SUMMARY

• Accomplished system administrator tasks wif over 8 years of experience in IT and over 4 years of experience in installing, configuring and managing Splunk Enterprise applications across Linux, Windows and *NIX boxes.
• Basic noledge on Amazon AWS concepts like EMR & EC2 web services which provides fast and efficient processing ofBigData
• Proven ability to create and deliver solutions tied to business growth, organizational development and systems/network optimization. Skilled problem identifier and system trouble shooter. Well - mannered, Strong analytical skills and can be able to act as point of contact for critical systems.
• Extracted Data is loaded to Datalake (Bigdata) platform from multiple sources like oracle, Teradata, Vertica and EDW using sqoop, file extracts and TPT extracts.
• Optimization of LOG ingestion to save license and storageand PCI and SOX compliance specific reports and alert creation.
• Worked based on the concepts ofITILand ITSM Service NowwifSLA Agreements.
• Developed scripts (Python, JavaScript, etc.) as needed in support of data collection, reporting and presentation requirements.
• me has halped team’s on-board data, create various noledge objects, install and maintain the SplunkApps, TAs and good noledge on java script for advance UI as wellPythonfor advance backend integrations
• Worked wif the complete noledge engineering team dat developed and monitoring software for applications based on Splunk and Big Data technologies.
• Implemented intuitive dashboards wif a variety of graphical visualizations, efficient and reusable Splunk searches, custom platform related features and system integrations and apps.
• Managed and appropriately escalated challenges and risks to initiatives and timelines.
• Identify and prototype innovative concepts to create opportunities and resolve challenges
• IR activities as part of SOC operationsand Application specific Splunk apps and TA's installation.
• Reports and alerts for daily SOC operations.
• Strong working experience on Splunk and Splunk implementation, configure, maintain, troubleshooting Splunk/Linux systems (indexersandforwarders), developed regexes to process incoming data (Netflow, DNS, email, web proxy, etc.) and developing Splunk searches and information extraction of device logs for the purpose of cyber intrusion detection & monitoring structured after the kill chain modelParsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Experienced wif Splunk SIEM (Security Information and Event Management) systems and security event correlation.
• Experienced and created Application wif background of SIEM technologies and halped creating content such as trends, queries, reports, and dashboards.
• Used Splunk Enterprise Security (SIEM) to search, correlation, investigation, and reporting to continuously monitor organization for both non and unnon security threats, and also to enable better, faster incident investigations.
• Used Splunk ES (SIEM) to analyses at tens of gigabytes of security point solution data, credentialed user activity data and bring in contextual data locked in key business systems.
• Develop and maintain relationships wif internal and external customers to formulate information security governance solutions.
• Full Life Cycle Project Experience starting from System Design, System Analysis, System Integration, Data Modeling and Control, Production System Support, Programming and Training.
• Strong background in a disciplined software development life cycle (SDLC)..
• Good noledge in Hadoop concepts such as HDFS, Job Tracker, Task Tracker, Data Node, Name Node andMap-Reduceconcepts.
• Extensively used Enterprise Data warehousing ETL methodologies for supporting data extraction, transformation and loading processing, in a corporate-wide-ETL Solution using Informatica Power Center.
• Expertise in both relational modeling concepts like Facts and dimensions tables, slowly changing dimensions and Dimensional Modeling (star-schema modeling, Snow flake Schema), ER modeling at logical, physical and presentation levels.

TECHNICAL SKILLS:

Languages: SQL, PL/SQL, Perl, Python, (Korn shell) Unix Shell Scripts, Hadoop.4, JSP2.0, Servlets2.4, EJB2.0, Struts1.2, Spring 2.0.3, JDBC3.0, Design patterns, Html, XML, CSS, Log4j, Ant, Web services, RAD6.0, IBM WebSphere server6.1, IBM DB29.0, VSS.

RDBMS: Oracle 11g/10g/9i/8i, MS-SQL Server 2000/2005/2008 , Cloud, Sybase, DB2 MS Access.

Oracle Utilities: SQL*Plus, SQL*Loader, SQL developer, TOAD.

Tools: Splunk 5.0, 6.1, 6.2, APEX 4.2,3.2,Oracle Forms 10g,9i,6i and Reports 10g,9i,6i, ERWIN,VISIO, Gloden gate, AutoSys Control-M, AWS, JIRA and HP quality center.

Data Modelling: Dimensional Data Modelling (Star Schema, Snow-Flake, FACT-Dimensions), Conceptual Physical and Logical Data Mdelling, ER Models, MS Access, OLAP, OLTP concepts.

PROFESSIONAL EXPERIENCE

Confidential, WA

Splunk Admin

Responsibilities:

• Installing, Configuring and Administering Splunk Enterprise Server 604/611 and Splunk Forwarder 501/620 on Red hat Linux and Windows severs.
• To Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Worked based on the concepts ofITILand ITSM Service NowwifSLA Agreements.
• Developed scripts (Python, JavaScript, etc.) as needed in support of data collection, reporting and presentation requirements.
• me has halped team’s on-board data, create various noledge objects, install and maintain the SplunkApps, TAs and good noledge on java script for advance UI as wellPythonfor advance backend integrations
• Developed the code and unit testing.
• Data Extraction is done using Sqoop to load from Oracle DB to Data lake (Big data) platform.
• Data is stored in big data hive dB
• Engineering and contact for the team of troubleshooting and drive resolution for monitoring platform issues across technology stacks including Splunk, Applications and Big Data components.
• User stories for ongoing sprints and maintain a product backlog based on industry trends, new technologies, software defects and enhancements.
• Anonymize the PII (Personally Identifiable Information) data in Splunk. Masked sensitive information such as Social Security Numbers, Email addresses when showing results in Splunk.
• Experienced wif Splunk SIEM (Security Information and Event Management) systems and security event correlation.
• Optimization of LOG ingestion to save license and storageand PCI and SOX compliance specific reports and alert creation.
• IR activities as part of SOC operationsand Application specific Splunk apps and TA's installation.
• Reports and alerts for daily SOC operations
• Used Splunk ES (SIEM) to analyses at tens of gigabytes of security point solution data, credentialed user activity data and bring in contextual data locked in key business systems.
• Configure Splunk for all the mission critical applications and using Splunk effectively for Application troubleshooting and monitoring post go lives.
• Create dashboard from search, Scheduled searches online search vs scheduled search in a dashboard.
• Provide regular support guidance to Splunk project teams on complex solution and issue resolution.
• Created reports, Dashboards, scheduled alerts and searches.
• Involved in standardizing Splunk forwarder deployment, maintenance and configuration across Windows platforms and UNIX.
• Played a major role in understanding the server data & logs, brought a insight of the data for the users.
• Prepared, arranged and testedSPLUNKsearch strings and operational strings.
• Expertise in Hadoop andbigdatatools.
• Expertisewifthe tools in Hadoop Ecosystem including Pig, Hive, HDFS, Map Reduce, Sqoop, Spark, Kafka, Yarn, Oozie, and Zookeeper.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Analyzed security based events, risks and reporting instances.
• Responsible to check the Splunk logs for web server so as to avoid server time down during production are used to monitor application and server health.
• Various types of charts Alert settings Knowledge of app creation, user and role access permissions, creating and managing app, creating user role Permissions to noledge objects.

Environment: SPLUNK 6.1.3, Linux, Hadoop, UNIX, Oracle 11g, MS SQL Server 2012, SQL, Windows 2007 server, Unix.

Confidential, Minneapolis, MN

Splunk Admin

Responsibilities:

• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Created Dashboards, report, scheduled searches and alerts.
• Configure Splunk for all the mission critical applications and using Splunk effectively for Application troubleshooting and monitoring post go lives.
• Create dashboard from search, Scheduled searches online search vs scheduled search in a dashboard.
• Used Splunk Enterprise Security (SIEM) to search, correlation, investigation, and reporting to continuously monitor organization for both non and unnon security threats, and also to enable better, faster incident investigations.
• Develop and maintain relationships wif internal and external customers to formulate information security governance solutions.
• Integrate Service Now wif Splunk to generate the Incidents from Splunk.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
• Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
• Use techniques to optimize searches for better performance, Search time vs. Index time field extraction. And understanding of configuration files, precedence and working.
• Create dashboard from search, scheduled searches Inline search vs. scheduled search in a dashboard.
• Various types of charts Alert Settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to noledge objects.

Environment: SPLUNK 6.1.3, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL, Windows 2007 server, Unix.

Confidential, Charlotte, NC

Splunk Developer

Responsibilities:

• Provide regular support guidance to Splunk project teams on complex solution and issue resolution.
• Created Dashboards, report, scheduled searches and alerts.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Integrated Service Now wif Splunk to generate the Incidents from Splunk.
• Creating DevOps dashboard dat aggregates data across multiple services to identify critical threats and proactively mitigate risks.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Prepared, arranged and tested SPLUNK search strings and operational strings.
• Analyzed security based events, risks and reporting instances.
• Provide regular support guidance to SPLUNK project teams on complex solution and issue resolution WITH the objective of ensuring best fit and high quality.
• Design platforms for large scale performance while maintaining security of sensitive data.
• Used techniques to optimize searches for better performances and used search time vs index time field extraction.
• Having Strong understanding of Report and Dashboard configuration and development.
• Experience in Extraction on Search time vs Index time field extraction.
• Good Understanding of configuration files, precedence and daily work exposure to Props.conf, transforms. conf, inputs.conf, outputs.conf and Setting up a forwarder information based on requirement.
• Monitor stanza in inputs.conf basic fields in Splunk at index time.
• Creating dashboard wif saved searches and Inline search including various types of charts and alert settings.
• Plan and Build Splunk Cluster environment wif High Availability resources.
• Onboard new log sources wif log analysis and parsing to enable SIEM correlation.
• Monitoring tool to measure a particular problem or the contribution of a particular technique over time.
• Worked closely wif cross functional team to design new features and resolve issues as they arise.
• Integrated ServiceNow wif Splunk to generate the Incidents from Splunk.
• Analyzed large datasets to identify metrics, drivers, performance gaps and opportunities for improvement.
• Worked on large datasets to generate insights and communicate insights to guide strategic roadmap.
• Performed field extraction using IFX in an event action.
• Very good understanding of software development life-cycle (SDLC) process, Followed Agile scrum and story maps for dev tracking.
• Involved in interacting wif business owners, developers and business analysts in improving the application.
• Used SPLUNK tool in order to analyze the logs in the applications.
• Gained in depth noledge on Ant build and WebSphere servers.
• Involved in handling various Incident and request related to the application.
• Good command on Linux OS and debugging performance issues.
• Involved in monitoring the ticketing tool and taking the ownership of the tickets.
• Worked on various defects analysis and fixed them.
• Problem record analysis and solution providing.
• Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.

Environment: Splunk5.0, Splunk6.1, Splunk6.2, Restful, SOA, Linux OS, ServiceNow, XML, XSLT, SIEM, JMS, Linux, Windows 2007 server.

Confidential, Alpharetta, GA

Linux Admin

Responsibilities:

• Being a part of implementation team, worked wif several teams like Network, Storage, Data Center team,
• Understanding the Project requirement and submit the request to the respective teams and procure the resources and build and as per standard, hand over the server to the Application / DBA team for further configuration at their end.
• RHEL 5.x/6.x and Solaris 9/10/11 servers administering and monitoring the performance of all systems.
• Working on Linux LVM troubleshooting.
• Involving and working wif other team on Data Base / Application Refresh based on software life cycles.
• Manage user accounts for the team access for Red Hat Satellite Server
• Build channels and pull the packages from Red Hat Satellite Server (patch and package management)
• Involved in preparation of functional and system specifications. Estimated storage requirements for applications
• Installed and configured Apache/Tomcat/Java for the e-learning projects
• Deployed Puppet, Puppet Dashboard, and Puppet DB for configuration management to existing infrastructure
• Redesigned and redeployed the Nagios implementation. Nodes automatically added/removed themselves via Puppet.
• Involved in 24*7 Production support, Build and Migration Assignments.

Environment: Linux (RHEL 5.x/6.x), Solaris, RedHat Satellite Server, Apache Tomcat, Nagios, Puppet.

Confidential

Linux Admin

Responsibilities:

• Installed and configured several hundred Red Hat Blade and VMware Esxi 4.x Virtual Environment.
• Configured Red Hat Cluster Nodes for any legacy applications and verified the daily health check on the Cluster Nodes.
• Assisted in physically installing, racking and cabling new BM Blade Center S and Cisco UCS 5108 Chassis environment.
• Installing and configuring Red Hat Enterprise Linux 5, 6.1 using kick start servers and virtual
• Media based installs on several hundred Cisco UCS B200 /B250 and BM Blade Center S as required for UAT/Production Oracle Web logic. Red hat JBoss, Oracle Enterprise Database and MySQL Database Server requirements.
• Responsible for installation, Configuration and administration of Oracle10g/11g database on SCO Unix, Linux and Windows 2003 Servers and also an integral part of the backup and recovery.
• Installing and updating packages using YUM (custom YUM servers/repositories) and Red Hat Satellite Server.
• Configured and Administered Apache, VSFTPD services, MYSQL and Tomcat.
• Configured various alerts, captured support logs and configured resource pools utilizing Cisco UCS Manager.
• Configured and deployed patches, upgrades, bug fixes on both physical and virtual Red Hat Linux servers using satellite servers.
• Implemented rapid provisioning and life cycle management for RedHat LINUX using kickstart
• Expertise in security hardening (iptables/selinux) major Production Servers, and compiling, building and installing web server based Linux tools.
• Experience in performing, uploading and upgrading new firmware on the Interconnects and Chassis
• Proficient in providing support on the deployed Red Hat Enterprise Linux & Sun Solaris servers from both operating system level and application Level.
• Expertise in working wif MySQL databases, Apache Web server, Tomcat Application Servers
• Troubleshooting any performance or configuration issues wif MySQL and Oracle.
• Expertise in hardening, Linux Server and Compiling, Building and installing Apache Server from sources wif minimum modules.
• Monitoring and troubleshoot backups and schedule Cron jobs.
• Extensive experience in network management TCP/IP, NIS, DNS, NFS, VLAN
• Experience in database replication using OCFS2 file system wif oracle 10g and 11g database
• Patch management of servers and maintaining server's environment in evelopment/QA/Staging/Production.

Environment: VMware 4.x, RHEL 4.x/5.x/6.x, Solaris 9, 10&11, HPUX, Centos, SUSE 10, 11, VERITAS Volume Manager3.x/ 4.x, VERITAS Storage Foundation 5, RedHat Cluster, VERITAS Cluster Server 4.1, Tripwire, NFS, DNS, SAN/NAS.