SUMMARY

• 7+ years aggregate IT experience with strong troubleshooting skills, extensive knowledge and proficiency in SPLUNK, system and database administration. Worked extensively across windows/Unix and Linux platforms. Proficient in Cyber Security Analysis using RMF and FISMA compliance. Have excellent communication skills, great team player with a fast learning curve. Work perfectly and effectively under stressful conditions where speed and accuracy are necessary

AREAS OF EXPERTISE

• Splunk implementation and management
• System Monitoring and Performance tuning
• Database/system Upgrade and Migration
• Data integrity and security
• Splunk Enterprise Security
• AWS/AZURE
• Dashboard creation and monitor
• Hardware and software support and troubleshooting
• REGEX and Applications
• SIEM(SPLUNK ES)
• SPL
• Active directory
• SQL
• RMF
• NIST 800 Series publications
• FISMA Compliance
• A&A
• SAP
• SCA
• POA&M

PROFESSIONAL EXPERIENCE

SPLUNK ENGINEER

Confidential

Responsibilities:

• Installation of Splunk and components such as forwarder, search head, and indexer
• Management of the Splunk Deployment server in a cluster environment.
• Create apps to manage deployment clients on the deployment server
• Management of Splunk in medium to large environments including distributed forwarders, indexers and search heads.
• Perform data onboarding of new data into Splunk, and performance tuning and monitoring
• Managing Splunk License quota
• Create custom Apps and Add - ons for various components of Splunk including Universal forwarders, search heads to interact with 3rd party software/hardware.
• Splunk administration experience with installation, configuration, clustering and monitoring of system logs.
• Writing REGEX to map client sensitive data.
• Have experience working with the Linux environment, editing and maintaining Splunk configuration files and apps.
• Building dashboards, and data models, highlighting the key trends of the data.
• Work with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards.
• Develop dashboards with visual metrics and data normalization using CIM for stakeholders
• Maintain and manage Splunk, frontend and backend
• Manage SPLUNK user accounts (create, delete, modify, etc.)
• Utilize AWS cloud administration, create EC2 Instances and IAM
• Share point, Remedy, and ServiceNow administration
• Scripting using Shell, Bash, writing and modifying complex SPL queries for reporting purposes.
• Standardize and implement Splunk Universal Forwarder deployment, configuration and maintenance in Linux and Windows platforms

INFORMATION SECURITY ANALYST

Confidential

Responsibilities:

• Assist the ISSO with daily tasks including reviewing the RMF using NIST 800-37 in various assessment and authorization projects.
• Perform detail Security Assessment on HUBZone, DataPipe, Salesforce and MS Azure cloud systems by ensuring that costumer responsibility statement and FedRAMP packages are well implemented.
• Perform continuous monitoring on the HUBZone, DataPipe, Salesforce and MS Azure
• Create Security Assessment Plan (SAP) for assessment schedule, tools, and personnel documentation
• Conduct the assessment kickoff meetings and security controls interview meeting with the ISSOs, system owners, and other system stakeholders
• Conduct Security Control Assessment (SCA) using NIST SP 800-53A as a guide for determining assessment methods/test guide
• Create Requirement Traceability Matrix (RTM)/Test cases to document assessment works/results
• Develop and update System Security Plan (SSP) to provide an overview of the system security control requirements using NIST 800-18 as guide.
• Assist with POA&M management by ensuring the systems’ POA&M items have been closed or updates provided where necessary in the CSAM
• Conduct IT Security Risk Assessment and review security controls for any deficiencies and report to the ISSO for appropriate mitigation actions
• Summarize final System Risk in the Security Assessment Report (SAR)
• Assist in preparation of authorization letter, assembly and submission of Authorization package to the Authorizing Official (AO) for signature
• Perform vulnerability assessment using Tenable Nessus vulnerability scanning tool
• Review security documents such as System Security Plan, and the A&A package.

INFORMATION SECURITY ANALYST

Confidential

Responsibilities:

• Security Control Assessment, determining the Security Controls (Management, Operational, and Technical) effectiveness, documenting findings and providing recommendations for addressing weaknesses or vulnerabilities in a Security Assessment Report (SAR) and populate it in CSAM.
• Developed solutions to security weaknesses in the Requirement Traceable Matrix (RTM) and SAR, while working on POA&M remediation and Corrective Action Plan (CAP).
• Reviewed and updated policies, procedures, security scan results and system settings in order to address controls that were deemed insufficient during Assessment and Authorization (A&A), RMF, continuous monitoring, and FISMA audits.
• Coordinate and track remediation of security weaknesses as they are discovered, via the Plan of Actions and Milestones (POA&M).
• Facilitated all phases of Assessment and Authorization for various software systems and networks using NIST 800-37 Risk Management Framework, security tools/software and planning with all the stakeholders involved to ensure the process is completed on time.
• Achieve FISMA compliance and Authority to Operate (ATO) for systems based on guidance from the NIST SP 800-37 Risk Management Framework (RMF).