CDM Splunk Engineer Resume

SUMMARY

8+ years of combined IT experience. Result - oriented Splunk Developer & Administrator possessing extensive knowledge of Splunk Architecture including components such as indexer, search head, forwarder, deployment server, etc.
Highly skilled in conceptualizing and developing software/applications & Business Intelligence Solutions to drive business transformation.
Proficient in facilitating sound decision-making for senior leadership/management, deploying Splunk enterprise, core, cloud, and for delivering compelling business value to clients & successfully executing projects.

TECHNICAL SKILLS

PROFESSIONAL EXPERIENCE

CDM Splunk Engineer

Confidential

Responsibilities:

Implementation of Splunk Architecture for CDM Solution
Work with team for Sprint planning of CDM and all agencies involved (DOL, OCIO, OIG, DOD, BLS)
Troubleshoot and monitor data flow/quality from tools such as ForeScout, BigFix, and Tenable which were ingested into Splunk using Python scripts
Work with client to create dashboards and resolve technical issues
Deploy CDM applications and add-ons in Splunk
Create knowledge objects to improve sensitivity in CDM tools which were sending data into Splunk
Implement Indexer cluster architecture for all agencies involved in the CDM program
Work closely with developers to patch, upgrade, and make changes in Splunk Python scripts at the baseline level
Develop use cases, data models, and connectors within Splunk to help meet overall program objectives
Leverage expertise with Splunk Search Language (SPL) to develop network or endpoint-based anomaly detection alerting logic in SPL and build dashboards for visualization
Design, install, analyze, evaluate, test, and debug Splunk based on current project needs
Provide tier 3 support to Splunk incidents that are related to infrastructure ops
Improve the Splunk deployments for each customer while integrating new tech and services
Implement of Splunk Indexer cluster for high availability scalability on AWS EC2 Console.

Splunk Admin

Confidential

Responsibilities:

Provide recommendations and implement changes to optimize Splunk products in the customer environment
Normalizing data through CIM compliance process
Utilize the Management Console to investigate resource usage
Configured license pooling
Troubleshooting Splunk feed issues and data ingestion for remote locations
Deployed new Splunk architecture at disaster recovery site.
Configure hot, warm and cold buckets hold data for extended periods of time
Install and configure systems which support infrastructure and/or activities.
Working with security team to understand use cases for splunk.
Perform regular security monitoring to identify any possible intrusions.
Create, change, and delete user accounts per request as necessary.
Maintain operational, configuration, or other procedures.