We provide IT Staff Augmentation Services!

Splunk Architect Resume

TECHNICAL SKILLS

Operating Systems: Windows Server 2012, Red Hat Enterprise Linux 5, 6, 7, Solaris 10, 11

Applications/Software/Databases: Splunk Enterprise 7.0, 7.1, 7.2, 7.3, Splunk Forwarder 7.0, 7.1, 7.2, 7.3, Java, Puppet, AWS, Cisco UCS, Nagios, Gitlab, Centrify, NetBackup 7x, VMWare ESXI Version 6Languages HTML, Bash, Python

Hardware: Sun servers X2 - 4 and X4-2B series, HP ProLiant DL380, DL585, PowerEdge R610, R620, R715

Training: Red Hat, Splunk Power User/Admin, Amazon Web Services

PROFESSIONAL EXPERIENCE

Confidential

Splunk Architect

Responsibilities:

  • Installation, configuration and deployment of SPLUNK and associated apps in clustered and distributed environment
  • Upgraded the SPLUNK Enterprise from 7.x to 8.x including 1200 Windows, SunOS, and Unix universal forwarders, heavy forwarders, indexers, and searchheads.
  • Build dashboards in Enterprise Security for the automation of Iran Stealthwatch Alerts
  • Conduct CDM testing of Forescout, Tenable, and Archer logs into Splunk
  • Install, configure, and manage installation of splunk technical addon and apps (Splunk Microsoft Windows or Office 365, Microsoft Graph Security, Microsoft Cloud Services)
  • Create knowledge objects for executives to make data driven business decisions
  • Configure and structure the ingestion of event feeds into Splunk (manage 2TB per day) including Cisco firewall logs, windows DNS, Big Fix, Sailpoint logs, Learning Link logs,
  • Troubleshooting of searches for performance issues by adding lookups, rewriting base searches, and using more efficient commands
  • Maintain proper daily operation and performance of the SPLUNK deployment.

Confidential

Senior Security Engineer

Responsibilities:

  • Create DFC Splunk Implementation plan to deploy 6 Splunk instance cluster using Ansible
  • Utilize Security Onion to provide layered defense for security hardening
  • Use Service now for change requests and management with key stakeholders

Confidential

Splunk Engineer

Responsibilities:

  • Provision, install, configure, and upgrade Splunk Enterprise 7.0, 7.1, 7.2, 7.3
  • Build 13 indexers for index clustering site, configure LDAP, and install Red Hat version 7
  • Manage the onboarding of new event feeds into rsyslog for heavy forwarders (50 Terabytes/day).
  • Solve technical problems and execute change management tickets through Service Now
  • Successfully upgraded cloud service based applications Splunk app for Microsoft Office 365 and Microsoft Windows for production, development, and testing environments
  • Created a dashboard for Daily Splunk Monitoring for highlighting key trends in over 80 indexes
  • Execute daily reports to key government stakeholders for abnormal index activity, missing windows security logs, missing forwarders, server builds and decommissioned assets
  • Execute health checks to resolve orphaned knowledge objects and skipped searches
  • Use the Splunk Common Information Model to normalize fields across different vendors for standardization

Confidential

System Administrator

Responsibilities:

  • Provision, install, configure, and upgrade Splunk Enterprise 7.0, 7.1, 7.2, 7.3
  • Provide recommendations and implement changes to optimize Splunk products in the customer environment
  • Manage the onboarding of new event feeds into rsyslog for heavy forwarders (50 Terabytes/day).
  • Maintain proper daily operation and performance of the Splunk deployment
  • Perform Content Development to properly identify data feeding SIEM’s and correlation of events
  • Install new/rebuild existing servers and configure hardware, peripherals, services, settings, directories, storage, etc. in accordance with standards and project/operational requirements.
  • Provide patching support and HW troubleshooting while on shift.
  • Install new/rebuild existing servers and configure hardware, peripherals, services, settings, directories, storage, etc. in accordance with standards and project/operational requirements.

Hire Now