SUMMARY

• Computer Science Engineer wif previous professional experience.
• Detail - oriented individual wif patience and flexibility dat thrives in a position dat requires quick learning and great accuracy.
• Proficient Splunk Engineer wif 4 year of IT experience in client/server applications.

TECHNICAL SKILLS

• Splunk 6.5/6.6, App dynamics, Wireshark.
• Windows Server 2012/2008/2003R2, Linux and Unix Servers, ServiceNow, F5 data ASM, TCP/IP.
• HTML, XML, CSS, JavaScript, JAVA, JQuery, Angularjs, Linux, shell, bash scripting.

PROFESSIONAL EXPERIENCE:

Confidential, Plano, TX

Network Security Sr. Analyst (Splunk)

Responsibilities:

• Working on Shift basis in SOC, giving client 24/7 service, monitoring.
• Challenges dealing wif customized threat bypasses security gateways.
• Loaded skills like understanding security policies, Data & traffic analysis, identifying security events, incident response.
• Also in incident response team responsible for handling security dat occur wifin organization and correcting and documenting the security issue in a timely manner.
• Ingesting and working wif various data types like CSV, JSON, XML, Raw Logs, syslogs and parsing them wif custom source types.
• Great knowledge on computer forensics dealing wif capture and analysis of evidence from computers, servers.
• Foundation skills like, Device config, traffic capture, performance monitoring, device monitoring.
• Monitor systems and report the status to client staff.
• Splunk server configurations (web, indexing retention, authentication, etc.), data onboarding operations, data parsing operations.
• Creates correlation search rule for the admin activity, indexes for field extractions.
• Create and manage host values and source types.
• Manage network, Windows and any other inputs dat may arise (universal forwarders).
• Composed reports detailing theforensicanalyses performed and the results of the investigations.
• Identify threats and work to create steps to defend against them.
• Monitor network traffic for suspicious behavior.
• Working knowledge on security technologies like Encryption, Data Loss Prevention (DLP), IPS/IDS etc.
• Actively protects the availability, confidentiality, and integrity of customer, employee, and business identity.
• Contribute to the Risk Assessment Program including identifying and scoring risk.
• Collaborate wif the team and architecture on new platforms, IAM roadmap, assess security risks, and identity long-term strategy recommendations.
• Addressed basic client configuration issues and service alerts.
• Position requires mentoring and training of SOC Technicians and SOC employees.
• Monitored and correlated events wif thorough knowledge of principals, methods, and techniques of network and data security.

Confidential, Chicago, IL

Splunk Consultant

Responsibilities:

• Design, support and maintain theSplunkinfrastructure on Windows, Linux and UNIX environments.
• Installation ofSplunkEnterprise,Splunkforwarder,SplunkIndexer, Apps in multiple servers (Windows and Linux) wif automation.
• Splunk Heavy Forwarder Configuration.Install and maintain theSplunkadd-on including the DB Connect, Active Directory, LDAP for work wif directory.
• ManageSplunkconfiguration files like input, props, transforms etc.
• Upgrading theSplunkEnterprise and security patching.
• Well versed in both remote and on-site userSplunkSupport.
• On boarded multiple data sources wifinSplunk, creating custom TAs for data parsing.
• Advised clients on the best practices for aSplunkdeployment.
• Developed detailed documentation for the installation and configuration ofSplunkandSplunkApps.

Environment: Windows Server 2012/2008/2003R2, Linux RedHat, Linux and Unix Servers,SPLUNK 6.5, ServiceNow, F5 data ASM, wireshark, Jira, TCP/IP, CompTIA Security+.

Confidential, Milwaukee, WI

Network Security Analyst

Responsibilities:

• Monitor systems and report the status to client staff.
• Good working knowledge on AWS Environment, Cloudtrail, Cloudwatch, Vpc flow logs, EC2 instance, configuring AWS.
• Splunk server configurations (web, indexing retention, authentication, etc.).
• Splunk data onboarding operations (inputs, SQL, index-time configurations).
• Splunk data parsing operations (search-time field extractions, event types, tags).
• Manage existing application and create new applications (visual and non-visual).
• Worked on AWS cloudtrails and F5 data.
• Deploy, configure and maintainSplunkforwarder in different platforms.
• Creating Reports, Pivots, alerts, advanceSplunksearch and Visualization inSplunkenterprise.
• Provide power, admin access for the users and restrict their permission on files.
• Installed and upgradedSplunksoftware in distributed and clustered.

Environment: Windows Server 2012/2008/2003R2, Linux and Unix Servers,SPLUNK 6.5, ServiceNow, F5 data ASM, wireshark, AWS cloudtrail, cloudwatch, Jira, TCP/IP, CompTIA Security+.

Confidential

Security Analyst

Responsibilities:

• Analyzesecurityand firewall logs for compromised/infected hosts on thenetwork.
• Responsible for Disaster Recovery Site Management.
• Design and develop theSecurityZone diagram for theSecurityMonitoring Team.
• Member of theSecurityOperations Center (SOC) dat provides 24/7 monitoring, analysis, and remediation ofsecurityevents.
• In charge of Cyber Attack Response Team including data recovery.
• Analyzesecurityincidents and escalate as necessary.
• Create daily, monthly, and adhoc reports for various devices.
• Identify, monitor, and prepare daily reports ofNetworkthreats, and Vulnerabilities.
• Prepare reports using the Nagios server monitoring tool.
• Create new process documents to help theAnalystsin analyzing events.
• Responsible for vulnerability reporting and vulnerability scan scheduling.
• Follow up wif asset owners for remediation of vulnerabilities either at OS or application level.
• Maintain Spam Filter and Web Filter.
• Work wif vendors to support system maintenance.
• Keep servers updated wif latestsecurityupdates.
• Create and migrate virtual servers.

Environment:Windows Server 2012/2008/2003R2, Linux and Unix Servers, Nagios.