PROFESSIONAL SUMMARY:

• Experience in configuring, implementing, analyzing and supporting Splunk server infrastructure across Windows, UNIX and Linux.
• Experience with a variety of Operating Systems, Protocols and Tools depending on teh type of platform or application to be administered.
• Having 6+ years of experience as Splunk Admin/Developer
• Experience in configuring, implementing, analyzing and supporting Splunk server infrastructure across Windows, UNIX and Linux.
• Experience with a variety of Operating Systems, Protocols and Tools depending on teh type of platform or application to be administered.
• Implement Splunk solutions in highly available, redundant, distributed computing environments
• Gathering requirements and analysis by Interacting with team members and users during teh design and development
• Knowledge on various flavors of Linux and Unix based systems including Red hat RHEL 4.x, 5.x, 6.x, 7.x, Ubuntu, CentOS, AIX and Solaris.
• Designing and implementing Splunk - based best practice solutions.
• Planning, communicating clear instructions to team members;, and direction.
• Capacity planning, optimization and architecture.
• Help manage teh strategy of teh Splunk Business Unit within teh company.
• Expertise with Splunk UI/GUI development and operations roles
• Splunk server configurations (web, indexing retention, autantication, etc.).
• Splunk data onboarding operations (inputs, SQL, index-time configurations).
• Splunk data parsing operations (search-time field extractions, event types, tags).
• Configuration and troubleshooting Splunk across a variety of platforms.
• Deploy new Splunk instances, including clustered deployments and apps
• Integrating Splunk with a wide variety of legacy data sources and industry leading commercial security tools.
• Installing a search head, deployment server and indexers in distributed deployment.
• Analyze data imports into Splunk for accuracy and completeness; compare data from teh various network security tools to identify overlaps and search for gaps
• Create and customize System & Splunk applications, search queries and dashboards.
• Create Splunk reports, dashboards, forms, visualizations, alerts.
• Optimize searches and implement post processing on dashboards.
• Assisting users to customize and configure Splunk to meet their requirements.
• Perform implementation of security and compliance-based use cases.
• Performing maintenance and optimization of Splunk deployments.
• Communicating with customer stake holders to include leadership, support teams, and system administrators.
• Experience in Installation, Configuration, Migration, Trouble-Shooting and Maintenance of Splunk, Passionate about Machine data and operational Intelligence
• Strong noledge of TCP/IP, UDP, DNS network, load balancing, firewalls and enterprise monitoring tools Splunk.
• Scripting and development skills using Perl and Python with strong noledge of regular expressions.
• Experience in Operational Intelligence using Splunk.
• Part of teh core Splunk Team for teh entire organization, handling deployment, maintenance, updates, troubleshooting of over 1000 standalone Splunk instances and roughly 100 clustered Splunk instances
• Knowledge on Configured services, Entities, Correlations searches with corresponding KPI metrics in Splunk ITSI Application.
• Build Key Performance Indicators to teh Enterprise Architecture through Splunk.
• Build dashboards to monitor license, indexers, search heads.
• Maintain Splunk systems documentation, including SOP's and design documents Integration of systems and application tools with Splunk.
• Provide occasional presentations and thought leadership
• Good experience in creating Splunk apps, navigations, interfaces and good experience on Splunk lookups, macros, Pivot, data models, lookup files and their publication into
• Splunk. Network Monitoring, bandwidth and traffic monitoring through Splunk and SolarWinds.
• Experience in shell scripting and extensively used regular expressions in search string and data anonymization
• Knowledge on scripting language like python and java script.
• Experience with software development, system architecture, and/or databases a plus.

TECHNICAL SKILLS:

Log Analysis Tool: Splunk Enterprise Server 5.x/6.x, Splunk Universal Forwarder 5.x/6.x, Splunk DB Connect, Splunk ITSI

Web/App Servers: Web Sphere Application Server 5.0/6.x/7.x/8.x, Web Sphere MQ Sever 6.x/7.x, WebSphere XD 6.0/6.1, IBM Http Server 6.x/7.x/8.x, Apache Web Server 2.x, Tomcat 5.5, IIS 6/7.x

Operating Systems: IBM AIX (5.1/6.1), RHEL Linux, Windows Server 2003/2008 R2, VMWare

Programming: Java, J2EE, C++, C, SQL/PL SQL, HTML, DHTML, XML.

Scripting: JACL, Python, WSCP, WSADMIN, Korn Shell Script, Perl, JavaScript, CSS, Batch

Databases: Oracle (8i/9i), UDB/DB2, Sybase, MS SQL Server, IBM DB2

Monitoring tools: Wily Introscope 8.x/9.x, Tivoli, BSM Topaz, Tivoli Performance Viewer, IBM Thread and Heap Analyzers, Solaris (8,9,10), Solar Windows

Networking: TCP/IP Protocols, Socket Programming, DNS.

Frame work: MVC, J2EE Design Patterns, Struts.

IDE: Eclipse, RAD 7, Net Beans, Edit plus, TOAD

Others: Site Minder r6/r12/r12.5, Ping Federate 6.X,7.X

PROFESSIONAL EXPERIENCE:

Splunk Engineer

Confidential, Chicago, IL

Responsibilities:

• Prepared, arranged and tested Splunk search strings and operational strings.
• Created and configured management reports and dashboards.
• Developed, evaluated and documented specific metrics for management purpose.
• Trained Splunk security team members for complex search strings and ES modules.
• Analyzed security based events, risks and reporting instances.
• Managed and maintained use cases into correlation systems.
• Designed, developed and implemented system engineering plans and technical support services.
• Developed reports, dashboards, alerting, creating roles, user provisioning and clustering using Splunk.
• On-Boarding Applications to Splunk environments.
• Created and configured KPI's in Splunk IT Service Intelligence(ITSI).
• Created Regular Expressions for Field Extractions and Field Transformations in Splunk
• Developed KPI's associated with a service and built glass tables, Deep Dives, Notable events.
• Configured services, Entities, Correlations searches with corresponding KPI metrics in Splunk ITSI Application.
• Manage network, Windows and any other inputs that may arise (universal forwarders).
• Executed systems programming activities and supported data center activities
• Developed Splunk infrastructure and related solutions as per automation toolsets.
• Installed, tested and deployed monitoring solutions with Splunk services.
• Provided technical services to projects, user requests and data queries.
• Implemented forwarder configuration, search heads and indexing.
• Supported data source configurations and change management processes.
• Analyzed and monitored incident management and incident resolution problems.
• Resolved configuration based issues in coordination with infrastructure support teams.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Develop custom Splunk ES correlation searches & tune notable events.
• Optimize and tune current dashboards.
• Developed several Shell/Bash Scripts to automate and manage systems configuration.
• Create new dashboards based on new feeds and tune over a period.
• Correlate event logs to create more targeted dashboards and alerts.
• Set up advanced searches and reports.
• Create noledge objects specific to SOC operations.
• Create prioritized list of assets within Splunk and related live dashboards and notification.
• Set up live data pull from external intelligence sites and integrate with correlation searches.
• Document Network Flows & create diagrams
• Weekly status reports on all work executed, deliverables developed/submitted, and work planned for next periodUse-case development.
• Very good experience on Splunk search Language and regular expressions
• Involved in writing complex IFX, rex, combine command to extracts teh fields from teh log files.
• Scripting and development skills (Perl, Python, Java) with strong noledge of regular expressions.
• Monitored and correlated events with thorough noledge of principles, methods, and techniques of network and data security.
• Work with Audit and Assessment teams to validate controls and architecture deployment.
• Assisted internal users of Splunk in designing & maintaining production-quality dashboard, assisted offshore team to understand teh use case of business and provided technical services to projects, user requests & data queries.
• Configured services, Entities, Correlations searches with corresponding KPI metrics in Splunk ITSI Application.
• Support teh identification and documentation of data sources.
• Architecting and deploying clustered/distributed Splunk Enterprise 6.x implementations to large, complex customers.
• Administering Splunk and Splunk Apps to include developing new/custom Apps to perform specialized functionality.
• Integrating Splunk with a wide variety of legacy data sources and industry leading commercial security tools that use various protocols.

Environment: Splunk Enterprise Server 5.x/6.x, Universal Splunk Forwarder 5.x/6.x, RedHat Linux, Oracle, HACMP 5.4, HTML, Java Script, XML, Use of Regular expressions.

Splunk Admin

Confidential

RESPONSIBILITIES:

• Involved in setting up alerts for different type of errors.
• Developed, evaluated and documented specific metrics for management purpose.
• Using SPL created Visualizations to get teh value out of data.
• Created Dashboards for various types of business users in organization.
• Played a major role in understanding teh logs, server data and brought an insight of teh data for teh users.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
• Supporting migration from Splunk On Premise data center to Amazon AWS
• Launching, Configuring, Supporting large scale instances on AWS
• Monitored Database Connection Health by using Splunk DB connect health dashboards.
• Worked with creation of python scripts to fetch data from external sources
• Created Crontab scripts for timely running jobs.
• Optimized search queries using summary indexing. Understanding of regular expressions
• Developed build scripts, UNIX shell scripts and auto deployment processes.
• Provided technical services to projects, user requests and data queries.
• Involved in assisting offshore members to understand teh use case of business.
• Assisted internal users of Splunk in designing and maintaining production-quality dashboard.
• Involved in helping teh UNIX and Splunk administrators to deploy Splunk across teh UNIX and windows environment.
• Creating tags, Event types, field lookups, field extractions using regular expressions, aliases for search-time outputs and visualizations
• Helped teh client to setup alerts for different type of errors.
• Worked to ensure Splunk is actively and accurately running and monitoring on teh current infrastructure implementation.
• Involved in installing and using Splunk app for Linux and Unix.
• Consulting with customers to customize and configure Splunk to meet their requirements.
• Performing advanced searching and reporting to help customers with teh implementation specialized/custom dashboards.
• Performing maintenance and optimization of existing clustered Splunk deployments.
• Communicating with customer stake holders to include leadership, support teams, and system administrators.
• Used SCOM for Servers to Individual in Microsoft windows Environments and Using CISO for Security logs.
• Worked SCOM latest Version SCOM 2016 and Good Experience on SCOM 2012 R2
• Designs, implements, configures, and manages solutions within teh supported Linux technologies, products, and services.
• Research and recommend innovative and automated approaches for operational tasks which leverage available resources and simplify operational overhead.
• Develop, implement, and execute standard procedures for teh administration, content management, change management, version/patch management, and lifecycle management of teh SIEM/Log Management platforms
• Technical writing/creation of formal documentation such as reports, material, slide decks, and architecture diagrams.

Environment: Splunk Enterprise Server, Python, Splunk Forwarder, XML, VMware, Solaris (8,9,10), Solar Windows

Security Analyst

Confidential - Sanford, NC

Responsibilities:

• Provide technical inputs, evaluate and recommend new and emerging security products and technologies
• Defines security configurations for threat detection and prevention tools
• Designs automated workflows to streamline security operations
• Monitors and proactively manages supported products and services to assure their performance, availability, security, and capacity.
• Researches, analyzes, and formulates recommendations regarding technologies, products and solutions to fulfill requirements within teh enterprise.
• Security tool administration and support (Network/Endpoint/Threat Hunting/Investigations)
• Tool deployment and implementation experience on a global scale
• Splunk Admin and Architecture related tasks
• Ability to debug configuration issues on different Splunk components
• Understanding of Splunk configurations, dependencies, and forwarder management
• Understands Splunk architecture and components (search head, deployment server, cluster master, indexers, forwarders (HF/UF)
• Analyze security and firewall logs for compromised/infected hosts on teh network.
• Responsible for Disaster Recovery Site Management.
• Design and develop teh Security Zone diagram for teh Security Monitoring Team
• Strong understanding of enterprise logging using syslog-ng, with a focus on security event logging
• Knowledge of system and network architecture and interrelationships (technical and functional).
• Integrate and customize Splunk apps.
• Parsing, Indexing, Searching concepts hot, warm, cold, Frozen bucketing
• Ingest logs into Splunk from databases and applications (includes non-COTS applications); develop custom parsers as needed
• Create Knowledge Objects (dashboards, alerts, reports, field extraction, data models, workflow actions,CSV, and external lookups)
• Tune Splunk to optimize performance
• Troubleshoot issues related to searching, licensing, and errors
• Help setup Splunk User Behavior Analytics (UBA).
• Support upgrades, deployments, and modifications to Splunk and all Splunk architecture
• Technical WritingDocument teh Splunk deployment and configuration (architecture documentation & diagrams).

Environment: Splunk, Universal SplunkForwarder, RedHat Linux, Oracle, HTML, Perl, Java Script, XML

Splunk Developer

Confidential

Responsibilities:

• Installation and configuration of Splunkproduct at different environments.
• Assisted internal users of Splunkin designing and maintaining production-quality dashboard.
• Create Dashboard Views, Reports. lookups and Alerts for events and configure alert mail
• Create Splunk apps for consuming data for applications and implement apps.
• Involved in setting up alerts for different type of errors.
• Assigning User and role autantication including LDAP autantication and scripted autantication.
• Fetching teh data from databases using "DB Connect Application
• Responsible for administering, maintaining and configuring a 24 x 7 highly available, Splunkapps for production portal environment.
• Hands on development experience in customizing, visualizations, configurations, reports and search capabilities using customized Splunkqueries.
• Managed Indexer Clusters including security, hot and cold bucket management and retention policies.
• Worked on Various types of charts, alerts settings, app creations, user and role access permissions.
• Work closely with Application Teams to create new Splunkdashboards for Operation teams.
• Field Extraction, Using Ifx, Rex Command and Regex in configuration files

Environment: Splunk, Universal SplunkForwarder, RedHat Linux, Oracle, HTML, Perl, Java Script, XML, rex, Splunk Knowledge Objects.

SQL Developer

Confidential

Responsibilities:

• Responsible for teh study and analysis of teh systems design and implementation.
• Developed reports using SQL Server Reporting services and utilizing complex SQL queries and stored procedures.
• Involved in tuning teh existing T-SQL code for performance improvement.
• Followed teh best practices in writing T-SQL for universal readability and reusability of code.
• Participated in all teh phases of Software Development Life Cycle (SDLC) like, Requirements Review, Test Documentation, Application testing, detect tracking.
• Created various database objects including tables, stored procedures and functions.
• Analyzed code to find causes of errors and revise programs as needed.
• Well versed with all types of manual testing like functional testing, smoke testing, positive & negative testing, regression testing, integration testing, GUI testing & browser compatibility testing.
• Fixed data issues and bags by changing code or business rules. Troubleshoot import function/daily feed file failure.
• Good understanding of application build cycles and following teh required test strategy to meet teh testing requirement.
• Reviewed and analyzed Business Requirements, Project Plans, Prototype, Flow Diagrams, Use Cases, System Design documents and created Detailed Test Cases.
• Created stored procedures to hold teh business logic.
• Created views as per client requests.

  Environment: MS SQL Server 2000, T-SQL, MS-Office, Internet Explorer, UNIX, Windows XP/Vista.