Automation, QA Lead - Participate in PI planning, understanding customer specifications, studying the solution document, followed by Test plan creation, review, execution and creating testcases in qTest followed by conducting Test plan reviews with PMs, Architects, Developers, and cross functional stakeholders.Lead various Agile releases by driving test development, estimation, planning, execution, reporting, and closure, Performed Functional testing of various Cloud Web Security services related features by building the test infrastructure in GCP and automation of the testcases using Python, Selenium WebDriver, PyTest and Robot Framework. Conducted performance testing using tools like JMeter. Performed thorough threat Modelling, secure coding practices, vulnerability and Penetration testing on the various cloud Web applications in GCP and Rest API using Burp Suite, OWASP Zap tools, OWASP Top 10, SANS 25
• Feature and Automation testing of Online and Mobile Banking, Functional and Automation testing of Online Banking, Mobile Banking (Android and iOS) and DNA Database applications, using Robot framework, Python, Ride editor, Selenium Web driver, Appium, Android SDK, XCode, Database libraries and keyword driven automation framework
• Network Security & feature testing and Automation of Juniper routers, Core & Edge SRX routers: Functional, Security and performance testing with of core security features of juniper srx, followed by driving the vSRX Virtual Firewall project initiated from scratch to deliver High-performance, next-generation firewall for securing virtualized and cloud environments deployed in VMWare and KVM. Lead the FIPS and CC security certification effort for SRX Series version 10.4R4. Validated the authentication algorithms like RSA, DSA and ECDSA on a site-to-site topology. Packet capture, analysis, and scripting of the encrypted packets between the VPN traffic. Customer specification-based testing, root cause analysis and scripting

• Juniper Network Certified Internet Associate (JNCIA – JUNOS)
• Juniper Network Certified Internet Specialist (JNCIS – SEC)
• Prepared for CompTIA – Security+ and AWS Cloud Security certification
• Online course completion certificates on Functional testing using QTP/UFT Frameworks, VB Scripting for QTP, Python for test engineers, Python for Network engineers, Selenium Web driver, Robot Framework with RIDE and PyCharm, HP ALM/QC, JIRA, AWS Cloud Security, Mobile and Android testing, performance and scaling testing using Load runner, IxLoad
• Google Cloud Certification courses course era on GCP Associate Cloud Engineer & cloud Infrastructure, Google Kubernetes Engine (GKE), Google Networking, Network Security, Cloud Storage, etc. CompTIA Cybersecurity Analyst+ certification
• Preparing for CompTIA Security, REST API/Web Services testing with SoapUI+Realtime scenarios, Appium – Mobile Testing from Scratch+Frameworks on Udemy

• [Area of certification], [Company Name] - [Timeframe]