PROFESSIONAL SUMMARY:

• Around 6 years of extensive work experience in Cloud platforms (AWS, Azure), Splunk Engineer, SQL Developer, and Monitoring Engineer including Building binaries, focus on designing, deploying and analysing security solutions, Cloud Implementations and Monitoring for entire Software Development life cycle (SDLC) model in Enterprise Applications with Agile, Scrum and Waterfall process.
• Project involves security event monitoring, analysis, triage incident alerting and reporting using Splunk Enterprise, Splunk ITSI, Splunk ES, Splunk Phantom, AppDynamics and more SIEM tools.
• Experience in Splunk, Linux/UNIX, SQL developer/DBA. Monitoring, Data Analytics performance tuning, Troubleshooting, and maintenance of Data Base, Application Servers like Web Sphere Application Server, IBM HTTP Server, Apache Web Server, Load Balancing, Splunk and data Power.
• Expertise in developing Splunk ITSI Services, KPI’s, Glasstables, Notable Events, Importing Entities, Multi - KPI alerting, service analysers.
• Experience in Splunk Administration for monitoring tools which include System Builds, Server builds, Installation, Upgrades, Patches, Migration, Troubleshooting, Security, Backup, Disaster Recovery, Performance and Fine-tuning on Red Hat Enterprise Linux 5.x/6.x/7.x, CentOS/OEL 5.x/6.x/7.x, SUSE Linux ES 10.x/11 & Windows Server 2008, 2008R2, 2012, Ubuntu using Kickstart Servers
• Good working knowledge of AWS Environment, EC2 instance, VPC flow logs, installing, configuring AWS.
• Hands on experience in installing Splunk agent, Splunk DB connect Splunk App for AWS
• Experience in creating Splunk apps for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics.
• Helping application teams in on-boarding Splunk and creating dashboards, alerts, reports etc. through end to end cycle from requirements gathering to turnover of the monitors.
• Develop custom app configurations (deployment-apps) within SPLUNK in order to parse, index multiple types of log format across all application environments.
• Experience with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
• Created and Managed Splunk DB connects Identities, Database Connections, Database Inputs, Outputs, lookups, access controls, macros, field extractions.
• Experience in Shell scripting and extensively used Regular expressions(Regex) in the search string and data anonymization.
• Experience on Splunk Enterprise Deployments and enabled continuous integration on as part of configuration (props.conf, Transforms.conf, Output.conf) management.
• Experience in Splunk search construction with the ability to create well-structured search queries that minimize performance impact.
• Experience in GIT, SVN for source version control with Splunk.
• Expertise in integration of Splunk alerts into ServiceNow and Unity for incident management.

TECHNICAL SKILLS:

Splunk Modules: Splunk 5x/6x Is 5.1 .5.3 6.1.3 , 6.2.3, 6.3, 6.6.2, 6.6.3, 7.0. Splunk DB Connect 1.x,2.x, Splunk SIEM and ES, Splunk on Splunk, Splunk App for VM ware, Oracle TOAD, SQL Loader, VMware, Splunk Web Framework, Splunk IT Service Intelligence(ITSI), Splunk Phantom

Operating Systems: Systems Red Hat Linux (4.x, 5.x, 6.x,7.x) Unix, Windows, Solaris (8,9,10), Solar Windows.

Data Warehousing: SSIS, SSRS, SSAS, Data Transformation Services (DTS), Business Intelligence Development Studio (BIDS), Enterprise Manager, Query Analyzer, BCP, DTS Analysis Manager, SQL profile

Databases: Oracle 11g/10g/9i/8i, MS-SQL Server 2000/2005/2008 , DB2 MS Access.

Scripting: Shell and Python

Web Technologies: HTML, XML, CSS, SPL

Cloud Platforms: Amazon AWS, Azure

Tools: Splunk Enterprise, Splunk ITSI, AppDynamics, SiteScope, Tivoli, Jira, Omnibus, Confluence, ServiceNow, Unity, Microsoft Visio

WORK EXPERIENCE:

Confidential, Malvern, PA

Splunk Engineer

Responsibilities:

• Executing a complete lifecycle of ITSI monitors from requirements gathering to developing a search, configuring Entities, adding Thresholds, creating a Glass table, alerting through Notable events and Episode Reviews and alerting to ServiceNow Event management.
• Installing and configuration of Splunk product upgrading version and Testing at different environments.
• Installing of Splunk Enterprise, Splunk forwarder, Splunk Indexer, Apps in multiple servers (Windows and Linux) with automation.
• Supporting and training the different app teams and prod support team members to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards.
• Installed, configured and manage Splunk Enterprise Security and supporting 1000’s of servers across the organisation.
• Monitored Splunk infrastructure for capacity planning, system health, availability, and optimization.
• Worked on monitoring different application servers, Message Queues, Website Monitoring, NGA applications, Linux and Windows process monitoring, SQL and Oracles databases, Control-M jobs.
• Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
• Creating SQL loader scripts to load data from flat files into the database and creating External Tables to manage data which is store at the OS level.
• Created Splunk App for Enterprise Security to identify and address emerging security threats using continuous monitoring, alerting and analytics.
• Using VMware for Cloud Computing and Splunk Virtualization Services.
• Worked on Amazon AWS, configuring, launching Linux and windows server instances for Splunk deployment.
• Dashboards and Reports to show Login count of each application, to show which app resources being accessed more, Number of failed logins, statistics on High hitting applications.
• Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms.
• Perform daily log reviews for Possible NOW's security infrastructure to include firewall, security gateways, system, network, SPLUNK, etc.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Created Lookups, macros, field extractions and Workflow actions for data enrichment.
• Worked on Prebuilt Security Co-relation Rules, Reports and Dashboards and helped the teams with dashboard creation guidelines and validating all the alerts created by app teams.
• Knowledge on Shell and python Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Outputs .conf and Inputs. conf files.
• Used Some App Dynamics to Check the data in Applications performance.
• Worked on different retention policies (Splunk Buckets).
• Worked with SIEM (security information and event management), Manage Splunk user accounts (create, delete, modify, etc.) Scripted SQL Queries in accordance with the Splunk.
• Interpreted and developed SIEM products to meet the internal and external and customer requirements.
• Maintain current functional and technical knowledge of the Splunk platform and future products.
• Managing Splunk Deployment Server for distributing configurations, apps, and content updates to groups of Splunk Enterprise instances.
• Performed POC on Dynatrace and other tracing tools to monitor the NGA services for all end to end tracing, 4XX/5XX errors, CPU, Mem, disk usage of all the web service instances.
• Added the alerts through notable event policies using correlation search with summary index, and sent them to ServiceNow using an addon.
• Supported around 400 app teams across the organization which include interaction with Business Analysts, App Developers, Test teams, Engineering teams and Production support groups.

Environment: Splunk 6.x Splunk Enterprise, Splunk ITSI, Splunk modules, Splunk DB connect, Splunk Citrix Xendesktop, SIEM, Web Logic server 8.x/9.x/10.x/11g,, Oracle 11g/10g, Me, web services, HTTP, HTML, XML, SSL, SIEM, AppDynamics, Sitescope, Python, ServiceNow, Jira, Confluence, Dynatrace.

Confidential, Malvern, PA

Splunk Developer/Admin

Responsibilities:

• Involved in various phases of Software Development Life Cycle (SDLC) including Analysis, Design, Testing, Implementation, and Maintenance.
• Created Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Installed and configured heavy, universal, and intermediate forwarders.
• Created data models and used report acceleration for faster searches.
• Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
• Creating efficient correlated search queries for both Splunk Enterprise alerts and Splunk Enterprise Security.
• Worked on AppDynamics as a monitoring tool.
• Managing Splunk instance hosted in AWS.
• ITSI integration with the information from these files across the ITSI app as part of ITSI workflows.
• Set up of Splunk dashboards for continuous monitoring for production support.
• Played a major role in understanding the logs, server data and brought insight of the data for the users.
• Designing and maintaining production-quality Splunk dashboards using XML.
• As part of SIEM, monitored notable events through Splunk Enterprise Security (Using V3.0).
• Able to make handle assumed names crosswise over application occasions and store data in Splunk storage Database (MongoDB).
• Onboard new log sources with log analysis and parsing to enable SIEM correlation
• Splunk and Python Script is used to show how these logs can be analyzed for certain Events / Patterns and deduce information which can, in turn, be used to Self-learn and Self-Heal when these events re-occur on a regular basis.
• Monitoring the performance of all the critical Servers using AppDynamics.
• Creation of Alerts and Dashboards Using AppDynamics
• Analyzed various types of charts Alert settings Knowledge of app creation, user, and role access permissions.
• Analyzed EVAL Functions where necessary to create new field during search run time.
• Splunk configuration that involves Saved search, summary search, and summary indexes.
• Integrated Splunk with Service now to create automatic incidents based on the alert.
• Helped in maintaining Splunk Instance and Monitoring the health of the Cluster.
• Extracted various fields using field extractor, field extractions (rex) and calculated fields to optimize the search performance and reduce the load on the search ahead.
• Use techniques to optimize searches for better performance, Search time vs. Index time field extraction and understanding of configuration files, precedence and working.
• Implement and configure SIEM software and appliance-based products in large enterprises.
• Continuous monitoring of the alerts received through emails to check if all the application servers and web servers are up.
• Configured various summary indexes by created saved searches to collect the aggregated data to run create dashboards on top of the summary index.
• Assisted various other power users in optimizing the searches.
• Worked on software development life-cycle (SDLC) process, followed Agile scrum and story maps for dev track.

Environment: Splunk 6.3.04,Splunk ITSI, Splunk Apps, Linux, XML, Splunk Tools, Search Processing Language (SPL), AppDynamics, Puppet, Python, SiteScope, Tivoli, Jira, Confluence, SVN.

Confidential, Dallas, TX

DevOps/Monitoring Engineer

Responsibilities:

• Developed and implemented Software Release Management strategies for various applications according to Agile process.
• Responsible for setting up new instances, migrating existing services from physical servers to AWS cloud.
• Worked with PaaS by utilizing the Cloud Foundry specifically pivotal CF, which should have implemented Cloud Solutions on AWS and worked on EC2, S3, ELB, Auto scaling Servers, Glacier, Storage Lifecycle rules, Elastic Beanstalk, Cloud Formation, Cloud Front, RDS, VPC, Route 53, Cloud watch, SNS and IAM &Roles.
• Working on Splunk to monitor all the critical applications across the division. Creating Splunk dashboards, services, KPI’s, alerts to provide end to end monitoring and integrate it with ServiceNow to generate incidents.
• Develop application level monitoring with Splunk dashboards across the division.
• Process monitoring with Tivoli on Linux servers, SiteScope for application health monitoring.
• Worked on the artifact repository called Nexus and moving the builds to it using Jenkins interface. Deploying J2EE Application archives (JAR, WAR, EAR and RAR) and Web-Based/E-Commerce on WebLogic Application Server and JBOSS 6.x/7.x
• Responsible for Continuous Integration (CI) and Continuous Delivery (CD) process implementation using Jenkins along with Shell scripts to automate routine jobs.
• Responsibilities include build/install/configure/upgrade and troubleshoot Linux servers, System monitoring, Performance tuning, Backup and Recovery.
• Administration of RHEL including but not limited to Installation, Testing, tuning, upgrading, troubleshooting and loading patches for physical/virtual servers
• Engineered, provisioned and provided Level III support for AIX, Windows, Linux and Solaris Servers, and provided 24x7 on call server support for Production and Development environments.
• Scripting of administration tasks using Command Line (CLI), Python, PowerShell, Shell Scripting.
• Monitoring the environment using Splunk to automate the tasks for alerting, capacity, performance factors and fault management across the infrastructure.
• Coordinated release activities with Project Management, QA, Release Management and Web Development teams to ensure a smooth and trouble-free roll out of releases .
• IPS/ IDS monitoring and analysis, analyze network traffic, log analysis, prioritize and differentiate between potential intrusion attempts and false positives.

Environment: Splunk, AWS, EC2, S3, SVN, Dashboards, LDAP, MySQL, Linux, Windows, Oracle 11g, MS SQL Server 2012

Confidential

System Engineer

Responsibilities:

• Created Database as per the requirement of the bank to maintain the student records using SQL server 2005
• Maintained and supported the SQL Server databases as a administrator
• Involved in the Data modelling, Physical and Logical Design of Database
• Created tables, indexes, sequences, constraints, triggers and procedures
• Written Stored procedures and triggers to implement business rules
• Involved in integration of the front end with the SQL Server backend
• Used DDL and DML for writing triggers, stored procedures, and data manipulation
• Created reports from OLAP, sub reports, bar charts and matrix reports using SSRS
• Deployed the SSRS reports in Microsoft office share point portal server MOSS 2007.
• Worked on DTS/SSIS for transferring data from Heterogeneous Database (Access database and xml format data) to SQL Server.
• Involved in Data Integration by identifying the information needs within and across functional areas of an enterprise database upgrade and Migration with SQL server Export Utility.
• Used DTS/SSIS and T-SQL stored procedures to transfer data from OLTP databases to staging area and finally transfer into data marts and performed action in XML.
• Performance tuning of SQL queries and stored procedures using SQL Profiler and Index Tuning Wizard.
• Wrote stored procedures to get the fields required for the reports.
• Created datasets using stored procedures and reports using multi value parameters.
• Maintained disaster recovery Backup and Re-Indexing was implemented to increase the performance
• Created user profiles and corresponding read, write and DDL and DML access properties were maintained on the database
• Actively participated and interacted with users, team lead, DBAs and technical manager to fully understand the requirements of the system.
• Worked on the Reports module of the project as a developer on MS SQL Server 2005 (using SSRS, T-SQL, scripts, stored procedures and views).

Environment: MS SQL Server 2005/2000, T-SQL, DTS, MS-Excel, MS-Office, Oracle8i, SQL Server2008, SQL Server 2005/2000(2003, 64-bit edition of SQL server 2000), DTS, Microsoft Business Intelligence Development Studio, SQL Queries, Stored Procedures, Office, Excel, SSRS, SSIS, ERWIN.