SUMMARY

• Accomplished system administrator tasks with over 8 years of experience in IT and over 4 years of experience in installing, configuring and managing Splunk Enterprise applications across Linux, Windows and *NIX boxes.
• Basic knowledge on Amazon AWS concepts like EMR & EC2 web services which provides fast and efficient processing ofBigData
• Proven ability to create and deliver solutions tied to business growth, organizational development and systems/network optimization. Skilled problem identifier and system trouble shooter. Well - mannered, Strong analytical skills and can be able to act as point of contact for critical systems.
• Extracted Data is loaded to Datalake (Bigdata) platform from multiple sources like oracle, Teradata, Vertica and EDW using sqoop, file extracts and TPT extracts.
• Optimization of LOG ingestion to save license and storageand PCI and SOX compliance specific reports and alert creation.
• Worked based on teh concepts ofITILand ITSM Service NowwithSLA Agreements.
• Developed scripts (Python, JavaScript, etc.) as needed in support of data collection, reporting and presentation requirements.
• me have halped team’s on-board data, create various knowledge objects, install and maintain teh SplunkApps, TAs and good knowledge on java script for advance UI as wellPythonfor advance backend integrations
• Worked with teh complete knowledge engineering team dat developed and monitoring software for applications based on Splunk and Big Data technologies.
• Implemented intuitive dashboards with a variety of graphical visualizations, efficient and reusable Splunk searches, custom platform related features and system integrations and apps.
• Managed and appropriately escalated challenges and risks to initiatives and timelines.
• Identify and prototype innovative concepts to create opportunities and resolve challenges
• IR activities as part of SOC operationsand Application specific Splunk apps and TA's installation.
• Reports and alerts for daily SOC operations.
• Strong working experience on Splunk and Splunk implementation, configure, maintain, troubleshooting Splunk/Linux systems (indexersandforwarders), developed regexes to process incoming data (Netflow, DNS, email, web proxy, etc.) and developing Splunk searches and information extraction of device logs for teh purpose of cyber intrusion detection & monitoring structured after teh kill chain modelParsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Experienced with Splunk SIEM (Security Information and Event Management) systems and security event correlation.
• Experienced and created Application with background of SIEM technologies and halped creating content such as trends, queries, reports, and dashboards.
• Used Splunk Enterprise Security (SIEM) to search, correlation, investigation, and reporting to continuously monitor organization for both known and unknown security threats, and also to enable better, faster incident investigations.
• Used Splunk ES (SIEM) to analyses at tens of gigabytes of security point solution data, credentialed user activity data and bring in contextual data locked in key business systems.
• Develop and maintain relationships with internal and external customers to formulate information security governance solutions.
• Full Life Cycle Project Experience starting from System Design, System Analysis, System Integration, Data Modeling and Control, Production System Support, Programming and Training.
• Strong background in a disciplined software development life cycle (SDLC)..
• Good knowledge in Hadoop concepts such as HDFS, Job Tracker, Task Tracker, Data Node, Name Node andMap-Reduceconcepts.
• Extensively used Enterprise Data warehousing ETL methodologies for supporting data extraction, transformation and loading processing, in a corporate-wide-ETL Solution using Informatica Power Center.
• Expertise in both relational modeling concepts like Facts and dimensions tables, slowly changing dimensions and Dimensional Modeling (star-schema modeling, Snow flake Schema), ER modeling at logical, physical and presentation levels.

TECHNICAL SKILLS:

Languages: SQL, PL/SQL, Perl, Python, (Korn shell) Unix Shell Scripts, Hadoop.4, JSP2.0, Servlets2.4, EJB2.0, Struts1.2, Spring 2.0.3, JDBC3.0, Design patterns, Html, XML, CSS, Log4j, Ant, Web services, RAD6.0, IBM WebSphere server6.1, IBM DB29.0, VSS.

RDBMS: Oracle 11g/10g/9i/8i, MS-SQL Server 2000/2005/2008 , Cloud, Sybase, DB2 MS Access.

Oracle Utilities: SQL*Plus, SQL*Loader, SQL developer, TOAD.

Tools: Splunk 5.0, 6.1, 6.2, APEX 4.2,3.2,Oracle Forms 10g,9i,6i and Reports 10g,9i,6i, ERWIN,VISIO, Golden gate, AutoSys Control-M, AWS, JIRA and HP quality center.

Data Modelling: Dimensional Data Modelling (Star Schema, Snow-Flake, FACT-Dimensions), Conceptual Physical and Logical Data Mdelling, ER Models, MS Access, OLAP, OLTP concepts.

PROFESSIONAL EXPERIENCE

Confidential, WA

Splunk Admin

Responsibilities:

• Installing, Configuring and Administering Splunk Enterprise Server 604/611 and Splunk Forwarder 501/620 on Red hat Linux and Windows severs.
• To Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Worked based on teh concepts ofITILand ITSM Service NowwithSLA Agreements.
• Developed scripts (Python, JavaScript, etc.) as needed in support of data collection, reporting and presentation requirements.
• me have halped team’s on-board data, create various knowledge objects, install and maintain teh SplunkApps, TAs and good knowledge on java script for advance UI as wellPythonfor advance backend integrations
• Developed teh code and unit testing.
• Data Extraction is done using Sqoop to load from Oracle DB to Data lake (Big data) platform.
• Data is stored in big data hive dB
• Engineering and contact for teh team of troubleshooting and drive resolution for monitoring platform issues across technology stacks including Splunk, Applications and Big Data components.
• User stories for ongoing sprints and maintain a product backlog based on industry trends, new technologies, software defects and enhancements.
• Anonymize teh PII (Personally Identifiable Information) data in Splunk. Masked sensitive information such as Social Security Numbers, Email addresses when showing results in Splunk.
• Experienced with Splunk SIEM (Security Information and Event Management) systems and security event correlation.
• Optimization of LOG ingestion to save license and storageand PCI and SOX compliance specific reports and alert creation.
• IR activities as part of SOC operationsand Application specific Splunk apps and TA's installation.
• Reports and alerts for daily SOC operations
• Used Splunk ES (SIEM) to analyses at tens of gigabytes of security point solution data, credentialed user activity data and bring in contextual data locked in key business systems.
• Configure Splunk for all teh mission critical applications and using Splunk TEMPeffectively for Application troubleshooting and monitoring post go lives.
• Create dashboard from search, Scheduled searches online search vs scheduled search in a dashboard.
• Provide regular support guidance to Splunk project teams on complex solution and issue resolution.
• Created reports, Dashboards, scheduled alerts and searches.
• Involved in standardizing Splunk forwarder deployment, maintenance and configuration across Windows platforms and UNIX.
• Played a major role in understanding teh server data & logs, brought a insight of teh data for teh users.
• Prepared, arranged and testedSPLUNKsearch strings and operational strings.
• Expertise in Hadoop andbigdatatools.
• Expertisewiththe tools in Hadoop Ecosystem including Pig, Hive, HDFS, Map Reduce, Sqoop, Spark, Kafka, Yarn, Oozie, and Zookeeper.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Analyzed security based events, risks and reporting instances.
• Responsible to check teh Splunk logs for web server so as to avoid server time down during production are used to monitor application and server health.
• Various types of charts Alert settings Knowledge of app creation, user and role access permissions, creating and managing app, creating user role Permissions to knowledge objects.

Environment: SPLUNK 6.1.3, Linux, Hadoop, UNIX, Oracle 11g, MS SQL Server 2012, SQL, Windows 2007 server, Unix.

Confidential, Minneapolis, MN

Splunk Admin

Responsibilities:

• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Created Dashboards, report, scheduled searches and alerts.
• Configure Splunk for all teh mission critical applications and using Splunk TEMPeffectively for Application troubleshooting and monitoring post go lives.
• Create dashboard from search, Scheduled searches online search vs scheduled search in a dashboard.
• Used Splunk Enterprise Security (SIEM) to search, correlation, investigation, and reporting to continuously monitor organization for both known and unknown security threats, and also to enable better, faster incident investigations.
• Develop and maintain relationships with internal and external customers to formulate information security governance solutions.
• Integrate Service Now with Splunk to generate teh Incidents from Splunk.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
• Created many of teh proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
• Use techniques to optimize searches for better performance, Search time vs. Index time field extraction. And understanding of configuration files, precedence and working.
• Create dashboard from search, scheduled searches Inline search vs. scheduled search in a dashboard.
• Various types of charts Alert Settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects.

Environment: SPLUNK 6.1.3, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL, Windows 2007 server, Unix.

Confidential, Charlotte, NC

Splunk Developer

Responsibilities:

• Provide regular support guidance to Splunk project teams on complex solution and issue resolution.
• Created Dashboards, report, scheduled searches and alerts.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Integrated Service Now with Splunk to generate teh Incidents from Splunk.
• Creating DevOps dashboard dat aggregates data across multiple services to identify critical threats and proactively mitigate risks.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Prepared, arranged and tested SPLUNK search strings and operational strings.
• Analyzed security based events, risks and reporting instances.
• Provide regular support guidance to SPLUNK project teams on complex solution and issue resolution WITH teh objective of ensuring best fit and high quality.
• Design platforms for large scale performance while maintaining security of sensitive data.
• Used techniques to optimize searches for better performances and used search time vs index time field extraction.
• Having Strong understanding of Report and Dashboard configuration and development.
• Experience in Extraction on Search time vs Index time field extraction.
• Good Understanding of configuration files, precedence and daily work exposure to Props.conf, transforms. conf, inputs.conf, outputs.conf and Setting up a forwarder information based on requirement.
• Monitor stanza in inputs.conf basic fields in Splunk at index time.
• Creating dashboard with saved searches and Inline search including various types of charts and alert settings.
• Plan and Build Splunk Cluster environment with High Availability resources.
• Onboard new log sources with log analysis and parsing to enable SIEM correlation.
• Monitoring tool to measure a particular problem or teh contribution of a particular technique over time.
• Worked closely with cross functional team to design new features and resolve issues as they arise.
• Integrated ServiceNow with Splunk to generate teh Incidents from Splunk.
• Analyzed large datasets to identify metrics, drivers, performance gaps and opportunities for improvement.
• Worked on large datasets to generate insights and communicate insights to guide strategic roadmap.
• Performed field extraction using IFX in an event action.
• Very good understanding of software development life-cycle (SDLC) process, Followed Agile scrum and story maps for dev tracking.
• Involved in interacting with business owners, developers and business analysts in improving teh application.
• Used SPLUNK tool in order to analyze teh logs in teh applications.
• Gained in depth knowledge on Ant build and WebSphere servers.
• Involved in handling various Incident and request related to teh application.
• Good command on Linux OS and debugging performance issues.
• Involved in monitoring teh ticketing tool and taking teh ownership of teh tickets.
• Worked on various defects analysis and fixed them.
• Problem record analysis and solution providing.
• Created many of teh proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.

Environment: Splunk5.0, Splunk6.1, Splunk6.2, Restful, SOA, Linux OS, ServiceNow, XML, XSLT, SIEM, JMS, Linux, Windows 2007 server.

Confidential, Alpharetta, GA

Linux Admin

Responsibilities:

• Being a part of implementation team, worked with several teams like Network, Storage, Data Center team,
• Understanding teh Project requirement and submit teh request to teh respective teams and procure teh resources and build and as per standard, hand over teh server to teh Application / DBA team for further configuration at their end.
• RHEL 5.x/6.x and Solaris 9/10/11 servers administering and monitoring teh performance of all systems.
• Working on Linux LVM troubleshooting.
• Involving and working with other team on Data Base / Application Refresh based on software life cycles.
• Manage user accounts for teh team access for Red Hat Satellite Server
• Build channels and pull teh packages from Red Hat Satellite Server (patch and package management)
• Involved in preparation of functional and system specifications. Estimated storage requirements for applications
• Installed and configured Apache/Tomcat/Java for teh e-learning projects
• Deployed Puppet, Puppet Dashboard, and Puppet DB for configuration management to existing infrastructure
• Redesigned and redeployed teh Nagios implementation. Nodes automatically added/removed themselves via Puppet.
• Involved in 24*7 Production support, Build and Migration Assignments.

Environment: Linux (RHEL 5.x/6.x), Solaris, RedHat Satellite Server, Apache Tomcat, Nagios, Puppet.

Confidential

Linux Admin

Responsibilities:

• Installed and configured several hundred Red Hat Blade and VMware Esxi 4.x Virtual Environment.
• Configured Red Hat Cluster Nodes for any legacy applications and verified teh daily health check on teh Cluster Nodes.
• Assisted in physically installing, racking and cabling new BM Blade Center S and Cisco UCS 5108 Chassis environment.
• Installing and configuring Red Hat Enterprise Linux 5, 6.1 using kick start servers and virtual
• Media based installs on several hundred Cisco UCS B200 /B250 and BM Blade Center S as required for UAT/Production Oracle Web logic. Red hat JBoss, Oracle Enterprise Database and MySQL Database Server requirements.
• Responsible for installation, Configuration and administration of Oracle10g/11g database on SCO Unix, Linux and Windows 2003 Servers and also an integral part of teh backup and recovery.
• Installing and updating packages using YUM (custom YUM servers/repositories) and Red Hat Satellite Server.
• Configured and Administered Apache, VSFTPD services, MYSQL and Tomcat.
• Configured various alerts, captured support logs and configured resource pools utilizing Cisco UCS Manager.
• Configured and deployed patches, upgrades, bug fixes on both physical and virtual Red Hat Linux servers using satellite servers.
• Implemented rapid provisioning and life cycle management for RedHat LINUX using kickstart
• Expertise in security hardening (iptables/selinux) major Production Servers, and compiling, building and installing web server based Linux tools.
• Experience in performing, uploading and upgrading new firmware on teh Interconnects and Chassis
• Proficient in providing support on teh deployed Red Hat Enterprise Linux & Sun Solaris servers from both operating system level and application Level.
• Expertise in working with MySQL databases, Apache Web server, Tomcat Application Servers
• Troubleshooting any performance or configuration issues with MySQL and Oracle.
• Expertise in hardening, Linux Server and Compiling, Building and installing Apache Server from sources with minimum modules.
• Monitoring and troubleshoot backups and schedule Cron jobs.
• Extensive experience in network management TCP/IP, NIS, DNS, NFS, VLAN
• Experience in database replication using OCFS2 file system with oracle 10g and 11g database
• Patch management of servers and maintaining server's environment in evelopment/QA/Staging/Production.

Environment: VMware 4.x, RHEL 4.x/5.x/6.x, Solaris 9, 10&11, HPUX, Centos, SUSE 10, 11, VERITAS Volume Manager3.x/ 4.x, VERITAS Storage Foundation 5, RedHat Cluster, VERITAS Cluster Server 4.1, Tripwire, NFS, DNS, SAN/NAS.