Dhanaranjana Weerasinghe

Experience

• 

  Computer Network & Network Security Community

  Nov 2017 - now

  Co-Founder / Speaker

  Insight // Chapter 01- Phases of Penetration Testing & Future Career Guidance

• 

  PwC’s Cyber Security Sri Lanka

  Jul 2018 - Aug 2019

  Responsibilities and duties include:- Operating Systems & Database Security audit- Black-Box Server Penetration Testing- Mobile Application Penetration Testing- Web Application Penetration Testing- API Penetration Testing- Internet Payment Gateways (IPG) Penetration Testing- Vulnerability Assessments ( Internal & External )- IT General Control Reviews - Firewall rule base review and configuration review- Network architecture review- CIS Benchmarking - Internal and External Vulnerability Assessment and Penetration Testing for Servers, Web Applications, Mobile Applications- Black- Box Server Penetration Testing- IT General Control Reviews- Firewall Rule Based Review and Configurations Review- Network Architecture Review

  • Cyber Security Specialist

    Dec 2018 - Aug 2019

  • Cyber Security Intern

    Jul 2018 - Dec 2018
• 

  HackedON

  Jul 2019 - now

  Co-Founder and Security Researcher

  HackedON is a crowdsourced security platform designed to address the growing security needs of Sri Lankan digital applications. HackedON is a great platform for security researchers across Sri Lanka and around the Globe to demonstrate their expertise in Cyber Security and Ethical Hacking. On the other hand, this is a fantastic opportunity for our customers to ensure security within their digital application. We are a growing community of motivated and high spirited security researchers who are always dedicated to find and solve the security vulnerabilities of the country’s digital applications Show less

• 

  DFCC Bank PLC

  Aug 2019 - Apr 2022

  Responsibilities and duties include:- Coordinate internal vulnerability assessment/penetration testing on web applications, mobile applications, APIs, computer networks, IT infrastructure, databases & server segments.- Coordinate/perform security UAT & go-live testing on business applications and systems. - Report deviations of the applications and systems to respective custodians and committees (Pre-ORMC/ORMC/BIRMC) and follow- up.- Coordination of 3rd party security reviews- Coordinate/perform configuration reviews on IT infrastructure.- Supervision of SoC monitoring & daily detection (SIEM, Dark Trace and Crowdstrike)- Internal (bi-annual/annual/quartely) scans- Team Management Show less Responsibilities and duties include:- Internal and External Vulnerability Assessment and Penetration Testing (Web Applications, Mobile Applications, Web and Mobile API testing, DMZ Servers, DR Servers, ATM, Core Banking Servers, Network Equipment, Wireless)- Implement security controls and security testing for new core banking project- Operating SIEM and Network Monitoring- Handling Dark Trace Portal and Incidents handling- Monitoring and Investigating Crowdstrike Falcon detections- Conducting Security Awarness sessions Show less

  • Assistant Manager - Cyber Security

    Aug 2021 - Apr 2022

  • Executive Information Systems Security Analyst

    Aug 2019 - Aug 2021
• 

  Cyber Threat Intelligence Community

  Apr 2020 - now

  Community Member

  Sri Lanka Cyber Threat Intelligence Community aims to provide precise information about everyday cyber security threats to Sri Lankan Corporates and the general public.Register as a contributor https://lnkd.in/gpH_4EETwitterhttps://lnkd.in/gjQgGf5

• 

  Axiata Digital Labs

  Apr 2022 - now

  Senior DevSecOps Engineer - IoT & Middleware

  Responsibilities and duties include:- Performs VA/PT for the applications- Ensure the security of the application stack - Ensure security in CICD automation process- Patch management- Enhance the application security knowledge across the ADL- Provide training to the ADL employee related to news security trends- Ensure the security of ADL owned applications and systems/servers- Provide consultation to DevOps teams working on various projects- Identify and define technology stacks- Adaptation of DevOps best practices to ADL DevOps culture- Evaluate, R&D and POC new technologies- Mentor juniors to adapt to ADL DevOps culture- Technical Documentation Show less