SUMMARY

• Experienced at managing and supporting IT projects from system administration, virtualization monitoring, storage area networks, along with network engineering solutions.
• Current projects SolarWinds monitoring projects along with other monitoring tools for SIEM needs of companies. System Log management utilizing log aggregation projects creating and defining dashboards.

TECHNICAL SKILLS

• SolarWinds, Puppet, Ansible, Apache, IIS, Tivoli Identity Manager, Quest Migrator for Active Directory and Exchange
• Centrify, Citrix XenApp (Metaframe) 1.8, 2.0, 3.0, 4.x, 5.x, 6.x Oracle Identity Manager, Sun Console One, Splun
• GrayLog, Elastic Search, MongoDB, Qradar, Balabit(Syslog - NG), Exabeam, Checkpoint Firewalls
• Cisco ASA Firewalls, Palo Alto Firewalls, Cisco Lan Works, Plixer Scrutinizer and related NetFlow collections
• Splunk Advanced Threat Prevention and User Analytics, Tenable Nessus, Extrahop, OmniPeak, Wireshark Packet Captures and ADFS Exchange Hybrid with Office 365, SQL 2012, IBM IGI and related Identity Management Applications
• Aruba Wireless Networks, LIEM, HPE OneView, VMware VCenter.

PROFESSIONAL EXPERIENCE

Confidential

SECURITY ENGINEER

Responsibilities:

• Qradar and log event forwarding specialist and architect to redesign security SIEM and monitoring solutions.
• Utilized the following SolarWinds Modules for this project: NCM, NPM, NTA, SAM, Virtualization Module, SRM
• Python and PowerShell scripts for SNMP and Syslog alterations and automated deployments and upgrades.
• Qradar SIEM environment for security analytics and alerts.
• Maintain SolarWinds environments along with patches and reporting.
• Cleaned up monitoring environments with monthly decommission reporting. SNMP v3 configurations or SolarWinds and Exabeam configuration management pieces for new devices.
• Customized SolarWinds dashboards and scheduled reporting based on management and stakeholders’ requirements.
• Performed regular security monitoring to identify any intrusions.
• DSM configuration and custom alerting into Qradar.

Confidential

SOLARWINDS/SECURITY ENGINEER/MONITORING ENGINEER

Responsibilities:

• Implemented Qradar SIEM environment for security analytics and alerts.
• Qradar subject matter expert:
• Log Event Forwarding Specialist and Architect to Redesign Security SIEM and Monitoring Solutions on Site for Customer.
• Performed regular security monitoring to identify any intrusions.
• Upgraded and configured system software that supports infrastructure applications per project or operational needs.
• SolarWinds alerts and alert tuning for management with escalation-based alerts.
• Remediated log failures and address Qradar Wincollect log issues.
• Diagnosed Qradar performance issue and remediated performance issues where solutions were needed.
• SolarWinds architect:
• Designed environment and created NetFlow captures.
• Used NCM module to deploy SNMP and NetFlow configuration changes to devices that supported NetFlow.
• Performed log, track, resolve, and report support issues to management.
• Both Qradar and SolarWinds: Python scripts for system and security-based alerts utilizing curl to push forward errors and log4.xml manipulation for Java based applications.
• Remediated log failures and address Qradar Wincollect log issues.
• Provided Tier 1,2 and 3 alert routing and delegation responsibilities out of the various alerting and reporting tools.
• Defined alerting dashboards for the different Tiers within groups and alert routing.

Confidential

SENIOR SYSTEMS CONSULTANT ENGINEER

Responsibilities:

• Provided day to day support on Windows / VMWare and NetApp environment.
• Performed daily system monitoring, verifying the integrity and availability of all hardware, server resources, systems, and key processes, reviewing system and application logs, and verifying completion of scheduled jobs such as backups.
• SolarWinds Architect and GrayLog environment and completed the following.
• Utilized the following SolarWinds Modules for this project: NCM, NPM, NTA, IPAM, SAM, Virtualization Module, SRM
• SolarWinds Virtualization module:
• Implemented SolarWinds Virtualization Module to manage VMware environment.
• Configure SolarWinds Groups and Mappings.
• Created SolarWinds Maps and Dashboard design for business and IT users.
• Defined SolarWinds NTA: Created NetFlow captures for reporting and performance alert-based reports.
• SolarWinds SAM implementation and design
• Provided Application alerting and configuration for Windows Server Environment.
• 4 Node GrayLog Cluster for mass log collection
• Implemented 4 nodes Elastic Search in AWS cloud.

Confidential

SENIOR SYSTEMS CONSULTANT ENGINEER/ARCHITECT

Responsibilities:

• SolarWinds Architect and design Implementation projects.
• Project was a very limited SolarWinds for NetFlow reporting and analysis.
• Utilized the following SolarWinds Modules for this project: NCM, NPM, NTA
• Configured NTA to determine network performance issue.
• Provide NCM change audit functions and approval.
• Implemented Qradar SIEM environment for security analytics and alerts.
• Implemented Splunk Project migrating from Qradar to Splunk.
• Configured Heavy Forwarders and Monitored results and progress of scans and updates.
• Reports for Forwarders and Heavy Forwarders results.
• PowerShell script and Python script design for SIEM alerts.
• JSON and JBOSS logging using Splunk.
• Built and configured syslog redirection and forwarding alerts.
• Architected and designed Centrify solution for a major insurance provider.
• 70 AIX, UNIX, and Linux Servers. That services Oracle and other solutions as required by customers.
• Centrify GPO objects definitions and creation.
• Group and role creation within the UNIX and VT environments.
• Custom role-based access solutions for users and applications.
• Provided SOC alerting guidelines and routing of Tier 1, 2 and 3 alerts.
• Defined alert filtering and custom dashboards and configurations based on escalation to different groups within the SOC and within IT.

Confidential

SOLARWINDS CONSULTANT ARCHITECT

Responsibilities:

• SolarWinds Architect and GrayLog environment and completed the following.
• Utilized the following SolarWinds Modules for this project: NCM, NPM, NTA, IPAM, SAM, Virtualization Module, SRM
• Configure SolarWinds Groups and Mappings.
• Created SolarWinds Maps and Dashboard design for business and IT users.
• SolarWinds SAM implementation and design
• Provided Application alerting and configuration for Windows Server Environment.
• Implemented SolarWinds Virtualization Module to manage VMware environment.
• Upgraded SolarWinds to 12.1 to 12.2
• Provided training and documentation on scanning and adding additional resources to the monitoring environment.

Confidential

SENIOR SYSTEMS ENGINEER, NETWORK TOOLS ENGINEER

Responsibilities:

• SolarWinds Architect and GrayLog environment and completed the following.
• Utilized the following SolarWinds Modules for this project: NCM, NPM, NTA, IPAM, SAM, DPAIM, Virtualization Module, VOIP, SRM
• Provided SolarWinds Upgrades and patching from 10.x to 12.2.
• Built and configured syslog redirection and forwarding alerts.
• SolarWinds and SolarWinds LEM
• JBOSS and JSON Alerting into SolarWinds and GrayLog Server.
• Implemented 16 Node GrayLog environment with 8 node Elastic Search with replicated MongoDB 2 DB servers.
• Configured Juniper Routers and Switches to work with SolarWinds to modify SNMP and syslog alerting profiles.
• Created Automation scripts for SolarWinds SAM module: PowerShell, BASH, Python, etc. The purpose was to create inventory and configuration-based templates to review with cross systems and network teams.
• Created baseline and audit templates using SolarWinds NCM on Juniper Routers and Switches.
• Created sftp, tftp, and scp backup jobs for network devices.
• Utilized SolarWinds custom alerts for Curl based event forwarding to Slack and other common websites for event and system reporting.
• Created NCM NetFlow and syslog jobs in SolarWinds to create NCM jobs for Juniper devices.
• Create dashboards in Splunk and GrayLog to correlate common views and alerts and combined it with results from Tenable Nessus Scans.
• Implemented SolarWinds log forwarding agent.
• Migrated from using WMI/SNMP to SolarWinds Agent in 12.x
• Splunk Project:
• User analytics to detect threat patterns.
• Wrote patterns within Splunk to detect system as well as threat-based patterns.
• Correlated reporting from multiple security appliances.
• Monitoring Architect for system logs from appliance and other devices.