SUMMARY

• 10+ years of IT experience and 6+ years of experience with Splunk - Enterprise Splunk, Splunk DB Connect, Splunk configuring, implementing, and supporting Splunk Server Infrastructure across Windows, UNIX and Linux.
• Extensive knowledge of Splunk architecture and various components. Passionate about Machine data and operational Intelligence.
• Expert in Splunkenterprise architecture such as Search Heads, Indexers, Deployment server, Deployer, License Master, Heavy/Universal Forwarders.
• Experience analyzing network, event, and security logs on premise and cloud.
• Installed and implemented Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process.
• Expert in installing and using Splunk apps for Unix and Linux (Splunk nix).
• Used Time chart attributes such as Span, Bins, Tag, and Event Types. Created and configured management reports and dashboards.
• Maintained and improved existing Internet/Intranet applications.
• Created test cases during two week sprints using agile methodology.
• Wrote multiple programs in Python to monitor virtual machine usage data using VMWare API calls.
• Automated Regression analysis for determining fund returns based on index returns (Python/Excel)
• Experience in cloud based technologies such as S3, Redshift and with NoSql stores such as MongoDB.
• Experience with Splunk Searching and Reporting modules - (Splunk ITSI and Enterprise Security App) Knowledge Objects, Administration.
• Experience with administrating the Atlassian product line (Jira, Agile, Confluence, etc.)
• Experience with other Splunk premium applications - ITSI, UBA, ES, Hunk.
• Administer JIRA (Core and Software), Crucible, Confluence, Bamboo, BitBucket Server, and Crowd instances, and formulate technical solutions using JIRA and associated JIRA plugins/Atlassian Products.
• Create JIRA projects, queries and reports as needed.
• Create custom workflows, post functions, validators.
• Design & manage JIRA/Confluence queries, dashboards for metrics reporting for various teams.
• Experience on Data Analytics, Advanced Data Analytics, Visualization, Advanced Visualization, Dashboard Customization, and Advanced Dashboard Customization in Splunk.
• Designed and implemented the RESTApi for the UI screen through the mobile user can look-up the available health plans and monthly premium against each of them by taking the zip code as the parameter.
• Worked closely with the stakeholders & solution architect.
• Ensuring architecture meets the business requirements.
• Discovered data acquisitions opportunities
• Designed and developed ArcSight architecture components and related upgrades.
• Prepared system plans and executed ArcSight architecture modifications.
• Managed, upgraded and maintained operational data flows and ArcSight platforms.
• Analyzed ArcSight and related tools and resolved IT security failures.
• Implemented and managed ArcSight ESM and Connectors at multiple locations.
• Provided support to content development tasks and analyzed ArcSight data sources.
• Designed and implemented the RESTApi for the UI screen through the mobile user can leave their phone number and the convenient time so as to have the Customer Service Representative would call them back at the provided number and as per their mentioned convenient time.
• Experience on Splunk Enterprise Deployments and enable continuous integration as part of configuration using (props.conf, Transforms.conf, Input.conf&Output.conf, Deployment.conf) management.
• Experience in Create and Manage Splunk DB connects Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
• Experience in using Build Automation tools and Continuous Integration concepts by using tools like ANT, Jenkins and Maven
• Experience in using Configuration Management tools like Puppet, Chef, Ansible.
• Developed Puppet modules to automate application installation and configuration management.
• Cloud computing and Virtualization.
• Knowledge on Cloud technologies, Enterprise security.
• Understanding of cloud-computing concepts.
• Splunk data onboarding operations (inputs, SQL, index-time configurations)
• Experience in interacting with customers and onboarding, configuring, and optimizing Splunk and ES
• Experience in interacting with clients and onboarding, configuration, and optimization with SPLUNK and ES
• Onboard new log sources with log analysis and parsing to enable SIEM correlation.
• Onboard and normalize new security event data into Splunk & big data platforms
• Experience on Splunk query language and Monitored Database Connection Health by using Splunk DB connect health dashboards.

TECHNICAL SKILLS

Splunk: Splunk 5.x and 6.x 7.x 7.1, Splunk Enterprise, Splunk on Splunk, Splunk DB 2 Connect, Splunk Cloud, Hunk, Splunk IT Service Intelligence, Splunk Web Framework

Operating Systems: Windows 2000, XP, Win 10, Windows Server, Unix/Linux (Red Hat), Free BSD

Data Analysis: Requirement Analysis, Business Analysis, detail design, data flow diagrams, data definition table, Business Rules, data modeling, Data Warehousing, system integration

RDBMS: Oracle 11g/10g/9i/8i, MS-SQL Server 2000/2005/2008 , Sybase, DB2 MS Access, Mysql

Web Technologies: HTML, DHTML, JavaScript, XML, XSL, XSLT, REST, SOAP

Web/App Servers: Apache Tomcat 6.0, web logic8.1/9.2, web sphere 6.0

Concepts: SDLC, Object Oriented Analysis and Design, Unified Modeling Language (UML), Assembly and System Level Testing, exposure in Agile.

Programming Language: C, C++, Java with Big Data, Python, UNIX shell scripts

Cloud Infrastructure: OpenStack, Windows Azure (ARM, storage, AD, PaaS,DMA)and Amazon AWS (EC2, S3/Glacier, Route53, VPC, EBS and Security Groups)

PROFESSIONAL EXPERIENCE

Confidential, Pasadena, CA

Senior Splunk Developer

Responsibilities:

• Create documentation on build, deployment, and sustainment processes and procedures for application use in cloud capable datacenter.
• Integrating other security tools to Splunk SEIM (Enterprise security)
• Adding IOC’s and Threat feed to Enterprise for monitoring and detection
• Familiar with common network vulnerability/penetration testing tools including, Metasploit, vulnerability scanners, Kali Linux, and Nmap.
• Integrated with Vulnerability management tool, Qualys and created process Dashboards.
• Experience with Active Directory, Log management tools and Vulnerability assessment tools.
• Have knowledge on vulnerability management, including application of DoD STIGs and Cybersecurity control audits and assessments.
• Conducted risk and vulnerability assessment at the network, system and application level.
• Standardize Splunk agent (Forwarders) deployment, Configuration and maintenance across a variety of UNIX and Windows platforms.
• Migrated Splunk 6.5 from bare metal servers to AWS.
• Create and Manage Private Lab with Dell PowerEdge and AWS to host Splunk Clustered Environment.
• Create Script to save old data into AWS Glacier.
• Installed and configured the following applications: DbConnect, Hunk, Microsoft Exchange App, AWS splunk App, Cisco Network App.
• Cloud experience on OpenStack private cloud, Windows Azure and Amazon). Assist to design, configure, manage, and maintain the deployment and operations in Amazon EC2, AWS, VPC, S3, Elastic Search services and creating security groups.
• Experience with Unix, Windows, VMWare, AWS environments, as well as be comfortable with command line interfaces.
• Responsible for creating/versioning/testing of scripts (Bash, PowerShell), AWS Cloud Formation templates, Chef, Nagios, Maven/Ant, Git, Jenkins, Perl, and Ruby to achieve a high-level of automation.
• Experience in managing AWS Splunk instances and integration with on prem Splunk Enterprise
• Manage and administer JIRA/Confluence/BitBucket add-ons, plugins, and extensions.
• Document results of JIRA workflows and process audits.
• Develop guides and documentation for JIRA features and best practices.
• Strong knowledge of the underlying JIRA database structures.
• Upgrade, configure and build complex workflows via native JIRA capabilities and customization.
• Development experience utilizing Atlassian REST services and JIRA plugins using the Atlassian SDK
• Responsible for creating/versioning/testing of scripts (Bash, PowerShell), AWS Cloud Formation templates, Chef, Nagios, Maven/Ant, Git, Jenkins, Perl, and Ruby to achieve a high-level of automation.
• Installed and configured splunk Enterprise environment on linux, Configured Universal and Heavy forwarder.
• Supported system administration activities on Linux OS and Splunk Enterprise and related applications.
• Create documentation on build, deployment, and sustainment processes and procedures for application use in cloud capable datacenter.
• Installed, configured, and updated Splunk Enterprise and Splunk Enterprise Security environments in a multi-site environment, following best practices from Splunk PS.
• Built and integrated contextual data into the notable events, and workflow within Splunk Enterprise Security Suite.
• Installed, Configured, Maintained, Tuned and Supported Splunk Enterprise server7.x/6.x/5.x.
• Expert knowledge on Security Information and Event Management Platforms (SIEM) - specifically SPLUNK
• Practical experience with monitoring technologies from CA, HP, IBM, Dynatrace, Dell, etc.
• Technical tool ownership and administrative experience with one or more tools within the Dynatrace Performance Monitoring Suite.
• Experience using Application Performance Management (APM) tools (e.g. AppDyanmics, DynaTrace, New Relic, CA Introscope APM, HP Diagnostics)
• Dynatrace Application Monitoring administration, configuration and migration.
• Splunk architecture and design for both on premise and AWS cloud.
• AWS and Azure cloud security.
• Responsible for creating/versioning/testing of scripts (Bash, PowerShell), AWS Cloud Formation templates, Chef, Nagios, Maven/Ant, Git, Jenkins, Perl, and Ruby to achieve a high-level of automation.
• Writing Splunk Queries, Expertise in searching, monitoring, analyzing and visualizing Splunk logs.
• Experience in alert handling, standard availability and performance report generation. Experience in root cause analysis of post-production performance related issues through Splunk tool.
• Designed Splunk Cloud Architecture to Integrate with Windows Infrastructure.
• Configuration of inputs.conf and outputs.conf to pull the XML based events to splunk cloud indexer.
• Used Splunk Cloud to Collect and Index Data. Collect machine data from virtually any source and location.
• Used Splunk Cloud for creating, updating, deleting, and viewing properties of indexes.
• Used Splunk Cloud for modifying the retention settings for individual indexes.
• Used Splunk Cloud for deleting data from indexes.
• Used Splunk Cloud for optimizing search performance by managing the number of indexes and the data sources that are stored in specific indexes.
• Included security groups, network ACLs, Internet Gateways, and Elastic IP's to ensure a safe area for organization in AWS public cloud.
• Wrote Ansible Playbooks with PythonSSH as the Wrapper to Manage Configurations of AWS Nodes and Test Playbooks on AWS instances using Python .Experience with Puppet to more easily manage enterprise Puppet deployments.
• Expert in HBase, REST Web Services, R Python along with Splunk, Spark MLLIB, Spark Streaming.
• Expertise in BigData, Hadoop, Splunk, JVM, Python technologies.

Confidential, Pasadena, CA

Senior Splunk Engineer/ Administrator

Responsibilities:

• Good Experience working with the health care EDI Files such as 837s, 835s, 277s.
• Execute on new projects and data/user onboarding
• Experience in AWS platform and its features including IAM, EC2, EBS, VPC, RDS, Cloud Watch, Cloud Trail, Cloud Formation AWS Configuration, Autoscaling, Cloud Front, S3, SQS, SNS, Lambda and Route53.
• Wrote python scripts to manage AWS resources from API calls using BOTO SDK also worked with AWS CLI.
• Used IAM to create new accounts, roles and groups and policies and developed critical modules like generating amazon resource numbers and integration points with DynamoDB, RDS.
• Wrote CI/CD pipeline in Groovy scripts to enable end to end setup of build & deployment using Jenkins.
• Wrote Ansible Playbooks using Python SSH as Wrapper for Managing Configurations of my servers, Nodes, Test Playbooks on AWS instances using Python. onfiguring, Automating and Deploying Chef, Puppet and Ansible for configuration management to existing Infrastructure.
• Used Ansible and Ansible Tower as Configuration management tool, to automate repetitive tasks, quickly deploys critical applications, and proactively manages change.
• Wrote Python Code using Ansible Python API to Automate Cloud Deployment Process.
• Developed Python Modules for Ansible Customizations.
• Syslogs and network devices/infrastructure logs, application logs onboarding
• Exposed to Splunk configuration required to onboard data into Splunk
• Gook knowledge of using the xml format data to analyse and implement the search functions to extract the medical claims and their status reports according to the business users.
• Hands on experience in designing the reports and dash boards of different category of claims at different stages.
• Maintain and manage the application error during production.
• Report generation and customization.
• Perform the periodic check the logs of all the recent jobs done and escalating the issue if there is any error.
• Assisted internal users of Splunk in designing and maintaining production-quality dashboard.
• Used Data meter to analyse the transaction data for the client.
• Enhancing the information by adding external lookups data to the existing raw data.
• Involved in helping the ETL developers in conversion of raw data to B2B format to feed the xml format data into the splunk indexers.
• Provided complex engineering analysis and support for firewalls, routers, networks and operating systems. Performs and evaluates vulnerability scans within a multi-platform, large enterprise environment.
• Vulnerability Scanning: Initial setup, testing, and configuration of DbProtect/AppDetective database vulnerability scanner, Vulnerability scanning and assessments with tools including Tenable Security Center, Nessus, TripWire, Qualys, TrustwaveDbProtect and HP Web Inspect.
• Using DB connect for real-time data integration between SplunkEnterprise and databases.
• Analyzing in forwarder level to mask the customer sensitive data able to manage distributed search across set of indexers.
• Using DB connect for real-time data integration between SplunkEnterprise and databases.
• Analyzing in forwarder level to mask the customer sensitive data able to manage distributed search across set of indexers.
• Strong experience in automating Vulnerability Management patching and CI/CD using Chef and other tools like GitLab, Jenkins, and AWS/Open Stack.
• In depth Knowledge of AWS cloud service like Compute, Network, Storage and Identity & access management.
• Hands-on Experience in configuration of Network architecture on AWS with VPC, Subnets, Internet gateway, NAT, Route table.
• Perform troubleshooting and monitoring of the Linux server on AWS using Zabbix, Nagios and Splunk .
• Management and Administration of AWS Services CLI, EC2, VPC, S3, ELB Glacier, Route 53, Cloudtrail, IAM, and Trusted Advisor services.
• Created automated pipelines in AWS CodePipeline to deploy Docker containers in AWS ECS using services like CloudFormation, CodeBuild, CodeDeploy, S3 and puppet .
• Responsible to filter the unwanted data in heavy forwarder level thereby reducing the license cost.
• Worked with administrators to ensure Splunk is actively, accurately running, and monitoring on the current infrastructure implementation.
• Worked on properly creating/maintaining/updating necessary documentation for Splunk Apps, dashboards, upgrades and tracked issues.
• Developed Dev/Test/Prod environments of different applications on AWS by provisioning Kubernetes clusters on EC2 instances using Docker, Bash, Chef, and Terraform.
• Provided On-call support for various production applications.
• Administered various shell and Python scripts for monitoring and automation.
• Extensive experience on setting up the Splunk to monitor the customer volume and track the customer activity.
• Administering the MS SQL Server by Creating User Logins with appropriate roles, dropping and locking the logins, monitoring the user accounts, creation of groups, granting the privileges to users and groups.

Environment: Splunk Enterprise Server 6.4, 6.5.2,7.x.x Universal Splunk Forwarder 6.3, Windows, Windows 2008 R2, XML SPL.

Confidential, Dallas, Texas

Senior Splunk Engineer/ Architect

Responsibilities:

• Designed Splunk Enterprise 6.5 and 7.0,7.1 infrastructure to provide high availability by configuring clusters across two different data centers.
• Create documentation on build, deployment, and sustainment processes and procedures for application use in cloud capable datacenter
• Installed, Configured, Maintained, Tuned and Supported Splunk Enterprise server7.x/6.x/5.x.
• Architect and Implement Splunk arrangements in exceptionally accessible, repetitive, conveyed figuring situations.
• Performed Field Extractions and Transformations using the RegEx in Splunk.
• Designed the large scale job scheduling mechanism for mortgage underwriting operation teams
• Monitor and support services with a variety of services such as Splunk (ES, UBA, ITSI & ITOA), SCOM & OMS 2016, SCCM, AppDynamics, ExtraHop and other proprietary systems
• Expert knowledge on Security Information and Event Management Platforms (SIEM) - specifically SPLUNK
• Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields into Splunk.
• Writing Splunk Queries, Expertise in searching, monitoring, analyzing and visualizing Splunk logs.
• Experience in alert handling, standard availability and performance report generation. Experience in root cause analysis of post-production performance related issues through Splunk tool.
• Verified if the data model helps in retrieving the required data by creating data access paths in the data model.
• Installed and configured Splunk Universal Forwarders on both UNIX (Linux, Solaris, and AIX) and Windows Servers.
• Monitored the Splunk infrastructure for capacity planning, scalability, and optimization.
• Experienced in using Splunk- DB connect for real-time data integration between Splunk Enterprise and rest all other databases.
• Installed & configured and managed SplunkEnterprise Server 5.x/4.x, Splunk Universal Forwarder 5.x/4.x on various platforms like Windows Server, UNIX, Solaris.Tuned and Supported SplunkEnterprise Server 5.0.
• Worked on various components in Splunkenterprise architecture such as Search Heads, Indexers, Deployment server, Deployer, License Master, Heavy/Universal Forwarders etc.
• Developed Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
• Worked on multiple Splunk SPL functions to create new fields during search.
• Used Splunk for Application Log, Security Log and Performance monitoring.
• Configured Splunk multisite indexer cluster for data replication.
• Developed Splunk infrastructure and related solutions as per automation tool sets.
• Knowledge of security threats and vulnerabilities and how to detect and mitigate them, experience in building security monitoring and incident management solutions using Splunk.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Configured up to 10 standard data sources based on use case scenarios to support the underlying security requirements.
• Experience in DNS, NFS, NIS, LDAP, Samba, remote access security management and troubleshooting in Red Hat Linux.
• Created bash shell scripts to receive info on various Linux servers.
• Configured Send mail Utility on Linux servers.
• Conducted technical documentation for various projects in collaboration with Technical writers.
• Administered and created new users, groups and secured access and restrictions to files and directories.
• Managed virtual memory and swap space on RHEL servers.
• Involved in monitoring trouble ticket queue in order to attend user system calls, attended team meetings, change control meetings to update upcoming changes in environment.
• Server management using HP iLO& SPARC ALOM/ILOM.
• Virtual IP configuration & management using Citrix NetScalers.
• VMWare Virtual Machine management using vSphere client.
• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.

Environment: Splunk Enterprise Server 6.4, 6.5.2,7.x.x Universal Splunk Forwarder 6.3, Windows, Windows 2008 R2, XML SPL.

Confidential

Senior Splunk Engineer/ Administrator

Responsibilities:

• Installed, Configured, Maintained, Tuned and Supported Splunk Enterprise Server 6.0 and Splunk Universal Forwarder 6.0.
• Administered a complex cluster based environment involving search heads in a cluster while the indexers are in standalone mode.
• Configured Splunk forwarder to send unnecessary log events to "Null Queue" using props and transforms configurations.
• Created and configured management reports and dashboards in Splunk for application log monitoring.
• Responsible for developing Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
• Extensive experience on setting up the Splunk to monitor the customer volume and track the customer activity.
• Have involved as a Splunk Admin in capturing, analyzing and monitoring front end and middle ware applications.
• Created Splunk app for Enterprise Security to identify and address emerging security threats using continuous monitoring, alerting and analytics.
• Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Bootstrap scripts, Outputs.conf and Inputs.conf files.
• Extensively used Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Responsible to filter the unwanted data in heavy forwarder level thereby reducing the license cost.
• Worked with administrators to ensure Splunk is actively, accurately running, and monitoring on the current infrastructure implementation.
• Worked on properly creating/maintaining/updating necessary documentation for Splunk Apps, dashboards, upgrades and tracked issues.
• Provided On-call support for various production applications.
• Administered various shell and Python scripts for monitoring and automation.
• Extensive experience on setting up the Splunk to monitor the customer volume and track the customer activity.
• Administering the MS SQL Server by Creating User Logins with appropriate roles, dropping and locking the logins, monitoring the user accounts, creation of groups, granting the privileges to users and groups.
• Responsible for Analysis, Design, Coding, Debugging and testing the processes/programs that are necessary to extract data from Operational Databases, transforming and cleaning the data and loading it to data ware house.

Environment: Splunk Enterprise Server 6.4, 6.5.2,7.x.x Universal Splunk Forwarder 6.3, Windows, Windows 2008 R2, XML SPL

Confidential, Florida

Splunk Developer

Responsibilities:

• Installed & configured and managed SplunkEnterprise Server 5.x/4.x, Splunk Universal Forwarder 5.x/4.x on various platforms like Windows Server, UNIX, Solaris.Tuned and Supported SplunkEnterprise Server 5.0.
• Worked on various components in Splunkenterprise architecture such as Search Heads, Indexers, Deployment server, Deployer, License Master, Heavy/Universal Forwarders etc.
• Developed Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
• Worked on multiple Splunk SPL functions to create new fields during search.
• Used Splunk for Application Log, Security Log and Performance monitoring.
• Configured Splunk multisite indexer cluster for data replication.
• Developed Splunk infrastructure and related solutions as per automation tool sets.
• Knowledge of security threats and vulnerabilities and how to detect and mitigate them, experience in building security monitoring and incident management solutions using Splunk.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Create dashboard from search, Scheduled searches o Inline search vs scheduled search in a dashboard.
• Configured up to 10 standard data sources based on use case scenarios to support the underlying security requirements.
• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
• Designed, Coded, Tested, Implemented the Stored Procedures to support the System.
• Fixed bugs in the existing in-house developed Software which is used to upload the reports for the end users to view the reports.
• Created records, tables, collections (nested tables and arrays) for improving Query performance by reducing context switching.
• Participated in code reviews in Oracle Views, Pl/SQL Procedures to understand the testing needs of the change components.
• Involved in writing PL/SQL Packages, Functions, Stored Procedures, and Data Base Triggers.
• Created huge database packages with related functions and procedures.
• Added database triggers to some history tables of the database.
• Created and configured SQL mail to send mail as events occur.