SUMMARY

• 12 years of work experience in IT Industry in Analysis, Architecture, Design, Development and Maintenance of various software applications in system design, implementation, unit, integration and system maintenance.
• 5+ years of experience at Splunk, in Splunk developing dashboards, forms, SPL searches, reports and views, administration, upgrading, alert scheduling, KPIs, Visualization Add - Ons and Splunk infrastructure.
• Good command in writing Splunk searches; Splunk Infrastructure and Development expert well-versed with Splunk architecture and design.410
• Headed Proof-of-Concepts (POC) on Splunk ES implementation, mentored and guided other team members on Understanding the use case of Splunk.
• Expertise in customizing Splunk for Monitoring, Application Management and Security as per customer requirements and industry best practice.
• Experience in responding to requests and incident tickets within defined Service Level Agreements.
• Risk and Threat Analysis. IT security monitoring and analysis, vulnerability analysis by using Guardium, QRadar, Idenfense, wildfire, Sourcefire, fireeye.
• Developed specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
• Supports, Monitors and manages the SIEM environment. Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app, Triage events, Incident Analysis.
• Developed Splunk Objects and reports on Security baseline violations, Non-authenticated connections, Brute force attcaks and many usecases.
• Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app, Triage events, Incident Analysis.
• Integration of Splunk with a wide variety of legacy ad security data sources that use various protocols.
• Installation and configuration of Splunk apps to onboard security data sources into Splunk
• Good experience in working with SNMP traps and Syslog NG in onboarding the security devices on Splunk monitoring.
• Experience with creating disaster recovery plans and testing. Work as part of a team to provide excellent customer experience. Provide emergency or scheduled support out of hours as required.
• Install, configure, and troubleshoot Slunk. Use Splunk to collect and index log data.
• Experience with regular expressions and using regular expressions for data retrieval.
• Work with application owners to create or update monitoring for applications.
• Experience creating and maintaining Splunk reports, dashboards, forms, visualizations, alerts.
• Strong knowledge of Windows, Linux, and UNIX operating systems.
• Manage and support change in the environment. Experience of working on a very large enterprise environment
• Splunk SPL (Search Processing Language) and Dashboarding/Visualization. Setup dashboards for network device logs.
• Machine learning experience and Experience deploying and managing infrastructure on public clouds such as AWS.
• Excellent knowledge of SNMP and syslog. Developed several Splunk POCs, KPIs.
• Design solutions and concepts for data aggregation and visualization. Splunk deployment, configuration and maintenance across a variety of UNIX and Windows platforms. Able to troubleshoot Splunk server problems and issues.
• Experience in operating and monitoring AWS instances. Experience with Splunk Enterprise Security (Splunk ES).
• Administering Splunk and Splunk; Integrating Splunk with a wide variety of legacy data sources and industry leading commercial security and other tools.
• Assisting users to customize and configure Splunk in order to meet their requirements.
• Perform implementation of security and compliance-based use cases. Performing maintenance and optimization of existing Splunk deployments.
• Communicating with customer stake holders to include leadership, support teams, and system administrators.Confidential
• Technical writing/creation of formal documentation such as reports, training material and architecture diagrams.
• Ability to write/create custom dashboards, alerts, searches, and reports to meet requirements of various user groups .
• Experience in dashboards and reports performance optimization. Working knowledge of scripting languages (e.g. Python, bash, etc.). Excellent knowledge of TCP/IP networking, and inter-networking technologies (routing/switching, proxy, firewall, load balancing etc.)
• Handling tickets through Remedy and Service now and addressing them promptly. Following ITIL best practices.
• Train and mentor for team towards solution development and POC, KPI, Metrics Monitoring execution in SPLUNK

TECHNICAL SKILLS

Splunk: Splunk 5.x and 6.x, Splunk Enterprise, Splunk on Splunk, Splunk DB 2 Connect, Splunk Cloud, Hunk, Splunk IT Service Intelligence, Splunk Web Framework

Operating Systems: Windows 2000, XP, Win 10, Windows Server, Unix/Linux (Red Hat), Free BSD

Data Analysis: Requirement Analysis, Business Analysis, detail design, data flow diagrams, data definition table, Business Rules, data modeling, Data Warehousing, system integration

RDBMS: Oracle 11g/10g/9i/8i, MS-SQL Server 2000/2005/2008 , Sybase, DB2 MS Access, Mysql

Web Technologies: HTML, DHTML, JavaScript, XML, XSL, XSLT, REST, SOAP

Web/App Servers: Apache Tomcat 6.0, web logic8.1/9.2, web sphere 6.0

Concepts: SDLC, Object Oriented Analysis and Design, Unified Modeling Language (UML), Assembly and System Level Testing, exposure in Agile.

Programming Language: C, C++, Java with Big Data, Python, UNIX shell scripts

Monitoring tool: Netcool,Dynatrace

PROFESSIONAL EXPERIENCE

Confidential, Dallas TX

Splunk Security Engineer / Admin / Developer

Responsibilities:

• Designing and implementing Splunk-based best practice solutions.
• Requiement gathering and analysis. Interacted with team members and users during the design and development of the applications and Splunk Objects.
• Receiving promptly, handling, gathering requirements through remedy tickets and resolving at on time.
• Communicating and collaborating with hundreds of customer, Splunk users.
• Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.
• Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.
• Creating, maintain, support, repair, customizing System & Splunk applications, search queries and dashboards.
• Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app, Triage events, Incident Analysis.
• Developed Splunk Objects and reports on Security baseline violations, Non-authenticated connections, Brute force attcaks and many usecases.
• Good experience in working with SNMP traps and Syslog NG in onboarding the security devices on Splunk.
• Design, support and maintain large Splunk environment in a highly available, redundant, geographically dispersed environment.
• Installed Splunk Common Information Model add-on is packaged with Splunk Enterprise Security, Splunk IT Service Intelligence, and the Splunk App for PCI Compliance.
• Install, configure, and troubleshoot Splunk. Experience with regular expressions and using regular expressions for data retrieval. Work with application owners to create or update monitoring for applications.
• Experience creating and maintaining Splunk reports, dashboards, forms, visualizations, alerts.
• Good experience in building SplunkSecurity Analytics. Lead logging enrollments from multi-tier applications into the enterprise logging platforms.
• Developed specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
• Strong knowledge of Windows, Linux, and UNIX operating systems.
• Experience in responding to requests and incident tickets within defined Service Level Agreements.
• Supports, Monitors and manages the SIEM environment
• Integration of Splunk with a wide variety of legacy and security data sources that use various protocols.
• Installation and configuration of Splunk apps to onboard data sources into Splunk
• Experience with creating disaster recovery plans and testing.
• Work as part of a team to provide excellent customer experience.
• Provide emergency or scheduled support out of hours as required.
• Manage and support change in the environment. Experience of working on a very large enterprise environment
• Splunk SPL (Search Processing Language) and Dashboarding/Visualization. Setup dashboards for network device logs.
• Developed alerts and timed reports Develop and manage Splunk applications. Have done many POCs.
• Implemented maps integration and dynamic drill downs extensively.
• Created Summary searches and reports; In depth knowledge of Splunk license usage abd safeguarding from violation.
• Very good experience in optimizing searches and implemented post processing on dashboards.
• Configurations with deployment server, indexers, search heads, serverclass.conf, server.conf, apps.conf, props.conf, transform.conf, forwarder management configurations.
• Good experience in clustering, deploying apps through Splunk deployment server, deployer, Splunk version upgradation, creating roles and authentication.

Environment: Splunk, Deployment server, Integration, Splunk 6.x Dashboard Examples, Sideview utils, Data Models, Server management, Dashboards, Search processing language (SPL), Field extraction, Regex, Rex, LINIX, XML, Advanced XML, JS, CSS, HTML

Confidential, Fortworth TX

Splunk Developer /admin

Responsibilities:

• Designing and implementing Splunk-based best practice solutions. Requiement gathering and analysis. Interacted with team members and Business users during the design and development of the application.
• Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.
• Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.
• Publishing data into Splunk through configurations such as inputs.conf, severclass.conf, server.conf, apps.conf and Outputs.conf configurations
• Configurations with deployment server, indexers, search heads, serverclass.conf, server.conf, apps.conf, props.conf, transform.conf, forwarder management configurations.
• Created and triggered various dropdowns and drilldowns by using Splunk static Lookups.
• Installed, Configured, Implemented various visualization Add-ons to the developed and developing dashboards
• Built Latency and Time lag analytics in Hadoop and Informatica.
• Built several Key Performance Indicators for the Personal Insurance team through Splunk Metrics
• Built and configured various Splunk Objects on various Filesystems; vmstats, Veritas, NAS, Diskapp, CPU, IO stats.
• Built KPIs and other Splunk Objects on Hardware Utilization of various technologies like Informatica, Goldengate, and SAS Fraud Framework, Teradata, Hadoop, Microstrategy and A&C servers.
• Built Analytics for Workflow logs and Session logs of informatica on Job Failures, errors, stats.
• Built Utilization and Monitoring Analytics for Various Work environments of Personal Insurance sector
• Created and configured Alerts /Notifications on different SLAs and thresholds for Personal Insurance Architecture team on Filesystem, vmstats, Veritas, NAS, Diskapp, CPU, IOstat utilization.
• Created a drilldown of navigations from one splunk app to the other app.
• Review and apply any newly available and applicable SPLUNK software or policy updates routinely.
• Assist with design of core scripts to automate SPLUNK maintenance and alerting tasks.
• Support SPLUNK on UNIX, Linux and Windows-based platforms. Assist with automation of processes and procedures.
• Maintain current functional and technical knowledge of the SPLUNK platform and future products.
• Help to document best practices in developing and using SPLUNK.
• Experience with Splunk UI/GUI development and/or operations roles
• Work with business/IT and create the next steps plan and implement the same.
• Implemented Post processing method for searches in dashboards.
• Extensively worked on building of range maps for various SLA conditions by using all kinds of Splunk 6.x Dashboard Examples.
• Monitor the applications and server infrastructure for optimization, performance and Utilization metrics.
• Configured Alerts and notifications on various thresholds, SLAs for Personal Insurance Architecture team.
• Successfully developed robust dasboards, KPIs, notifications on metrics such as Latency, Lag, canary, Node status, service status, space status, filesystem utilization, trending growth, Missing mounts,User connections, Time standards, response time elements for Informatica, Goldengate, SAS Fraud Framework, Teradata, Hadoop, Microstrategy for all the PROD, DEV, QA, TEST, PERF, RECOVERY environments.
• Doing Team leading, deeper analysis of data using event correlations across indexes and various source types to generate custom reports for senior management.
• Providing Training to Senior management, developers and Splunk Object End users, Documentation and communications on future upgrades

Environment: Splunk, Deployment server, Splunk 6.x Dashboard Examples, Sideview utils, Data Models, Server management, Dashboards, Search processing language (SPL), Field extraction, Regex, Rex, PYTHON, UNIX, AIX, RED HAT LINUX, Hadoop, XML, HTML

Confidential, Harrisburg PA

Splunk Developer / admin

Responsibilities:

• Planning, communicating clear instructions to the team members; training, guiding and directing the team.
• Requirement gathering and analysis. Interacted with team members and Business users during the design and development of the application.
• Ingesting logs to geologically distributed Splunk infrastructure.
• Getting data in and create & managing Splunk apps
• Developed robust, efficient queries that will feed custom Alert, Dashboards and Reports.
• Worked on Splunk search processing language, Splunk dashboards and Splunk dbconnect app.
• Publishing data into Splunk through configurations such as inputs.conf, severclass.conf, server.conf, apps.conf and Outputs.conf configurations
• Design and customize complex search queries, and promote advanced searching, forensics and analytics
• Developed dashboards, data models, reports and optimized their performance.
• Provided engineering expertise and assistance to the Splunk user community
• Developed Splunk dashboards, data models, reports and applications, indexing, tagging and field extraction in Splunk
• Created Splunk knowledge objects (e.g. fields, lookups, macros, etc.)
• Experience in dashboards and reports performance optimization.
• Developed Dashboards for Business Activity Monitoring, Enterprise Architecture
• Built KPIs dashboards on Patient Enrollment transactions and other business activities
• Built Key Performance Indicators to the Enterprise Architecture team through Splunk
• Created Alerts on different SLAs and thresholds through Splunk.
• Manipulating raw data and Field extraction
• Built KPIs, alerts on SLAs of filesystem services project.
• Business Activity Monitoring and troubleshooting
• Good experience on Splunk Search Processing Language (SPL) and Regular expressions.
• Monitor the applications and server infrastructure for optimization, performance and Utilization metrics.
• Experience in developing dashboards and customizing them.
• Implemented various visualization Add-ons to the developed dashboards
• Extensively worked on creation of range maps for various SLA conditions by using all kinds of Splunk 6.x Dashboard Examples .
• Maintain current functional and technical knowledge of the SPLUNK platform and future products.
• Help to document best practices in developing and using SPLUNK.
• Experience with Splunk UI/GUI development and/or operations roles
• Work with business/IT and create the next steps plan and implement the same.
• Doing deeper analysis of data using event correlations across indexes and various source types to generate custom reports for senior management.

Environment: Splunk, BMC, Splunk Universal forwarder,, Splunk 6.x Dashboard Examples, Sideview utils, Data Models, Server management, Dashboards, Search processing language (SPL), Field extraction, Regex, Rex, UNIX, AIX, RED HAT LINUX, BLADELOGIC, XML, HTML.

Confidential, New Jersey NJ

Security Engineer

Responsibilities:

• Participated in the product selection and installation of HP Arcsight Security Information Event Manager SIEM consisting of multiple collectors and a high performance MS SQL database
• Designed and implemented enterprise SIEM systems: centralized logging, NIDS, alerting and monitoring, compliance reporting, based on HP Arcsight 7.0 SIEM.
• Responsible for HP Arcsight SIEM monitoring and configuration aligned to internal PCI and SOX controls
• Manage the day-to-day log collection activities of source devices that send log data to SIEM HP Arcsight
• Managed and monitored McAfee EPO 4.6. Installed Linux/Windows agents and Virus Scan Enterprise
• Recommended Web Sense Internet proxy and Web Security Gateway Anywhere to manage corporate Internet proxy traffic and supporting infrastructure
• Access control for browsing, Authentication for all hits from browsing on proxy servers, maintenance of proxy logs for forensic purpose
• Maintain McAfee antivirus applications and appliance, including ePolicy Orchestrator, VSE 8 and 8.5, and Secure Content Manager SCM 3200 SPAM, Virus, and content filtering of web and email traffic.
• Develop Knowledge base of various challenges faced in implementing SIEM solution and maintaining it.
• Dashboard / Enterprise dashboard customization for various team based on the log source type requirements.

Environment: Tripwire, HP Arcsight,McAfee, UNIX, SQL, TOAD, SPLUNK.

Confidential, FL

Postdoctoral Research Associate

Responsibilities:

• Performed high level research in Computational Organic Chemistry.
• Used Supercomputers (CRAY, IBM SP2 - SP4, HPC Linux Clusters) with Unix/Linux OS. Wrote shell scripts depending upon the Linux/Unix system, Wrote programs (Fortran, C++ and Python) and compiled according to the research problems. Used PYTHON, MATLAB to run some secondary computations, after collecting data from computational chemistry software.
• Gained experiences in administrating Linux cluster (20 nodes) from a desktop apps which allowed me to monitor day-to-day status of each node.
• Used Computational chemistry software, GAUSSIAN, SPARTAN, JAQUAR, ADF, MACROMODEL, MOPAC, CHARMM, AMBER, etc. including molecular modeling programs. Installed in various platforms, compiled and tested how these software work. For example, at FSU RCC, A parallel version of GAUSSIAN 03 program was tested first and the final report on the testing was given to the Assistant Director (2005). Used various chemical structure drawing programs, CHEMDRAW, ISISDRAW, ACCELRYS DRAW, BIOVIA DRAW etc.