We provide IT Staff Augmentation Services!

Splunk Engineer Resume

SUMMARY

  • 7+ years aggregate IT experience with strong troubleshooting skills, extensive knowledge and proficiency in SPLUNK, system and database administration. Worked extensively across windows/Unix and Linux platforms. Proficient in Cyber Security Analysis using RMF and FISMA compliance. Have excellent communication skills, great team player with a fast learning curve. Work perfectly and effectively under stressful conditions where speed and accuracy are necessary

AREAS OF EXPERTISE

  • Splunk implementation and management
  • System Monitoring and Performance tuning
  • Database/system Upgrade and Migration
  • Data integrity and security
  • Splunk Enterprise Security
  • AWS/AZURE
  • Dashboard creation and monitor
  • Hardware and software support and troubleshooting
  • REGEX and Applications
  • SIEM(SPLUNK ES)
  • SPL
  • Active directory
  • SQL
  • RMF
  • NIST 800 Series publications
  • FISMA Compliance
  • A&A
  • SAP
  • SCA
  • POA&M

PROFESSIONAL EXPERIENCE

SPLUNK ENGINEER

Confidential

Responsibilities:

  • Installation of Splunk and components such as forwarder, search head, and indexer
  • Management of the Splunk Deployment server in a cluster environment.
  • Create apps to manage deployment clients on the deployment server
  • Management of Splunk in medium to large environments including distributed forwarders, indexers and search heads.
  • Perform data onboarding of new data into Splunk, and performance tuning and monitoring
  • Managing Splunk License quota
  • Create custom Apps and Add - ons for various components of Splunk including Universal forwarders, search heads to interact with 3rd party software/hardware.
  • Splunk administration experience with installation, configuration, clustering and monitoring of system logs.
  • Writing REGEX to map client sensitive data.
  • Have experience working with the Linux environment, editing and maintaining Splunk configuration files and apps.
  • Building dashboards, and data models, highlighting the key trends of the data.
  • Work with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards.
  • Develop dashboards with visual metrics and data normalization using CIM for stakeholders
  • Maintain and manage Splunk, frontend and backend
  • Manage SPLUNK user accounts (create, delete, modify, etc.)
  • Utilize AWS cloud administration, create EC2 Instances and IAM
  • Share point, Remedy, and ServiceNow administration
  • Scripting using Shell, Bash, writing and modifying complex SPL queries for reporting purposes.
  • Standardize and implement Splunk Universal Forwarder deployment, configuration and maintenance in Linux and Windows platforms

INFORMATION SECURITY ANALYST

Confidential

Responsibilities:

  • Assist the ISSO with daily tasks including reviewing the RMF using NIST 800-37 in various assessment and authorization projects.
  • Perform detail Security Assessment on HUBZone, DataPipe, Salesforce and MS Azure cloud systems by ensuring that costumer responsibility statement and FedRAMP packages are well implemented.
  • Perform continuous monitoring on the HUBZone, DataPipe, Salesforce and MS Azure
  • Create Security Assessment Plan (SAP) for assessment schedule, tools, and personnel documentation
  • Conduct the assessment kickoff meetings and security controls interview meeting with the ISSOs, system owners, and other system stakeholders
  • Conduct Security Control Assessment (SCA) using NIST SP 800-53A as a guide for determining assessment methods/test guide
  • Create Requirement Traceability Matrix (RTM)/Test cases to document assessment works/results
  • Develop and update System Security Plan (SSP) to provide an overview of the system security control requirements using NIST 800-18 as guide.
  • Assist with POA&M management by ensuring the systems’ POA&M items have been closed or updates provided where necessary in the CSAM
  • Conduct IT Security Risk Assessment and review security controls for any deficiencies and report to the ISSO for appropriate mitigation actions
  • Summarize final System Risk in the Security Assessment Report (SAR)
  • Assist in preparation of authorization letter, assembly and submission of Authorization package to the Authorizing Official (AO) for signature
  • Perform vulnerability assessment using Tenable Nessus vulnerability scanning tool
  • Review security documents such as System Security Plan, and the A&A package.

INFORMATION SECURITY ANALYST

Confidential

Responsibilities:

  • Security Control Assessment, determining the Security Controls (Management, Operational, and Technical) effectiveness, documenting findings and providing recommendations for addressing weaknesses or vulnerabilities in a Security Assessment Report (SAR) and populate it in CSAM.
  • Developed solutions to security weaknesses in the Requirement Traceable Matrix (RTM) and SAR, while working on POA&M remediation and Corrective Action Plan (CAP).
  • Reviewed and updated policies, procedures, security scan results and system settings in order to address controls that were deemed insufficient during Assessment and Authorization (A&A), RMF, continuous monitoring, and FISMA audits.
  • Coordinate and track remediation of security weaknesses as they are discovered, via the Plan of Actions and Milestones (POA&M).
  • Facilitated all phases of Assessment and Authorization for various software systems and networks using NIST 800-37 Risk Management Framework, security tools/software and planning with all the stakeholders involved to ensure the process is completed on time.
  • Achieve FISMA compliance and Authority to Operate (ATO) for systems based on guidance from the NIST SP 800-37 Risk Management Framework (RMF).

Hire Now