Splunk Architect Resume

TECHNICAL SKILLS

Operating Systems: Windows Server 2012, Red Hat Enterprise Linux 5, 6, 7, Solaris 10, 11

Applications/Software/Databases: Splunk Enterprise 7.0, 7.1, 7.2, 7.3, Splunk Forwarder 7.0, 7.1, 7.2, 7.3, Java, Puppet, AWS, Cisco UCS, Nagios, Gitlab, Centrify, NetBackup 7x, VMWare ESXI Version 6Languages HTML, Bash, Python

Hardware: Sun servers X2 - 4 and X4-2B series, HP ProLiant DL380, DL585, PowerEdge R610, R620, R715

Training: Red Hat, Splunk Power User/Admin, Amazon Web Services

PROFESSIONAL EXPERIENCE

Confidential

Splunk Architect

Responsibilities:

Installation, configuration and deployment of SPLUNK and associated apps in clustered and distributed environment
Upgraded the SPLUNK Enterprise from 7.x to 8.x including 1200 Windows, SunOS, and Unix universal forwarders, heavy forwarders, indexers, and searchheads.
Build dashboards in Enterprise Security for the automation of Iran Stealthwatch Alerts
Conduct CDM testing of Forescout, Tenable, and Archer logs into Splunk
Install, configure, and manage installation of splunk technical addon and apps (Splunk Microsoft Windows or Office 365, Microsoft Graph Security, Microsoft Cloud Services)
Create knowledge objects for executives to make data driven business decisions
Configure and structure the ingestion of event feeds into Splunk (manage 2TB per day) including Cisco firewall logs, windows DNS, Big Fix, Sailpoint logs, Learning Link logs,
Troubleshooting of searches for performance issues by adding lookups, rewriting base searches, and using more efficient commands
Maintain proper daily operation and performance of the SPLUNK deployment.

Confidential

Senior Security Engineer

Responsibilities:

Create DFC Splunk Implementation plan to deploy 6 Splunk instance cluster using Ansible
Utilize Security Onion to provide layered defense for security hardening
Use Service now for change requests and management with key stakeholders

Confidential

Splunk Engineer

Responsibilities:

Provision, install, configure, and upgrade Splunk Enterprise 7.0, 7.1, 7.2, 7.3
Build 13 indexers for index clustering site, configure LDAP, and install Red Hat version 7
Manage the onboarding of new event feeds into rsyslog for heavy forwarders (50 Terabytes/day).
Solve technical problems and execute change management tickets through Service Now
Successfully upgraded cloud service based applications Splunk app for Microsoft Office 365 and Microsoft Windows for production, development, and testing environments
Created a dashboard for Daily Splunk Monitoring for highlighting key trends in over 80 indexes
Execute daily reports to key government stakeholders for abnormal index activity, missing windows security logs, missing forwarders, server builds and decommissioned assets
Execute health checks to resolve orphaned knowledge objects and skipped searches
Use the Splunk Common Information Model to normalize fields across different vendors for standardization

Confidential

System Administrator

Responsibilities:

Provision, install, configure, and upgrade Splunk Enterprise 7.0, 7.1, 7.2, 7.3
Provide recommendations and implement changes to optimize Splunk products in the customer environment
Manage the onboarding of new event feeds into rsyslog for heavy forwarders (50 Terabytes/day).
Maintain proper daily operation and performance of the Splunk deployment
Perform Content Development to properly identify data feeding SIEM’s and correlation of events
Install new/rebuild existing servers and configure hardware, peripherals, services, settings, directories, storage, etc. in accordance with standards and project/operational requirements.
Provide patching support and HW troubleshooting while on shift.
Install new/rebuild existing servers and configure hardware, peripherals, services, settings, directories, storage, etc. in accordance with standards and project/operational requirements.

We provide IT Staff Augmentation Services!

We'd love your feedback!

Resume Categories

Client Services

Job Seekers

Visa Sponsorship