SUMMARY

• Overall 9+ years of experience in Information Technology field with strong 6 year experience in Splunk Developer/Admin, Enterprise Security ES and ITSI and SIEM content Management.
• Strong experience with Splunk 7.x, Splunk 6.x and 5.x product, components including search heads, indexes, and forwarders.
• Experience in Operational Intelligence using Splunk.
• Headed Proof - of-Concepts (POC) on Splunk ES implementation, mentored and guided other team members on Understanding the use case of Splunk.
• Expertise in customizing Splunk for Monitoring, Application Management and Security as per customer requirements and industry best practice.
• Expertise in Installation, Configuration, Migration, Trouble-Shooting and Maintenance of Splunk, Passionate about Machine data and operational Intelligence.
• Expert in installing and configuring Splunk forwarders on Linux, UNIX and Windows.
• Worked on large datasets to generate insights by using Splunk.
• Install, configure, and administer Splunk Cloud Environment 6.5.0 and Splunk Forwarder 6.x.x on Windows Servers.
• Supported Splunk Cloud with 4 Indexers, 80 forwarders and Generated 700 Gb of data per day.
• Involved in standardizing SPLUNK forwarder deployment, configuration, and maintenance across Windows Servers
• Configured inputs. Conf and outputs.conf to pull the XML based events to SPLUNK Cloud Indexer.
• Installed Splunk on nix & Splunk SOS and maintained Splunk instance for monitoring the health of the clusters
• Splunk UI experience and able to debug expensive search queries.
• Configured Clusters for load balancing and fail over solutions.
• Create Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Extensively used various extract keyword, search commands like stats, chart, time chart, transaction, strptime, strftime, eval, where, xyseries, table etc
• Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
• Strong experience with web/application servers like Apache Tomcat, Jetty, JBoss, IBM WebSphere, WebLogic.
• Strong experience using SQL, PL/SQL Procedures/Functions, Triggers and Packages.
• Well versed with Dynatrace Monitoring tool. Expert in architecture of applications monitoring and UE Analytics. Experience within configuration and infrastructure support of Monitoring alerting and reporting tools through Dynatrace interface

TECHNICAL SKILLS

• Splunk 5.x and 6.x, Splunk Enterprise, Splunk on Splunk, Splunk DB 2 Connect, Splunk Cloud, Hunk, Splunk IT Service Intelligence(ITSI), Splunk Web Framework,SIEM
• Windows 2000, XP, Win 10, Windows Server, Unix/Linux (Red Hat), Free BSD
• Requirement Analysis, Business Analysis, detail design, data flow diagrams, data definition table, Business Rules, data modeling, Data Warehousing, system integration
• SDLC, Object Oriented Analysis and Design, Unified Modeling Language (UML), Assembly and System Level Testing, exposure in Agile.
• C, C++, Java with Big Data, Python, UNIX shell scripts
• Snort, Wireshark, Websense, Bluecoat, Palo Alto, Checkpoint
• Symantec, Qualys Vulnerability Manager, FireEye HX, Sophos, Sourcefire
• Netcool, Dynatrace, tealeaf

PROFESSIONAL EXPERIENCE

Confidential, Lake Mary, FL

SOC Engineer (Splunk Engineer)

Responsibilities:

• Perform network monitoring and capacity planning, ensure network performance meets SLAs
• Industry research on security trends, goal of potential improvements in our own processes or tools
• Knowledge of Palo Alto Networks products
• Strong familiarity with security technologies in general, both at the host and network level
• Working knowledge of Splunk / Splunk Enterprise Security
• Mentor and provide training, methods and procedures for NOC staff (5%)
• Working knowledge of T1, T3, Sonet, Frame-relay, and Ethernet Work with your peers to assist the global Security Operations Center Response Manager in defining the overall security response strategy for Amazon
• Create reports and dashboard to provide metrics for SOC operations in a meaningful way for Sr. Management
• Working with the Incident Response team to help create RCA’s for events escalated to incident levels
• Perform Network Security Monitoring
• Maintaining the relationship to keep clients and management informed and throughout the incident, problem and change management cycles
• Lead and manage the local Tier 1 Security Operations staff
• Services monitored will include, but are not limited to SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP)

Confidential, Orlando, FL

Splunk Admin/Developer

Responsibilities:

• Responsible for designing, developing, testing, debugging, deploying and maintaining Splunk/HUNK solutions and dashboards running on Big Data technologies such as Hadoop.
• Knowledge in creating providers, virtual indexes in Splunk Hunk and troubleshooting configuration issues.
• To develop reliable, efficient queries that will feed custom Alert, Dashboards and Reports.
• Populate Splunk/HUNK from 3rd party data sources Splunk IT Service Intelligence (ITSI) AND Hybrid CLOUD structure
• Indexing data from various sources such as Zabbix, Kafka, open stack.
• Design and maintain production-quality dashboards.
• Log management, Log errors, Log management analytics through splunk and ELK.
• To write regular expressions to extract the meaningful fields.
• Played a major role in understanding the logs, server data and brought an insight of the data for the users.
• Expert in creating Splunk knowledge objects. Hands on experience in installing Splunk TASSymantec DLP, Splunk DB connect Splunk App for AWS and more.
• Worked on Security solutions (SIEM) that enable organizations to detect, respond and prevent these threats by providing valuable context and visual insights to help you make faster and smarter security decisions.
• Experience in providing monitoring and response to security events in Security Operations Center (SOC) team.
• Experience in creating Access controls, to user by creating AD (Active Directory) groups power and user groups.
• Experience with Active Directory and SSO Single sign-On option.
• Configure the add-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.
• Experience in Python general scripting, Hands on Experience in secure codin
• Responsible for documenting the current architectural configurations and detailed data flow and Troubleshooting Guides for application support.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.

Confidential

Senior Splunk Engineer

Responsibilities:

• Installation and configuration of Splunk product at different environments.
• Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
• Designing and maintaining production-quality Splunk dashboards.
• Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
• Configured and developed complex dashboards and reports on Splunk.
• Involved in Installation, Administration and Configuration of Splunk Enterprise and integration with local legacy systems.
• Splunk DB Connect 2.0 in search head cluster environments of Oracle Experience with Splunk UI/GUI development and operations roles.
• Expertise in creating and customizing Splunk applications, searches and dashboards as desired by IT teams and business.
• Drive complex deployments of Splunk dashboards and reports while working side by side with technical teams to solve their integration issues.
• Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
• Managing indexes and cluster indexes, Splunk web framework, data model and pivot tables.
• Performed troubleshooting and/or configuration changes to resolve Splunk integration issues.
• Hands on development experience in customizing Splunk dashboards, visualizations, configurations, reports and search capabilities using customized Splunk queries.
• Designing and maintaining production-quality Splunk dashboards.
• Good experience in Splunk, WLST, Shell scripting to automate and monitor the environment routine tasks.

Confidential

Splunk Engineer

Responsibilities:

• Expertise with Splunk UI/GUI development and operations roles.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Involved in setting up alerts for different type of errors.
• Developed, evaluated and documented specific metrics for management purpose.
• Using SPL created Visualizations to get the value out of data.
• Created Dashboards for various types of business users in organization.
• Played a major role in understanding the logs, server data and brought an insight of the data for the users.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
• Supporting migration from Splunk On Premise data center to Amazon AWS
• Launching, Configuring, Supporting large scale instances on AWS
• Monitored Database Connection Health by using Splunk DB connects health dashboards.
• Created Crontab scripts for timely running jobs.
• Developed build scripts, UNIX shell scripts and auto deployment processes.
• Good experience in creating Splunk apps, navigations, interfaces and good experience on Splunk lookups, macros, Pivot, datamodels, lookup files and their publication into Splunk. Network Monitoring, bandwidth and traffic monitoring through splunk and solarwind.
• Experience on use and understand of complex RegEx (regular expressions).
• Provided technical services to projects, user requests and data queries.
• Involved in assisting offshore members to understand the use case of business.
• Assisted internal users of Splunk in designing and maintaining production-quality dashboard
• Involved in writing complex IFX, rex and Multikv, mvcombine command to extracts the fields from the log files.
• Involved in helping the UNIX and Splunk administrators to deploy Splunk across the UNIX and windows environment.
• Helped the client to setup alerts for different type of errors.
• Worked to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
• Involved in installing and using Splunk app for Linux and UNIX.

Confidential

Computer Analyst

Responsibilities:

• Expand or modify system to serve new purposes or improve work flow.
• Test, maintain, and monitor computer programs and systems, including coordinating the installation of computer programs and systems.
• Develop, document and revise system design procedures, test procedures, and quality standards.
• Provide staff and users with assistance solving computer related problems, such as malfunctions and program problems.
• The Responsibilities included in understanding the Issue by having conversation with Business users and owners.
• Developing packages, procedures, functions, and triggers for the application.
• Coordinates/ facilitates transition (planning, sign-off, team meetings, and escalations).
• Involvement in Production Change Management & Release Coordination.
• Writing technical documents using the functional specifications
• Writing PL/SQL stored procedures, functions, triggers to meet new features to be incorporated in the system to implements business rules.
• Code review & Packaging DB Scripts.
• Mentored junior programmers in Oracle database design and development
• Trouble shooting for the end users requirement and Optimizing Queries
• Created many triggers for audit purpose.
• Using UNIX environment for performing the testing.
• Performing the tests on the newly coded procedures and documenting the same.
• Review and analyze computer printouts and performance indicators to locate code problems, and correct errors by correcting codes.
• Consult with management to ensure agreement on system principles.
• Confer with clients regarding the nature of the information processing or computation needs a computer program is to address.
• Read manuals, periodicals, and technical reports to learn how to develop programs that meet staff and user requirements.
• Coordinate and link the computer systems within an organization to increase compatibility and so information can be shared.