SUMMARY

• Highly qualified Splunk Engineer with 6+ years of experience in the industry.
• In - depth and extensive knowledge of Splunk enterprise systems and various components.
• Self-motivated and reliable, proficient on machine data and operational intelligence with excellent communication skills, interpersonal skills and leadership skills.
• Excellent scripting knowledge and data analytics insight for data manipulation
• Onboarding data and normalizing it, designing/performing IT systems upgrade, troubleshooting system performance and resolving issues.
• Plan Proof-of-Concepts on Splunk systems administration, collaboratively coordinating team members on understanding the use cases of Splunk to improve team building

TECHNICAL SKILLS

• Red Hat
• VMware vSphere Vcenter
• VMware ESXi 4x, 5x
• OSSEC
• NAGIOS/Nimsoft monitoring tools
• APM/Monitoring tools
• Dynatrace
• AppDynamics
• Linux Server Administration
• Windows 2000 professional
• Windows XP
• Windows NT 2003 server
• Team quest 7.4
• Solstice disk suite
• HPUX
• VERITAS Volume manager
• VERITAS netback up
• Apache
• PHP
• SSH
• TCP-Wrappers
• SUD
• PCI compliance
• PCM tool for monitoring
• Tiger
• MS Access
• UNIX
• Windows NT
• Excel
• Word
• Microsoft Windows/office
• MYSQL under Windows/Unix
• MAC OS
• MS SQL Lotus notes
• Confluence
• Omd
• CommonStore for Lotus Domino
• Kickstarter
• SAN storage
• Splunk Enterprise
• Software installation
• Oracle
• Hadoop
• MySQL
• Ansible
• Chef and Puppet
• Websense
• Cisco ASA
• Palo Alto
• Nessus tenable
• Trivoli Endpoint Manager
• Wireshark
• Tripwire
• Network design
• Cisco Sourcefire. LDAP
• Python
• Agile
• JIRA
• HTML
• CSS
• TCP/IP
• REST API
• Java
• JavaScript/server-side scripting
• Bash
• Shell scripting
• Cloud Implementation
• AWS
• Azure
• GCP
• Splunk
• SPL technology/Engineering
• IT security/Cybersecurity
• Servers development/Expertise Cribl
• Sentinel
• SafePractictioner-ADO

PROFESSIONAL EXPERIENCE

Confidential, Houston, TX

Splunk Security Engineer

Responsibilities:

• Develop and maintain standard operating procedure by creating policies and processes, achieving smoother evaluation for data gathering
• Translate and support customer’s IT operations need for secure and effective solutions assessment
• Setup and scale up distributed environments with deployment server, multiple indexers and multiple search heads, achieving more data availability/production
• Deploying universal forwarders on application servers both manually and remotely by script to obtain information, achieving better performance.
• Testing/Implementing secure practices for building better security infrastructure, using cyber defense tools in our administration, achieving continuous threat elimination
• Pushing new bundles to SHC, and index clusters for Splunk SIEM via back-end frameworks
• Normalizing data for Enterprise Security and restricting access to sensitive logs/data in our IT systems
• Providing log analysis for better security remediation while eliminating false positives to help SOC team
• Tuning Splunk queries to assist in users service, achieving experience to meet customer needs
• Optimize and monitor search performance of Splunk queries, to reduce time for loading dashboards
• Design solutions into visualization tableaus and dashboard panels, achieving easy data reporting
• Creating/scheduling reports and alerts, and configure lookup for use across our virtualization/infrastructure
• Using the search head to pull in data on the fly via DB Connect, API calls, and lookups across our architecture.
• Utilizing Cribl to collect data and reduce licensing costs across the board.
• Experience in writing guides and manuals for technicaland non-technical audience to maintain best practices, achieving information security goals
• Worked in an integrated and multi-cloud environment i.e AWS, Azure, and GCP architecture.

Confidential, Louisville, Kentucky

Splunk Admin

Responsibilities:

• Extracted complex fields from different types of log files using Regular Expressions for better lab integration in our organization.
• Mapped data to their respective data model for proper networking procedures and product summary
• Mapped new roles and permission to apps and users for information assurance and corrective actions
• Troubleshooting and identifying root causes of failures to achieve 100% risk management.
• Developed/built new apps and technological add-on for Splunk Cloud and Splunk Enterprise, and achieved better data information analysis.
• Cleaned up apps folders for better maintenance and updated Splunk to the latest version in our production environment.
• Monitored different locations to bring in data to Splunk.
• Onboarded new users through LDAP.
• Ensured proper licensing and license management to project business continuity
• Ensured Linux operating systems are in collaboration with our machine learning applications to achieve hardware compatibility, and achieved great system performance

Confidential, Alexandra, VA

System Engineer

Responsibilities:

• Installed and configured various services in-out IT operations like DNS, DHCP, NFS, Apache Web Server, Samba, and SSH.
• Managed and installed patches and software packages using YUM and RPM and creating YUM repository files for offline servers.
• Worked with system, network, security, and storage teams to prepare and configure new servers for the environment.
• Managed and resolved incident tickets opened by clients as well as those logged by the event monitoring system and follow up with each case for technical documentation
• Writing scripts for Cron-job entries, which included maintaining log files for information systems and product knowledge.
• Provided assistance and documentation which allowed the 24/7 operations department to troubleshoot and correct problems without needing to page other employees.
• Helped employees identify and resolve issues pertaining to dial up configuration, web hosting and domain registration on the computer.
• OS technical support team member with focus on equipment consultation