Shashank Shekhar

• Conduct Red Team engagements to simulate real-world cyberattacks, assess security defences, and provide recommendations for improvement
• Perform Black Box and Grey Box Vulnerability Assessment and Penetration Testing (VAPT) on clients' networks, systems, and applications, identifying vulnerabilities and suggesting remediation strategies
• Conduct comprehensive Configuration Reviews to ensure that clients' security configurations align with industry best practices and compliance standards
• Provide strategic Cyber Threat Intelligence by analysing emerging threats, vulnerabilities, and trends to proactively enhance clients' cybersecurity posture
• Conduct in-depth Code Reviews to identify security flaws and vulnerabilities in web and mobile applications, assisting clients in securing their software development processes
• Update policy and procedures for the largest power utility in middle east based upon the NCA and NIST standards
• Develop a cybersecurity skill enhancement plan for an enterprise organization
• Collaborate with cross-functional teams to develop and implement effective cybersecurity strategies and solutions tailored to clients' specific needs
• Prepare detailed reports and presentations that outline assessment findings, risk assessments, and actionable recommendations for clients.

• Enhanced identity and access management solutions by proficiently utilizing SailPoint Identity IQ Technology
• Conducted functional testing of various applications to identify and rectify potential technical issues, enhancing overall system performance and reliability
• Spearheaded the design and configuration of application schemas for streamlined onboarding processes within SailPoint Identity IQ (IIQ))
• Implemented various provisioning strategies, such as Aggregation and Connector rules, to facilitate seamless access management and compliance
• Played a pivotal role in testing and validating approval workflows, user provisioning, and deprovisioning procedures across multiple applications, ensuring data security and compliance.

• Proactively managed and analyzed security incidents, demonstrating a keen ability to review alerts and conduct detailed investigations.

• Employed expertise to identify and classify email threats, swiftly recognizing and mitigating SPAM, Spoofing, and phishing attempts.

• Applied technical acumen to identify suspicious logs, generate comprehensive reports, and create visually intuitive charts for client comprehension.

• Demonstrated proficiency in monitoring both inbound and outbound firewall traffic, promptly investigating and addressing security events.