SUMMARY:

4 years of Splunk Architect work and 6 years of Linux and Unix System Administration. I also have experience with Tomcat, Deploying/Monitoring, and Application on servers. I have experience with Linux System Administration, Create/Manage User Account, Create/Manage File Systems. Configured and built Red hat Linux machines, Create user accounts, set Kernel Parameters. I have also worked in an Agile environment and been involved in the deployment of software releases during sprints.

SOFTWARE:

Splunk, Red Hat Linux, OSSEC and NAGIOS monitoring tool, Apache, SSH, Windows, VMware, RHEL Satellite, ClamAV, outlook, putty, RDP, Nagios XI, office 365.

PROFESSIONAL EXPERIENCE:

Confidential

Splunk Engineer/Admin/Architect

Responsibilities:

• Plan and test deployment of Splunk applications (Apps) and Technology Add - ins (TAs)
• Create and maintain documentation for system changes
• Participate in activities with enterprise change management to plan and execute changes and integrations
• Communicate change plans and updates to Splunk user community and organizational leadership
• Develop, implement and document configuration standards, policies, and procedures for operating, managing and ensuring the security of the Splunk infrastructure
• Perform data integration, data transformation, field extraction, event parsing, data preview, and application management of Splunk
• Design and customize complex search queries and promote advance searching, forensics, and analytics. Develop dashboards, data models, reports and optimize performance
• Participate in incident, problem, and change management process related to Splunk
• Work closely with Linux and Windows server administration teams to diagnose and resolve configuration issues
• Analyze logs for all major applications and come up with the most affected areas or reoccurring issues
• Support and execute arrangements considering a full information lifecycle (Search & Investigate, Add Knowledge, Monitor & Alert, Report & Analyze)

Confidential

Information System Security Officer

Responsibilities:

• Created and managed user accounts in Active Directory
• Performed User security
• Created a System Security Plan based on Risk Management Framework
• Installed and configured Zabbix server and agent on linux and windows servers
• Configured performance monitoring with Zabbix front end
• Performed system audit as designated by company standards
• Performed virus definition updates on McCafee Anti-Virus software
• Collaborate with System Administrators on the managed implementation of NISPOM, ODAA, RMF, DAAPM, STIG, APL, and DSS security measures and requirements.
• Serve as information security point of contact to provide guidance and consultation as needed
• Proficiency with basic software such as MS Office Suite

Confidential

Linux Engineer/Splunk Engineer

Responsibilities:

• Monitored a large scale environment using Nagios XI
• Created Service and host groups to be monitored using Nagios XI
• Splunk Enterprise Security experience
• Splunk ITSI Experience
• Install and upgrade Splunk following Splunk best practices
• Administration experience with Splunk Multi-site Indexer cluster and Search Head Cluster environment
• Experience with monitoring Splunk environment and performing health checks
• Experience with managing the deployment server and indexer cluster efficiently
• Manage SPLUNK user accounts (create, delete, modify, etc.)
• Create data retention policies and perform index administration, maintenance and optimization
• Work with third party application, hosting and CDN providers to integrate data feeds to a centralized Splunk platform
• Provide overall management of the SPLUNK platform
• Assist with design of core scripts to automate SPLUNK maintenance and alerting tasks. Support SPLUNK on UNIX, Linux and Windows-based platforms. Assist with automation of processes and procedures
• Installed airwatch amongst many other in house mobile applications on mobile devices.
• Experience in administering Linux. Experience in Installation, Configuration, Backup, Recovery, Maintenance, Support of Linux.
• Experience in Installing, upgrading and configuring RedHat Linux 5 and 6 using Kickstart Servers and Interactive Installation.
• Configured and Managed Red hat 7 servers
• Worked as part of a team to deploy application in new Tomcat environment.
• Configured Tomcat to use SSL
• Worked with F5 admin to configure Tomcat servers to run behind load balancer
• Configured SSO on tomcat Server
• Built a test environment in AWS using EC2 and RDS.
• Created AMI, IAM users, Security groups, and assigned Roles to users
• Created s3 buckets, bucket policies, and objects
• Installed Splunk Forward in tomcat server
• Perform queries on Splunk indexer/search head using Splunk language and provide result in different forms ie. chats

Confidential

Linux Administrator/Engineer

Responsibilities:

• Perform the installation, configuration, administration, and maintenance of Red Hat Linux 6 and 7 systems according to existing standards in a virtualized environment.
• Installed, tested and deployed monitoring solutions with Splunk services.
• Provided technical services to projects, user requests and data queries.
• Implemented forwarder configuration, search heads and indexing.
• Supported data source configurations and change management processes.
• Analyzed and monitored incident management and incident resolution problems.
• Resolved configuration based issues in coordination with infrastructure support teams.
• Maintained and managed assigned systems, Splunk related issues and administrators.Perform regularly scheduled software maintenance and security patching.
• Perform installation of custom developed applications in a virtual server environment.
• Use VmWare to create and manage virtual servers
• Use Jira ticket system to resolve tickets
• Provide leadership for all design, implementation, and maintenance activities related to Splunk Enterprise and ITSI.
• Create, optimize, and continuously evaluate security monitoring content (correlated searches/alerts) on Splunk and define and update KPI’s for ITSI
• Responsible for the management, advanced configuration, monitoring, and log analysis, and fine tuning of Splunk
• Prepared, arranged and tested Splunk search strings and operational strings.
• Created and configured management reports and dashboards.
• Trained Splunk security team members for complex search strings and ES modules.
• Analyzed security based events, risks and reporting instances.
• Managed and maintained use cases into correlation systems.
• Designed, developed and implemented system engineering plans and technical support services.
• Executed systems programming activities and supported data center activities.
• Develop documentation using confluence wiki software; oversee implementation of same.
• Develop and maintain STIG’d Images and templates for servers.
• Install, configure, and run regular execution of ClamAV anti-virus software.
• Manage variation in house cyber security applications.
• Work with a variation of specialists including, a VmWare admin, Windows admin, Developers, DBAs, and Network specialists.
• Install and set up Nagios server, including installing plugins in various VM’s for monitoring.
• Perform Nessus Scans and remediated issues while creating documentation via confluences and a shared drive.
• Perform DNS clean up - Reviewing and creating proper forward and reverse look up for all VMs where necessary. Also document changes.
• Generate Keys, CSR, and Certs using SSL.
• Install, configure, manage, and trouble shoot IDM servers for the purpose of centralizing Identity Management.
• Experience in Creation and managing user accounts, security, rights, disk space and process monitoring Redhat Linux.
• Experience using RHEL Satellite for patching. After creating and setting up a network for a server, I connected the server/s to our satellite server using subscription manager.
• Reviewing connectivity issue regarding security problem.
• Security management and Security trouble shooting skills

Confidential

Linux Administrator/Splunk Engineer

Responsibilities:

• Experience in administering Linux. Experience in Installation, Configuration, Backup, Recovery, Maintenance, Support of Linux.
• Experience in Installing, upgrading and configuring RedHat Linux 5 and 6 using Kickstart Servers and Interactive Installation.
• Support Puppet environment
• Create basic Puppet manifest
• Troubleshoot Puppet master and Agent network connectivity
• Experience using RHEL Satellite for patching
• Worked with Database administrators to tune kernel for Mysql installations.
• Experience in installing, configuring and implementing the RAID technologies using various tools like VxVM and volume manager.
• Experience in Creation and managing user accounts, security, rights, disk space and process monitoring Redhat Linux.
• Installation and upgradation of Packages and Patches configuration mgmt, version control, service pack.
• Reviewing connectivity issue regarding security problem.
• Security management and Security trouble shooting skills.
• Experience on Webservers such as Webserver Tomcat 5, 6 & Apache Server 2.x
• Experience with VMWare Site Recovery Manager.
• Experience in Installation of MYSQL.
• Experience in writing shell scripts to automate the administrative tasks and management using cron and at.
• Experience in Installing Firmware Upgrades, kernel patches, systems configuration, performance tuning on Unix/Linux systems
• Designing, engineering, configuring and administering Splunk 6.x content
• Assisting in the proper operation and performance of Splunk, plug-ins, loggers and connectors
• Building Splunk reports
• Developing dashboards with visual metrics for stakeholders
• Defining strategy and design around data collection, aggregations, and summarization processes
• Integrating external data sources into Splunk
• Enforcing best practices related to summarizing and querying data
• Developing advanced scripts for the manipulation of multiple data repositories to support analyst requirements
• Partnering with other enterprise teams to support data capture and advanced data analytics and forecasting efforts to support proactive identification of issues
• Providing recommendations and implement changes to optimize Splunk products in the customer environment
• Designing the Splunk system solution to meet growth while maintaining a balance between performance, stability, scalability and agility

Confidential

LINUX ADMIN / APPLICATION SUPPORT

Responsibilities:

• Involved in provisioning of new servers by doing installation of OS, applications and database.
• Good hands-on VMware on Linux Virtualization and Linux administration.
• Having hand's on experience on VMware Administration. (vSphere Install, configure & Management )
• Support Puppet environment
• Create basic Puppet manifest
• Troubleshoot Puppet master and Agent network connectivity
• Expertise in Installation, Configuration and administration of Red hat Enterprise Linux & Cent OS.
• Managed over 50 Enterprise/Data Center physical and virtualized Linux production Servers.
• Expertise in LINUX, Solaris and AIS system troubleshooting, disaster recovery, capacity management and performance management.
• Strong team building/mentoring skills that develops cohesiveness within teams.
• Applies strong analytical, architectural, organizational, and problem solving skills to identify deficiencies and shortfalls, and then recommend improvements and enhancements.
• Well exposure to performance/kernel tuning, patch/packages management on UNIX servers.
• Experience in monitoring the availability & performance of LINUX servers.
• Analyze, research, track, and report operational capabilities within virtualized and physical environment
• Performing troubleshooting on production issues, root cause analysis and preventive actions.
• Experience in Installation, Configuration and troubleshooting of various types of servers like, NFS, FTP, Apache, MySQL, and Tomcat.

Confidential

UNIX/LINUX ADMINISTRATOR/ENGINEER

Responsibilities:

• Knowledge of OS patching, LVM, SAN, NAS. etc
• Experience of SAN/NAS in EMC & Hitachi environment.
• Expertise in identifying CPU/Mem/IO bottleneck.
• Built and configured VM LINUX servers
• Provision VM servers for customers
• Manage and monitor processes
• Develop, implement, manage, and maintain security standards, procedures, and guidelines for multiple Linux platforms.
• Monitor application performance and availability
• Add server capacity to clusters to support growth
• Provision test environments to support research and development
• Execute software releases to production and test environments
• Automation of common processes and metric collection using scripts
• Respond swiftly to security vulnerabilities by applying patches or workarounds
• Address L1/L2 issues and debugging problems for engineering handoff
• Create technical documentation in Confluence for peers, engineering and service provider
• Be available off hours for on-call rotation and production changes
• Remedy service management - handle customer tickets and SLAs
• Maintenance of email & proxy server on Linux 5 (send mail)
• Created and managed standard desktop images for employees based on job function reducing the time required to install appropriate software on a new PC
• Directly responsible for the management of all technology initiatives from the planning phase through implementation and maintenance
• Performed daily administrative tasks including adding and deleting users, setting up share areas, controlling data access and network management
• Coordinate patching of servers and monthly maintenance
• Experience Network Protocols (such as ARP, DNS, SMTP, HTTP, NTP, TCP/IP, SSH and FTP) and to troubleshoot.
• Experience operating and maintaining internal systems (trouble tickets, Change/Problem management)
• Experienced (1.) Incident Management + Change Management (Planning & Execution) On - call Escalation, Ticket Quality
• Knowledge in Security compliance
• Root cause analysis / Problem Management + Capacity / Architectural Management