- Installation of Splunk, splunkweb, Configuration files, Index Management, User Roles & Authentication
- Setting up forwarder, indexer, Deployment server configuration Forwarder management
- Distributed Management Console | Troubleshooting Splunk Enterprise Forwarder password issue, hardening
- Configure Indexer Cluster on AWS | Cluster Management and Administration
- Field extractions, tags, event types, alerts, lookups, and data models
- Creating robust reports, notable events | Familiar with Splunk Search Language
- Ability to create dashboards and data collection: Data model & Pivot
- Understanding of Cyber Security Operations (Monitoring, Detection)
- Familiar with Splunk Enterprise Security
TECHNICAL SKILLS: knowledge of Security Technologies: Nessus Security Center; SSH; SSL; Digital Certificates; Anti - Virus Tools (Norton, Symantec End-Point Security, Ghost, etc.), Web Inspect, Nstalker, Cactus, ISS, Qradar, Splunk, Sky high DLP & Proofpoint DLP
Virtualization Technologies: VMware Vsphere 5.5/6.0 vCenter VMotion - XenServer VirtualBox, KVM
Windows (2008 / 2012): Active Directory, Microsoft Office (2010, 2016), Microsoft Visio, Microsoft Project, Lotus Notes 6.5, ISA Server, Microsoft Right Management Services,, Microsoft SMS, Microsoft SQL Server, Microsoft SQL Server reporting services, Microsoft Exchange Server, Microsoft Operations ManagerOS Knowledge: Llinux (Redhat, Centos Fedora, BSD, Ubuntu Solaris ) Windows 10 / Server 2012,,
Kali Linux: Familiar with Most Tools ) Oracle 11g,12C, SQL Server, SAP ERP Basis Security GRC Outstanding Personal and Technical Skills include Diplomacy, Team Skills, Oral and Written Communication, Presentation, Integrity, Problem Solving, Time Management
SIEM Tool: SPLUNK Administration
Confidential, Arlington, VA
- Installing, Setting up Forwarder, Indexer, Searched Head, Deployment Server on Linux and Windows Servers.
- SPL (splunk processing language) (Filter, sort, grouping reporting, stat eval) Monitoring and creating Alerts
- Worked with reports, dashboards, pivot tables create graphs for dashboard panels or report (bar chat, stacked Manage user: User & Roles, Authentication with LDAP, external user,SSO
- Data Security: SSL (https) for secure access to splunk web, intra - splunk communication, use SSL to encrypt & authenticate data, Audit activity, event hashing, hardening standards
- Responsible for maintaining security policies and procedures, following an overall security strategy, facilitating end-user use of the systems, coordinating information security communications to user communities and providing security solutions that facilitate business operations for Confidential clients
- Responsible for network design, maintenance, troubleshooting, configuration, upgrades, and backup, including computer system configuration, setup, repairs, and upgrades. Lead several technical assessments with new technologies including VPN devices, remote access gateways, blade server technologies, and caching solutions for various Confidential clients.
- Briefed supervisor on information security program s health and industry threat landscape;
- Supported Incident Response program; Investigated, gathered and documented inappropriate use and internal security incidence
- Supported full security SOC activities to include protection, detection and correction technologies (Firewalls, IDS/IPS, Content Filtering, WAF, Vulnerability Assessment, Employee Activity Monitoring, Forensic, PACS end protection, etc.)
- Managed the engineering team supporting various clients for vulnerability testing using DISA STIGs, SRRs, Gold Disk, ISS scanner, Wireshark, Web Inspect, and port scanning utilities.
- Performed network and system security assessment activities for various client network systems, including new technologies, comparisons and Bake offs, performance, and integration testing. Configure and maintain secure local area production and research networks.
SAP SECURITY & RISK Administrator
- Use Sarbanes-Oxley Act (SOX) throughout SAP Practice
- International Security standard” ISO/IEC 27002:2005: Cobit. ITIL, COSO NIST 800-12
- Symmetrics / Asymmetrics Encryption Procedure, Elliptic Curve Cryptography, Hybrid Hash Procedure, SSL, Digital Signature, Single-Signed-On, Kerberos, Security Token
- Enterprise Risk Management (ERM): Authorization, Risk & Change Management and Auditing
- Configured and Used SAP Identity Management throughout SAP Security practice.
- Create User Mater role based on Job Description. HR FICO SD MM using Profile Generator SU01 including Complex design restriction
- Ensured accuracy and segregation of duties, through comprehensive testing of all profiles and authorization.
- Expert in resolving Authorization issues by Authorization check, Error analysis using SU53 SU56.
- Extensively used SU53 & SUIM to assign the missing authorization, tracing object recommended appropriate roles for the end user.
- Configured and Implemented GRC Access Control Suite 10.0
- GRC Implementation, automation, upgrade experience with GRC ARA, ARM, EAM, BRM and sap CUA
- Experience in creating and assigning FF ID, and extracting Security Logs. FireFighter ID is a temp UserID that grant the user Exception-based yet regulated access.
- Configured workflow, actions and rules.
- Configured HR trigger provisioning and schedule background jobs.
- Configured User Data source and define authentication system for requestor using ARM
- Experience in using ARM to configure workflow for User Access Reviews and User SoD Review.
ERP: SAP ECC 5.0, BW, SCM, CRM
Database: Oracle 10, 11
Operating Systems: Solaris10, Windows 2008
SAP Basis Administration
- Manage 5 production systems over 25TB size, Monitor SAP instances and logs and take corrective actions if problems arise. Using Solution Manager to Acknowledge Production Error and rectify
- Monitor file systems Daily | Used BTROOLS to Add space in ORACLE TABLESPACE
- Installing and upgrading (support packs and enhancement packs) both ABAP and Java stacks using SUM, JSPM, SWPM, SPAM/SAINT, Kernel upgrades and OSS notes
- User management Create, Deletion, lock, activation, Profile generator, Authorization traces and Password management, besides setting of new authorization objects and values.
- Performance Tuning of SAP servers by using some transaction codes such as ST01, ST03, ST03N, SM50, SM12, DB01, ST05, ST22, SM21, DB02 and other related codes and procedures if needed.
- Perform SAP Transports throughout (STMS Dev > QA > PRD the landscape and maintain the transport management system.
- Client maintenance, client copies, exports, system refreshes, SPAM updates and upgrade R/3 kernel patches. Schedule SAP Early-watch sessions, review and analyze Early-watch reports and implement SAP recommendations.
Environment: ECC 6.0, EP 7.0, BI 7.0/BW 3.5, PI 7.0, SCM, NetWeaver, Wiley Interscope
Database: Oracle 11G/12c, MaxDB, Solaris 10 - Tools: TOAD (Qwest Software)
Virtualization: VMWARE, ESX Server, Blade servers
IT SECURITY ANALYST
- Provided Tech Support and IT Security Services, monitored networks for vulnerabilities.
- Interfaced with corporate, regional, and local executives weekly.
- Monitoring network traffic, opening investigations for infected workstations.
- Provide application, device, and network vulnerability assessments for new and developing systems, using tools such as Retina, AppDectective, Security Expressions, WebInspect, SuperScan, Nmap & Nessus
- Evaluated and assessed compliance with established policies and regulations.
- Built 25 Linux server (Red Hat 4 Enterprise ): Applied STIG - Installed and Configured Tripewire
Confidential, Concord, NC
Application Support / Analyst
- Installation, maintenance of Oracle databases 9i,10g/Oracle Applications
- Database backup and recovery (Hot and Cold Backups)& RMAN utility - User and tablespace management, creating and granting roles Performed upgrading Oracle 9i to 10g. Application and database cloning, patching. Troubleshooting ORA errors. Applying patches.
- Monitoring tablespace size, resizing tablespace, alert log, trace files
- Tracking invalid object, compiling & validating the invalid objects
- Resolved the view log /out files issues of concurrent request