Devendra Singh Shaktawat

In Terms of security Operations, I perform below activities:

• Perform analysis of detection and incidents in EDR solution crowdstrike and provide remediation process and suggestions to relevant owners.
• Configure IOCs, IOA, add exception and exclusion sandbox, event monitoring device management in crowdstrike.
• Implement tasks/projects critical to the organizations Endpoint technologies (workstations, laptops, servers, etc.) Monitor NDR solution extrahop reveal(x) 360 to detect cyber threats in corporate networks, analyze pattern and logs to identify the reason and take appropriate action to prevent from attack.
• Manage and create rules, whitelist/block sender in proofpoint as administrator.
• Investigate emails and take required action through proofpoint (quarantined, allow, discard) Perform vulnerabilities scans on hosts via Rapid7 insightvm and create report of the vulnerabilities and provide details to relevant teams/owners to perform given remediation and patches.
• Perform analysis of alerts in SEIM tool Splunk and provide remediation process.
• Create and deliver reports to business lines pertaining to endpoint security, compliance etc.
• Oversees the health, performance, stabilization, tuning and ongoing planning of the Endpoint infrastructure.
• Partners with groups within the organization to ensure successful deployments of Endpoint tools and incident handling (e.g., Business lines, Network Operations, Database Mgmt, Risk Mgmt, Audit and Compliance, Mid-Range Server Teams, etc.) Research and document security best practices for Endpoints to continually improve endpoint security.

In terms of network security, I perform below activities: Manage approx

• 150 checkpoint firewalls pan globe on gaia 77.20 and 77.30.
• In managing checkpoint appliance I create vlans, allow/deny rules, troubleshoot connectivity and maintenance of appliances.
• I also manage McAfee web gateway as forward proxy in my project.
• Managing and configuring the content filtering and URL filtering with Zscaler.
• Managing McAfee Threat intelligence exchange, where create policies for blocking and allowing a file based on its reputation.
• Manage OKTA sso tool, access for applications with okta for sso and manage users.