PROFESSIONAL EXPERIENCE:

Confidential, West Chester, PA

Architect/Admin/Developer

Responsibilities:

• Part of the IT security team responsible for PCI/SOX compliance by means of onboarding PCI/SOX logs into splunk and long log retention period for compliance purpose (aged data in splunk cold bucket).
• Practical experience in architecture and design of medium - to-large splunk deployment and its various components like Search head clustering (SHC), Indexer clustering, deployment servers, heavy forwarders.
• Managed/deployment of 10 search-heads 15 indexers and 3500 universal forwarders (AIX/Linux/Solaris/UDP).
• Managed onboarding of logs for TCP(Unix/AIX/Linux) and UDP hosts into splunk
• UDP hosts include Infoblox/RSA token/Cluecoat/Cyberark/Firewalls/ESX/Routers/Switches/Trendmicro
• Implemented Log Tuning by placing customized prop/transforms on respective sourcetypes
• Implemented and configured associated Splunk apps (Windows Infrastructure/Splunk Health overview/SOS/DB Connect/TrendMicro/Deployment Monitor/Palo Alto/Cisco Suite)
• Setting up of complex reports/alerts based on lookups/field extractions/ldapsearch/ldapfetch/ldapfilter
• Knowledge of various Splunk components like deployment server/indexers/search-heads/heavy forwarder. Running syslog and Splunk on same server and utilizing splunk UF to forward syslog logs.
• Familiar with deployment server, serverclass, apps, phoning home concept.
• Excellent troubleshooting skills by utilizing Splunk btool utility, SOS app, Splunk health overview app.
• Knowledge of Role based access control(RBAC), LDAP AD authentication in Splunk, role mapping
• Extensive knowledge of splunk data objects like field extractions/lookups creation/macros/alerts/report
• Extensive knowledge of Splunk indexing (hot/warm/cold/frozen/thawed) buckets
• Creation of Standard Operating procedures for splunk administration, version/patch management.
• Create Splunk Applications and deploy using Splunk Deployment Server
• Create Splunk Search Processing Language (SPL) queries, Reports & Dashboards.

Confidential, Franklin Lakes, New Jersey

Responsibilities:

• Install/Configure Splunk indexer and Splunk forwarder on new server(s)
• Provision new applications and new users based on their role.
• Assist in creating reports, dashboard and applications. Applying hot fixes/upgrade.
• Scheduling new Jobs and Monitor/investigate license usage, configure new data inputs/sources.
• Generate reports on usage, health check for indexers and forwarders

Confidential, Charlotte, NC

Responsibilities:

• Upgrade splunk enterprise/splunk forwarder from 4.x version to 6.1
• Knowledge of Splunk Processing Language (SPL), Install and operationalize splunk apps like fireeye, S.O.S.
• Deploy and test functionality of Universal Forwarder packages globally on Windows/Unix hosts
• Knowledge of splunk indexer/search head/search peers/distributed search environment
• Troubleshoot issues with Splunk Deployment Server configuration
• Daily administration tasks like adding logs for universal forwarders, logs not visible in splunk, cosmetic User interface changes, app installation/upgrades, troubleshooting issues through btool or splunkd logs

Linux/AIX Administrator

Confidential

Responsibilities:

• Knowledge of Linux LVM, yum install for rpms. RPM repository list, HP chassis (pass through and VC).
• Implement network bonding (tagged vlan and untagged network), SAN multipathd, Kickstart installation.
• Day to day administration task like adding ASM disks, server monitoring (top, sar commands etc).
• Excellent problem solving and troubleshooting skills. Ability to multitask and drive the work to completion with satisfaction.
• Knowledge of IBM LPARs VIO, dual VIOS and IVM on baldes (PS700, PS701/702), NPIV, Power VM
• Managing cluster environment, resource group, cluster verification and synchronization, HACMP 5.5/6.1
• Creating/restriping new GPFS filesystem, expanding/creating GPFS cluster, adding nodes to GPFS cluster.
• AIX upgrade from 5.3 to 6.1/7.1 using NIM Alternate Disk Migration. Installation of BOS through NIM.
• Hands on knowledge with new installation/upgrade of HMC 7.3.0.4,7.7.1 and 7.7.2.
• Creating backups through mksysbs. restore files/BOS from mksysb. Micropartitioning concept
• TSM client configuration. TDPO, ITM/TEC client configuration, Samba configuration
• Mirroring rootvg, breaking mirror and replacing a failed drive in rootvg (Hot Plug task).
• Creating mksysb, LPP and SPOT resources for BOS installation.Booting new client from bootp though NIM.
• Third party software installation, upgrades/maintenance like CA-7, autosysR11, ndm, cdagent
• Bladecenter H Chassis. Upgrade I/O, blade firmwares, upgrade firmware pass-through Ethernet modules

Confidential

Associate Software Engineer

Responsibilities:

• Involved in the full SDLC for the utility Conflict of Interest in Trade beginning from requirement gathering, design documentation, design implementation, unit testing which adhere to the standard IT auditing.
• Developed an automation code for converting RTF files into PDF with the help of Adobe’s FDK as part of an internal requirement in the project. Worked in VBA and XML based framework as part of the development team.