SUMMARY

• 7 years of work experience in IT Industry in Analysis, Architecture, Design, Development and Maintenance of various software applications in system design, implementation, unit, integration and system maintenance.
• 4+ years of experience at Splunk, in Splunk developing dashboards, forms, SPL searches, reports and views, administration, upgrading, alert scheduling, KPIs, Visualization Add - Ons and Splunk infrastructure.
• Hands on experience in enterprise Deployments and enabled continuous integration on as part of configuration management.
• Expertise in Actuate Reporting, development, deployment, management, and performance tuning of Actuate reports.
• Expertise in customizing Splunk for Monitoring, Application Management, and Security as per customer requirements and industry best practice.
• Experience in responding to requests and incident tickets within defined Service Level Agreements.
• Install and maintain the Splunk adds-on including the DB Connect 1, Active Directory LDAP for work with directory and SQL database.
• Experience with creating disaster recovery plans and testing.
• Work as part of a team to provide excellent customer experience. Provide emergency or scheduled support out of hours as required.
• Install, configure, and troubleshoot Slunk. Use Splunk to collect and index log data.
• Experience with regular expressions and using regular expressions for data retrieval.
• Work with application owners to create or update monitoring for applications.
• Experience creating and maintaining Splunk reports, dashboards, forms, visualizations, alerts.
• Strong knowledge of Windows, Linux, and UNIX operating systems.
• Manage and support change in the environment. Experience of working.
• Splunk SPL (Search Processing Language) and Dashboarding/Visualization. Setup dashboards for network device logs.
• Good experience in working with SNMP traps and Syslog NG in onboarding the security devices on Splunk.
• Experience with creating disaster recovery plans and testing.
• Work as part of a team to provide excellent customer experience. Provide emergency or scheduled support out of hours as required.
• Install, configure, and troubleshoot Slunk. Use Splunk to collect and index log data.
• Experience with regular expressions and using regular expressions for data retrieval.
• Work with application owners to create or update monitoring for applications.
• Experience creating and maintaining Splunk reports, dashboards, forms, visualizations, alerts.
• Strong knowledge of Windows, Linux, and UNIX operating systems.
• Experience with Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modeling.
• Machine learning experience and Experience deploying and managing infrastructure on public clouds such as AWS.
• Risk and Threat Analysis. IT security monitoring and analysis, vulnerability analysis by using Guardium, QRadar, Idenfense, wildfire, Sourcefire, fireeye.
• Expertise knowledge in optimize searches for better performance, Search time vs Index time field extraction. And understanding of configuration files, precedence and working.
• Developed specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow.
• Ability to write/create custom dashboards, alerts, searches, and reports to meet requirements of various user groups.
• Experience in dashboards and reports performance optimization.
• Working knowledge of scripting languages (e.g. Python, bash, etc.).
• Excellent knowledge of TCP/IP networking, and inter-networking technologies (routing/switching, proxy, firewall, load balancing etc.).
• Train and mentor for team towards solution development and POC, KPI, Metrics Monitoring execution in SPLUNK.
• Handling tickets through Remedy and Service now and addressing them promptly. Following ITIL best practices.

TECHNICAL SKILLS

Splunk Modules: Splunk 6.1.3, Splunk on Splunk, Splunk Enterprise, Splunk DB Connect, Splunk Cloud, Splunk Web Framework

Languages: SQL, PL/SQL, Perl (Korn shell) Unix Shell Scripts, JSP, C, C++, java, J2EE, CSS, HTML, XML.

RDBMS: Oracle 11g/10g/9i/8i, MS-SQL Server 2000/2005/2008 , Sybase, DB2 MS Access.

Tools: APEX 4.2,3.2, Pentaho 4.2/45.0/50/5.2/5.3 Power Center Oracle Forms 10g,9i,6i and Reports 10g,9i, 6i, ERWIN,VISIO.

Security Tools: Palo Alto, Imperva, IBM Security Guardium Vulnerability, OpenVAS, MBSA, Nexpose

Operating Systems: Red Hat Enterprise Linux 7.x/6.x, Sun Solaris 9/10, ES3/4, HP-UX 11.11,11.23, AIX5.3/6.1, Windows 2010/2008/OS X 10.6/10.7/10.8/10.9

PROFESSIONAL EXPERIENCE

Confidential, Tampa, FL

Splunk Developer/ Security Engineer

Responsibilities:

• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Experience in setting up dashboards for senior management and production support- required to use SPLUNK.
• Splunk Engineer/Dashboard Developer responsible for the end-to-end event monitoring infrastructure of business-aligned applications.
• Prepared, arranged and tested Splunk search strings and operational strings. Created and configured management reports and dashboards.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Optimized the search performance of Splunk queries and reduced the time for loading the dashboards.
• Experienced in Troubleshooting Splunk search quotas, monitor Inputs, WMI Issues, Splunk crash logs and Alert scripts.
• Create and maintain documentation related to Architecture and Operational processes for Splunk.
• Implemented Splunk to analyze the patterns of the customers and all the data generated from various web and server logs to analyze the behavioral pattern of the customers.
• Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
• Installation of Splunk indexer and forwarders in multiple servers with 2 head servers, Search Head and node servers.
• Design and implement Splunk Architecture (Indexer, Deployment server, Search heads, and Forwarder management), create/migrate existing Dashboards, Reports, Alerts, on daily/weekly schedule to provide the best productivity and service to the business units and other stakeholders.
• Splunk Architecture/Engineering and Administration for SOX monitoring and control compliance.
• Built Utilization and Monitoring Analytics for Various Work environments of Personal Insurance sector
• Created a drilldown of navigations from one Splunk app to the other app.
• Review and apply any newly available and applicable SPLUNK software or policy updates routinely.
• Assist with design of core scripts to automate SPLUNK maintenance and alerting tasks.
• Support SPLUNK on UNIX, Linux and Windows-based platforms. Assist with automation of processes and procedures.
• Maintain current functional and technical knowledge of the SPLUNK platform and future products.
• Help to document best practices in developing and using SPLUNK.
• Experience with Splunk UI/GUI development and/or operations roles
• Work with business/IT and create the next steps plan and implement the same.
• Implemented Post processing method for searches in dashboards.
• Extensively worked on building of range maps for various SLA conditions by using all kinds of Splunk 6.x Dashboard Examples .
• Implementing new apps to the Splunk and license distributing across the servers.
• Integrating the Splunk with Single Sign-On authentication and Service now ticketing tool.
• Performing investigation, analysis, reporting and escalations of security events from multiple sources including events like intrusion detection, Firewall logs, Proxy Logs, Web servers.
• Experience in Information Security Platform by providing support on known/ unknown vulnerabilities/ threats found via security devices/ product.
• Experience in developing & creating SIEM Procedures (SOP) documentation.
• Created and debugged Snort Intrusion Detection System (IDS) and Sagan Security Information event management (SIEM) rules.
• Created subroutines for Quadrant’s IDS Graphic User Interface (GUI).
• Headed Proof-of-Concepts (POC) on Splunk ES implementation, mentored and guided other team members on Understanding the use case of Splunk.
• Creating Vulnerability Assessment dashboard using Rapid7, Joval that aggregates data across multiple services to identify critical threats and proactively mitigate risks.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing and splunk clustering.
• Setup and configuration of search head cluster with three search head nodes and managing the search head cluster with deployer.
• Created Compliance dashboard for HP-NA and Compliance with Network Devices.
• Created Compliance Security Baseline and Vulnerability Assessment dashboard for IBM Guardium Security for Database Server and Database Instances.
• Creating Vulnerability Assessment dashboard using Rapid7, Joval that aggregates data across multiple services to identify critical threats and proactively mitigate risks.
• Created Compliance dashboard for HP-NA and Compliance with Network Devices.
• Created Compliance Security Baseline and Vulnerability Assessment dashboard for IBM Guardium Security for Database Server and Database Instances.
• Creating Vulnerability Assessment dashboard using Rapid7, Joval that aggregates data across multiple services to identify critical threats and proactively mitigate risks.
• Risk and Threat Analysis. IT security monitoring and analysis, vulnerability analysis by using Guardium, QRadar, Idenfense, wildfire, Sourcefire, fireeye.
• Developed specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
• Supports, Monitors and manages the SIEM environment. Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app, Triage events, Incident Analysis.
• Developed Splunk Objects and reports on Security baseline violations, Non-authenticated connections, Brute force attacks and many use cases.
• Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app, Triage events, Incident Analysis.
• Experience in operating and monitoring AWS instances. Experience with Splunk Enterprise Security (Splunk ES).
• Administering Splunk and Splunk; Integrating Splunk with a wide variety of legacy data sources and industry leading commercial security and other tools.
• Assisting users to customize and configure Splunk in order to meet their requirements.
• Perform implementation of security and compliance-based use cases. Performing maintenance and optimization of existing Splunk deployments.
• Communicating with customer stake holders to include leadership, support teams, and system administrators.
• Technical writing/creation of formal documentation such as reports, training material and architecture diagrams.
• Ability to write/create custom dashboards, alerts, searches, and reports to meet requirements of various user groups.

Confidential, Englewood, OH

Splunk Developer

Responsibilities:

• Designing and implementing Splunk-based best practice solutions.
• Requirement gathering and analysis. Interacted with team members and users during the design and development of the applications and Splunk Objects.
• Receiving promptly, handling, gathering requirements through remedy tickets and resolving at on time.
• Communicating and collaborating with hundreds of customers, Splunk users.
• Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.
• Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.
• Creating, maintain, support, repair, customizing System & Splunk applications, search queries and dashboards.
• Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app, Triage events, Incident Analysis.
• Developed Splunk Objects and reports on Security baseline violations, Non-authenticated connections, Brute force attacks and many use cases.
• Good experience in working with SNMP traps and Syslog NG in onboarding the security devices on Splunk.
• Design, support and maintain large Splunk environment in a highly available, redundant, geographically dispersed environment.
• Install, configure, and troubleshoot Splunk. Experience with regular expressions and using regular expressions for data retrieval.
• Work with application owners to create or update monitoring for applications.
• Experience creating and maintaining Splunk reports, dashboards, forms, visualizations, alerts.
• Good experience in building SplunkSecurity Analytics. Lead logging enrollments from multi-tier applications into the enterprise logging platforms.
• Developed specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
• Strong knowledge of Windows, Linux, and UNIX operating systems.
• Experience in responding to requests and incident tickets within defined Service Level Agreements.
• Supports, Monitors and manages the SIEM environment
• Integration of Splunk with a wide variety of legacy and security data sources that use various protocols.
• Installation and configuration of Splunk apps to onboard data sources into Splunk
• Experience with creating disaster recovery plans and testing.
• Work as part of a team to provide excellent customer experience.
• Provide emergency or scheduled support out of hours as required.
• Manage and support change in the environment. Experience of working on a very large enterprise environment
• Splunk SPL (Search Processing Language) and Dashboarding/Visualization. Setup dashboards for network device logs.
• Developed alerts and timed reports Develop and manage Splunk applications. Have done many POCs.
• Implemented maps integration and dynamic drill downs extensively.

Confidential, Richmond, VA

Splunk Developer

Responsibilities:

• Planning, communicating clear instructions to the team members; training, guiding and directing the team.
• Requirement gathering and analysis. Interacted with team members and Business users during the design and development of the application.
• Ingesting logs to geologically distributed Splunk infrastructure.
• Getting data in and create & managing Splunk apps
• Developed robust, efficient queries that will feed custom Alert, Dashboards and Reports.
• Worked on Splunk search processing language, Splunk dashboards and Splunk dB connect app.
• Publishing data into Splunk through configurations such as inputs.conf, severclass.conf, server.conf, apps.conf and Outputs.conf configurations
• Design and customize complex search queries, and promote advanced searching, forensics and analytics
• Developed dashboards, data models, reports and optimized their performance.
• Provided engineering expertise and assistance to the Splunk user community
• Developed Splunk dashboards, data models, reports and applications, indexing, tagging and field extraction in Splunk
• Created Splunk knowledge objects (e.g. fields, lookups, macros, etc.)
• Experience in dashboards and reports performance optimization.
• Developed Dashboards for Business Activity Monitoring, Enterprise Architecture
• Built KPIs dashboards on Patient Enrollment transactions and other business activities
• Built Key Performance Indicators to the Enterprise Architecture team through Splunk
• Created Alerts on different SLAs and thresholds through Splunk.
• Manipulating raw data and Field extraction
• Built KPIs, alerts on SLAs of filesystem services project.
• Business Activity Monitoring and troubleshooting Maintain current functional and technical knowledge of the SPLUNK platform and future products.
• Help to document best practices in developing and using SPLUNK.
• Experience with Splunk UI/GUI development and/or operations roles
• Work with business/IT and create the next steps plan and implement the same.
• Doing deeper analysis of data using event correlations across indexes and various source types to generate custom reports for senior management.

Confidential, Englewood, CO

Java Developer

Responsibilities:

• Involved in developing the application using Java/J2EE platform. Implemented the Model View Control (MVC) structure using spring.
• Involved in Analysis, Design, Coding and testing phases of the project management.
• Responsible for maintaining, supporting, enhancing and developing the applications.
• Followed Agile Software Development with Scrum methodology.
• Implemented the Design Patterns like Session Façade, Data Transfer Object (DTO), Service Locator and Data Access Object (DAO).
• Designed UML diagrams like Use Case, Class and Activity diagrams based on the requirements.
• Involved in writing Controller Classes and DAO Classes using Spring MVC Framework.
• Used iBATIS framework with Spring Framework for data persistence and transaction management
• Used Spring Frameworks IoC Dependency Injection to inject Service Object into Action Classes.
• Responsible to enhance the web application UI using HTML, JavaScript, Angular JS, XML,JSP, CSS as per the requirements and providing the client side using java script validations.
• Used Hibernate as persistence framework mapping the ORM objects to table using Hibernate annotations.
• Implemented application level persistence using Hibernate.
• Hands on implementation of continuous service testing and service virtualization with the help of different tools like SOAP UI and POSTMAN.
• Developer brokers for credit card payment gateways.
• Exposed various capabilities as web services using SOAP/WSDL.