We provide IT Staff Augmentation Services!

Splunk Security Admin Resume

2.00/5 (Submit Your Rating)

New, JerseY

SUMMARY

  • Around 8 years of extensive experience in the IT industry with 3+ years of expertise as Splunk Consultant and experience on Linux System Admin, experience using Informatica 7/8.x/9 Power Center tools (Source Analyzer, Mapping Designer, Mapplet Designer, Transformation Designer, Repository Manager, and Server Manager) as ETL tool on Oracle /DB2 Database.
  • Experience with data analytics, logging solutions and system/network monitoring
  • Experience building security monitoring and incident management solutions using Splunk
  • Expertise in Installation, Configuration, Migration, Trouble - Shooting and Maintenance of Splunk, Apache Web Server on different UNIX flavors like Linux and Solaris.
  • Supported real-time monitoring of logging events with tools like NAGIOS.
  • Deployed new NAGIOS environment, supporting multiple NAGIOS monitoring environments with over 1500 sytems.
  • Provided day to day NAGIOS administration.
  • Strong noledge of security risk, common attack vectors and indicator of compromise
  • Has worked as a Splunk Admin and was involved in capturing, analyzing and monitoring.
  • Understanding of networking and application protocols
  • Experience on Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
  • Knowledge of security threats and vulnerabilities and how to detect and mitigate them
  • Knowledge of Windows logging and events
  • Provide regular support guidance toSplunkproject teams on complex solution and issue resolution.
  • Experience with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On’s, Dashboards, Clustering and Forwarder Management, Visualizations, alerts, reports.
  • Understanding of authentication technologies
  • Good Understanding of configuration files, precedence and daily work exposure to Props.conf, transforms.conf, inputs.conf, outputs.conf and Setting up a forwarder information based on the requirement
  • Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
  • Write Bash / Perl scripts to simplify server tasks and functionality
  • Working noledge with scripting languages, application development, databases, and analytical tools
  • Monitored Database Connection Health by using Splunk DB connects health dashboards.
  • Work with VmWare virtualization to provision and manage Red Hat machines
  • Expertise in Splunk and Splunk query language and no how to optimize the splunk search.
  • Maintain system security through regular patching and antivirus updates
  • Experience with Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modeling.
  • Worked on log parsing, complex splunk searches, including external table lookups.
  • Experience on use and understand of complex RegEx (regular expressions).
  • Experience on Splunk data flow, components, features and product capability.
  • Installed Splunk DB Connect 2.0 in search head cluster environments.
  • Experience on Splunk search construction with ability to create well-structured search queries dat minimize performance impact.
  • Installed and configured Splunk DB Connect in Single and distributed server environments.
  • Expert experience in Splunk, and java scripting to automate and monitor the server routine tasks
  • Expertise in using Splunk with shell script in creating scripts for various activities like Generating Server Status and Health reports, Deployment on large scale configuration of servers.
  • Expertise in Splunk UI experience, able to write searches, debug search queries and has experience in scripting languages like java script.
  • Expert in understanding various components of splunk like forwarder, indexer, search header and deployment.
  • Experience in writing advanced queries and creating advanced data models.
  • Has a good understanding of how to administrate Splunk clusters.
  • Applied Config and Dev patches, upgrades, builds, server maintenance, server reboot etc.
  • Maintained the various permissions to be given to different user groups so no problem for synchronization.
  • Experience in data mart life cycle development, performed ETL procedure to load data from different sources into Data marts, Data warehouse using Informatica Power Center.
  • Experienced in all data processing phases, from the Enterprise Model, Data Model (Logical and Physical Model), and Data Warehousing (ETL).
  • Good understanding of Views, Synonyms, Indexes, Joins, and Sub-Queries.
  • Team player with excellent communication, presentation and interpersonal skills.
  • Highly motivated team player with zeal to learn new technologies.
  • Ability to manage projects starting with gathering requirements, accordingly deciding and ordering hardware, building, configuring and supporting them.
  • Excellent understanding of project issues, tracking of issues, solving issues and closing issues.
  • Has experience in coordinating and working with different infrastructure teams like dba, san, network etc. along with vendors such as IBM, HP, Splunketc.

TECHNICAL SKILLS

Splunk Modules: Splunk 5.x/6.1.x/6.2, Splunk Enterprise, Splunk DB Connect, Splunk Cloud, Hunk, Splunk on Splunk, Splunk IT Service Intelligence, Splunk App for VMware, Splunk Web Framework

Application Servers: JBoss 5.x/6.x, IBM WebSphere 6.x/7.x, Apache Tomcat 6.x/7.x.

Web Servers: Apache HTTP Server, Sun One (iPlanet) 6.0/ Sun One, IBM HTTP Web Server, IIS server (5/6)

Operating Systems: Solaris (8,9,10), Redhat Linux (4,5), Unix, AIX, Windows 2K/XP/2003,HPUX

Tools/Utilities: SiteMinder, TOAD, Eclipse3.0, Ant5.1, Test-Director

Databases: Oracle 11g/10g, MYSQL SERVER, DB2, MS Access

Languages: Java, SQL and PL/SQL

Web Tools and Languages: JSP, Servlets, JDBC, Java Script, WLST, Jython, XML, HTML.

Framework: MVC, Apache, Big IP5

PROFESSIONAL EXPERIENCE

Confidential, New Jersey

Splunk Security Admin

Responsibilities:

  • Configured and developed complex dashboards and reports onSplunk.
  • Experience building security monitoring and incident management solutions using Splunk
  • Experience with data analytics, logging solutions and system/network monitoring
  • Strong noledge of security risk, common attack vectors and indicator of compromise
  • Involved in Installation, Administration and Configuration ofSplunkEnterprise and
  • SplunkDB Connect 2.0 in search head cluster environments of Oracle.
  • Experience withSplunkUI/GUI development and operations roles.
  • Expertise in creating and customizingSplunkapplications, searches and dashboards as desired by IT teams and business.
  • Drive complex deployments ofSplunkdashboards and reports while working side by side with technical teams to solve their integration issues.
  • Responsible for documenting the current architectural configurations and detailed data flow and
  • Troubleshooting Guides for application support.
  • Splunkconfiguration dat involves different web application and batch, create Saved search and summary.
  • Search, summary indexes.
  • Knowledge of Windows logging and events
  • Understanding of networking and application protocols
  • Understanding of authentication technologies
  • Knowledge of security threats and vulnerabilities and how to detect and mitigate them
  • Working noledge with scripting languages, application development, databases, and analytical tools
  • Managing indexes and cluster indexes,Splunkweb framework, data model and pivot tables.
  • Performed troubleshooting and/or configuration changes to resolveSplunkintegration issues.
  • Hands on development experience in customizingSplunkdashboards, visualizations, configurations, reportsand search capabilities using customizedSplunkqueries.
  • Knowledge aboutSplunkarchitecture and various components (indexer, forwarder, search head, deploymentserver), Heavy and Universal forwarder, License model.
  • Designing and maintaining production-qualitySplunkdashboards.
  • Good experience inSplunk, WLST, Shell scripting to automate and monitor the environment routine tasks.

Environment: Splunk6.x,SplunkDB Connect and other modules, Oracle WebLogic 9.x/10.x, JBoss 5.x/6.x,Tomcat 5.x/6.x, Oracle 9i/10g, Solaris 10, LINUX, Sun ONE Directory Server 6, Sun One Web Server 6.0,Apache 2.x, python.

Confidential, Texas

Splunk Senior Admin

Responsibilities:

  • Was Setting upSplunkForwarders for new application tiers introduced into environment and existing applications
  • Worked as aSplunkAdminfor Creating and managing app, Creating users, role, Permissions to noledge objects.
  • Work closely with Application Teams to create newsplunkdashboards for Operation teams.
  • CreatedAdmin, Power Users and User roles for the application and created the app sharing permissions for the different roles.
  • Use techniques to optimize searches for better performance, Search time vs Index time field extraction. And understanding of configuration files, precedence and working.
  • Supported 10 clusters 20+Splunksearch Heads, 50+ Indexers, 2000 + forwarders.
  • Install, configure and administer Splunk Enterprise Server 6.0.4 and Splunk Forwarder 4.x.x/5.x.x/6.x.x on Redhat Linux and Windows severs.
  • Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
  • Interact with the data warehousing team regarding extracting the data and suggest the standard data format such datSplunkwill identify most of the fields.
  • Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On’s, Dashboards, Clustering and Forwarder Management.
  • Designing and maintaining production-quality Splunk dashboards.
  • Installation and configuration of Splunk product at different environments
  • Responsible for monitoring and custom reports of applications hosted on WebLogic and other web and app servers.
  • Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
  • Created Shell Scripts to installSplunkForwarders on all servers and configure with common configuration files such as Bootstrap scripts, Outputs.conf and Inputs.conf files.
  • Involved in security,data ingestion activities for splunk.
  • Deployed splunk enterprise on AWS(Amazon Web Services) to gain realtime visibility across AWS and entire IT environment.

Environment: Splunk 6.x, Splunk DB Connect and other modules, Oracle WebLogic 9.x/10.x, JBoss 5.x/6.x, Tomcat 5.x/6.x, Oracle 9i/10g, Solaris 10, LINUX, Sun ONE Directory Server 6, SunOne WebServer 6.0, Apache 2.x, Jython, ANT, AWK, IIS, Netegrity SiteMinder Policy Server 5.5/6.0, LDAP.

Confidential, Sanjose, CA

Splunk Admin

Responsibilities:

  • ConfigureSplunkfor all the mission critical applications and usingSplunkeffectively for Application troubleshooting and monitoring post go lives.
  • Improved search performance by configuring 2 search heads for all Indexes in production.
  • Install different Splunk Applications, for example, Cisco for Splunk, Windows for Splunk and VMware for Splunk.
  • ConfiguredSplunkforwarder to send unnecessary log events to "Null Queue" using props and transforms configurations to reduce license costs.
  • Gained good noledge about Indexer and Search head clustering.
  • Created and configured management reports and dashboards in Splunk for application log monitoring.
  • Involved in Installation, Administration and Configuration of Splunk Enterprise and integration with local legacy systems.
  • Splunk DB Connect 2.0 in search head cluster environments of Oracle, MySql.
  • Drive complex deployments of Splunk dashboards and reports while working side by side with technical teams to solve their integration issues.
  • Experienced in attending the bridge calls for production issues and non-prod issues and involved application teams or database teams or networking teams to resolve the issues and involved in Root cause analysis for the issues encountered.
  • Responsible for administering, maintaining and configuring a 24 x 7 highly available, Splunk apps for production portal environment.
  • Provide regular support guidance toSplunkproject teams on complex solution and issue resolution with the objective of ensuring best fit and high quality.
  • Doing deeper analysis of data using event correlations across indexes and various source types to generate custom reports for senior management.
  • Helped the client to setup alerts for different type of errors.
  • Worked with administrators to ensureSplunkis actively and accurately running and monitoring on the current infrastructure implementation.
  • Involved in installing and usingSplunkapp for Linux and UNIX.
  • Analyzed security based events, risks and reporting instances.

Environment: SplunkEnterprise Server 5.x.x/6.x.x, UniversalSplunkForwarder 5.x.x/6.x.x, IBM HTTP Web Server 7/8, Oracle, HTML, Java Script, XML, R2, Python (Jython), Regular Expressions.

Confidential, Timonium, MD

Splunk Develper

Responsibilities:

  • Created Dashboards, report, scheduled searches and alerts.
  • Involved in standardizingSplunkforwarder deployment, configuration and maintenance across UNIX and Windows platforms.
  • me has helped teams to on-board data, create various noledge objects, install and maintain the SplunkApps.
  • Installed and configured Splunk DB Connect in Single and distributed server environments.
  • Installed Splunk DB Connect 2.0 in search head cluster environments.
  • Integrated ServiceNow withSplunkto generate the Incidents fromSplunk.
  • Worked on DBConnect configuration for Oracle, MySQ, MSSQL.
  • Knowledge aboutSplunkarchitecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
  • Worked on setting upSplunkto capture and analyze data from various layers Load Balancers, Web servers and application servers.
  • Field Extraction Using Ifx, Rex Command and Regex in configuration files.
  • In production environment, me was involved in triaging and resolving various complex production issues by analyzing data from various monitoring tools from Sys logs and application logs. dis involves working with various teams real time on a conference call.
  • Used techniques to optimize searches for better performance, Search time vs Index time field extraction. And understanding of configuration files, precedence and working.
  • Various types of charts Alert settings Knowledge of app creation, user and role access permissions, Creating and managing app, Create user role Permissions to noledge objects.
  • Designing and maintaining production-quality Splunk dashboards.
  • Used Datameer to analyze the transaction data for the client.
  • Played a major role in understanding the logs, server data and brought an insight of the data for the users.

Environment: SPLUNK6.0.5, Linux, Hadoop

Confidential, Seattle, WA

System/Linux Administrator

Responsibilities:

  • Installation, Maintenance, Administration and troubleshooting of Red Hat Enterprise Linux 5/6.
  • Performed automated installations of Operating System using kick start for Red Hat Enterprise Linux 5/6.
  • As a Red Hat administrator primary responsibility includes building of new servers which includes rack mounting, installation of OS, configuring of various OS-native and third party tools, securing of OS, installing & configuring, job scheduling.
  • Remote monitoring and management of server hardware.
  • Installed Red Hat Enterprise Linux 5/6 Operating System on servers and Blades over the network.
  • Built virtualized Linux servers on ESXi, Vsphere and Blade servers to host multiple applications on same chassis across different server hosts.
  • Set up Linux servers for LAMP implementations and readiness.
  • Created File systems from local storage as well as NFS partitions for application portability.
  • Created Ext4 file system in Red Hat Enterprise Linux.
  • RPM and YUM package installations, patch and other server management.
  • Managing systems routine backup, scheduling jobs like disabling and enabling cron jobs, enabling system logging, network logging of servers for maintenance, performance tuning, testing.
  • Worked and performed data-center operations including rack mounting, cabling.
  • Installed, configured, and maintained WebLogic 10.x and Oracle 10g on Solaris and Red Hat Linux.
  • Configuring multipath, adding SAN and creating physical volumes, volume groups, logical volumes.
  • Installing and configuring Apache and supporting them on Linux production servers.
  • Troubleshooting Linux network, security related issues, capturing packets using tools such as IPtables, firewall, TCP wrappers.
  • Designing Firewall rules for new servers to enable communication with application, Oracle 10g servers.
  • Monitored server and application performance & tuning via various stat commands (vmstat, nfsstat, iostat etc) and tuned me/O, memory, etc.

Environment: Red-Hat Linux Enterprise servers (HP Proliant DL 585, ML Series, SAN(Netapp), BladeLogic, Veritas Cluster Server 5.0, Windows 2003 server, Shell programming, JBoss 4.2, JDK 1.5,1.6,, VMware Virtual Client 3.5, VMware Insfrastructure 3.5.

Confidential

Informatica Developer/Admin

Responsibilities:

  • Involved in creating Detail design documentation to describe program development, logic, coding, testing, changes and corrections.
  • Extensively involved in writing ETL Specifications for Development and conversion projects.
  • Created shortcuts for reusable source/target definitions, Reusable Transformations, mapplets in Shared folder.
  • Involved in requirement definition and analysis in support of DataWarehouse.
  • Worked extensively on different types of transformations like Source qualifier, expression, Aggregator, Router, filter, update strategy, lookup, sorter, Normalizer, sequence generator,etc.
  • Worked with XSD and XML files generation through ETL process.
  • Defined and worked with mapping parameters and variables.
  • Designed and developed transformation rules (business rules) to generate consolidated (fact/summary) data using Informatica ETL tool.
  • Performed the performance evaluation of the ETL for full load cycle.
  • Checked Sessions and error logs to troubleshoot problems and also used debugger for complex.
  • Worked on Parameterize of all variables, connections at all levelsin UNIX.
  • Created test cases for unit testing and functional testing.
  • Coordinated with testing team to make testing team understand Business and transformation rules being used throughout ETL process.

Environment: Informatica Power center 8.6.1, Oracle 10g, Windows XP, Unix Shell Scripts, SQL, PL/SQL, Flat files.

We'd love your feedback!