RAJESH KISAN MURKUTE

Role  Managing the following activities: o Routers, Switches, Firewalls, VPNs, Leased lines, Trading setups  Installing and configuring: o VLANS, VPNS, Checkpoint firewalls, McAfee Email and Web gateways.  Handling back up of: o Cisco IOS image, Routers, Firewalls, Servers  Creating policies on McAfee Orchestrator Server for desktops and servers and policies for McAfee HIPS servers and clients.  Conducting Vulnerability Assessment using GFI Languard and SAAZ from Zenith and keeping the track of vulnerabilities identified and remediate in each week.

 Managing & Monitoring the following activities: o Network Administration, LAN & WAN Protocols. o Monitoring leased lines & coordinating with Service providers o Router & Switches configurations as per requirements o Network Security using Sonicwall NSA E5500, Checkpoint NGX R 70 Firewalls on SPLAT o Website administration & Inventory Management. o License, team management & vendor interaction. o Checking logs of Firewalls, Antivirus servers, o Vendor Co-ordination  Installing and configuring: o Symantec Endpoint Protection o Checkpoint Firewall Administration and VPN’s

 Monitoring, Managing & Configuration of following devices  Maintain situational awareness of cyber activity by reviewing open source reporting for new vulnerabilities, malware, or other threats that have the potential to impact the organization.  Perform cyber threat intelligence analysis, correlate actionable security events, perform network traffic analysis using raw packet data, net flow, IDS, IPS  Participate in the coordination of resources during incident response efforts.  Coordinate resources during enterprise incident response efforts, driving incidents to timely and complete resolution.  Conduct malware analysis providing indicators for enterprise defensive measures.  Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).  Deliver status reports, briefings, recommendations, and findings to executives as required.  Security operations monitoring and alerting using Alien Vault SIEM  RSA Secure ID and authentication  Creating Internet access policies for users  Monitoring Logs for Various security devices for access violation  Implementing URL and Content control policies as per client requirements

 Primarily responsible for security offense monitoring, management and response  Create and maintain SLAs and metrics for Security Operations and Cyber Threat Hunting  Responsible for integration of standard and non-standard logs in SIEM  Creation of dashboards, metrics for SOC operations  Network forensics using tools like Websense Triton, Firemon, Checkpoint MDS  Conducting static analysis of malicious files and submission to malware vendors  Investigations for suspicious activity of users, systems, email & web analysis  Performing dynamic analysis of malicious files  IDS/IPS signature deployments as per policy.  Track, analyze new vulnerabilities and flag them as a part of patch management process  Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring  Identify new TTP used by cyber threat actors using OSINT and other sources  Review and analysis of escalated incidents  Train new Team Members  Identify security flaws and vulnerabilities using VA products like Nessus and Nexpose  Analyze security breaches to determine their root cause  Analyze new security testing tools, and provide recommendations on the need and usefulness of services and/or products