PROFESSIONAL SUMMARY:

• Overall 7+ years of experience in Information Technology field with strong experience in Splunk Developer/Engineer, SIEM Engineer, Splunk ITSI, APM Tools implementations and with extensive AppDynamics expertise, Security Analyst
• Strong experience with Splunk 5.x, 6.x and 7.x product, distributed Splunk architecture and components including search heads, indexes, and forwarders.
• Splunk Certified Power User and Admin with 6 years of experience in Information Technology field Splunk SME, Splunk Developer/Admin/Engineer, and Java Developer.
• Splunk Certified Power User and Admin with 6 years of experience in Information Technology field Splunk SME, Splunk Developer/Admin/Engineer, and Java Developer.
• Strong experience with Splunk 7.x/6.x product, distributed Splunk environment.
• Ability to build business & operational intelligence dashboards and glass tables using Splunk & Splunk ITSI.
• Experience creating queries and dashboards in Splunk, and using Splunk to identify and analyze threats is a strong plus.
• Experience of producing documents on System Security compliance report
• Experience on Onboard new log sources with log analysis and parsing to enable SIEM correlation.
• Design, develop, determine test strategy, test, and maintain key software improvements related to machine learning capabilities at Splunk.
• Extensive in PowerShell, Apache, GIT, Jenkins, CHEF, MS SQL, ECMAScript 6, BitBucket, Jfrog Artifactory, CyberArk, Splunk, Dynatrace, Confidential CryptoVault, Microsoft .net framework.
• Maintain high standards of service delivery to enable continuous improvement and effective response to stakeholder feedback
• Architecting new database tables including building the code to extract and load the data elements as well as quality assurance
• Hands on experience leading all stages of system registration, including compliance requirements definition, and initial security check and support. Outstanding Team leader able to coordinate and direct all phases of server - security based while managing, motivating, and guiding teams.
• Consistently top performed among peers, in terms of qualitative service delivery.
• Managing security of users and roles including assisting users in the on-boarding process.
• Created alarms, monitored & collected log files on AWS resources using Cloud Watch on EC2 instance which generates Simple Notification Service (SNS).
• Analysis, Design and Development of SPLUNK Queries to generate the Reports and running SPL Queries.
• Experience in Configuring Tomcat JDBC, JMS and JNDI Services.
• Developed Splunk dashboards, searches and reporting to support various internal clients in Security, Banking, IT Operations and Application Development.
• Responsible for normalizing the data (log parsing) coming from security devices as per the Common Information Model, map the data fields as per the respective technology/domain into compatible field formats & knowledge objects.
• Responsible for configuring various visualization reports in PDF format to respective teams.
• Experiences in building solutions with Splunk MLTK
• Experience in building application CI/CD pipeline using Jenkins, expertise in setting up CI/CD
• Experience in industry standard CI/CD tools like Git/BitBucket, Jenkins, Maven, Artifactory, and Chef.
• Responsible for implementing and control for troubleshooting the Splunk Infrastructure and document the same for future references.
• Worked on large datasets to generate insights by using Splunk. Production error monitoring and root cause analysis using Splunk.
• Install, configure and administer Splunk Cloud Environment 6.5.0 and Splunk Forwarder 6.x.x on Windows Servers.
• Hands on experience on configuration management tools such as Ansible / Chef
• Supported Splunk Cloud with 4 Indexers, 80 forwarders and Generated 700 GB of data per day.
• Involved in standardizing SPLUNK forwarder deployment, configuration and maintenance across Windows Servers Configured inputs.
• Conf and outputs. Conf to pull the XML based events to SPLUNK Cloud Indexer.
• Extensively used various extract keyword, search commands like stats, chart, time chart, transaction, strptime, strftime, eval, where, xyseries, table etc.

TECHNICAL SKILLS/TOOLS:

Monitoring Tools: Splunk, Splunk Enterprise Security, Security Analyst, UBI, Splunk Cloud, Tableau, App Dynamics, Splunk ITSI

Data Analysis: Requirement Analysis, Business Analysis, detail design, dataflow diagrams, data definition table, Data modelling, Data Warehousing, System integration.

Databases: Oracle 11g/10g/9i/8i, MS SQL Server 2012/2008/2005/2000 , MS Access.

Programming: SQL, PL/SQL, UNIX Shell Scripting, C, Java and Java Scripting.

Version Control: Change Management, Endeavour, SVN.

Tools: /Utilities: Introscope, Fault Analyzer, CA-7, RACF, HP SM9, AutoSys, File Aid,Xpediter, TSO/ISPF, Abend-aid, CA SYSVIEW, QMF, SPUFI, ADM, RACF, JIRA, HP, Confluence.

PROFESSIONAL EXPERIENCE:

Confidential, New York, NY

Splunk Engineer

Responsibilities:

• Installed, Configured, Maintained, Tuned and Supported Splunk Enterprise Server 6.0 and Splunk Universal Forwarder 6.0.
• Administered a complex cluster based environment involving search heads in a cluster while the indexers are in standalone mode.
• Created Splunk app for Enterprise Security to identify and address emerging security threats using continuous monitoring, alerting and analytics.
• Created and configured management reports and dashboards in Splunk for application log monitoring.
• Responsible for administering, maintaining, and configuring a 24 x 7 highly available, Splunk apps for production portal environment.
• Work closely with Application Teams to create new Splunk dashboards for Operation teams using advance XML and CSS.
• Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Bootstrap scripts, Outputs, conf and Inputs. Conf files.
• Perform data collection, data mining, analysis, validation, cleansing, developing software in support of multiple machine learning workflows, integrating / deployment of code in a large-scale production environments and reporting.
• Extensively used Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Installation and implementation of the Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process.
• Using DB connect for real-time data integration between Splunk Enterprise and databases.
• Analyzing in forwarder level to mask the customer sensitive data able to manage distributed search across set of indexers.
• Responsible to filter the unwanted data in heavy forwarder level thereby reducing the license cost.
• Worked with administrators to ensure Splunk is actively, accurately running, and monitoring on the current infrastructure implementation.
• Worked on properly creating/maintaining/updating necessary documentation for Splunk Apps, dashboards, upgrades and tracked issues.
• Provided On-call support for various production applications.
• Administered various shell and Python scripts for monitoring and automation.
• Extensive experience on setting up the Splunk to monitor the customer volume and track the customer activity.
• Administering the MS SQL Server by Creating User Logins with appropriate roles, dropping and locking the logins, monitoring the user accounts, creation of groups, granting the privileges to users and groups.
• Designing and maintaining production-quality Splunk dashboards. Strong Knowledge on apps like Splunk DB Connect V.2, Splunk App for AWS, Splunk Add-on for AWS, SOS.
• Having experience in understanding of Splunk 5.x and 6.x/7.x product, Distributed Splunk architecture and components including search heads, indexers, forwarders, etc.
• Experience in working on Deployment Server and Deployment Client Architecture to manage the forwarders across application environment.
• Experience in Indexer Clustering, Search Head Clustering and Deployment Server architecture in Splunk

Environment: Informatica 7.1.3, Business Objects, Oracle 8.1.7.4, SQL*Plus, PL/SQL, TOAD, 7.1, UNIX, Windows XP

Confidential, TX

Splunk Developer

Responsibilities:

• Develop custom app configurations (deployment-apps) within Splunk in order to parse, index multiple types of log format across all application environments.
• Knowledge about Splunk architecture and various components like indexer, forwarder, deployment server, and search head, Heavy and Universal forwarder, License model.
• Experience in creating different visualizations using Bar, Line and Pie chart, Background Maps, Box plots, Scatter plots, Gantt charts, Bubble charts, Histograms, Trend lines & statistics, Bullets, Heat maps, and Highlight tables.
• Created and configured management reports and dashboards in Splunk for application log monitoring.
• Active monitoring of Jobs through alert tools and responding with certain action to logs analyses the logs and escalate to high level teams on critical issues.
• Responsible for developing Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
• Extensive experience on setting up the Splunk to monitor the customer volume and track the customer activity.
• Have involved as a Splunk Admin in capturing, analyzing and monitoring front end and middle ware applications
• Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
• Supporting and executing arrangements considering a full information lifecycle (Search & Investigate, Add Knowledge, Monitor & Alert, and Report & Analyze).
• Working knowledge of scripting languages (e.g. Python bash, etc.). Excellent knowledge of TCP/IP networking, and inter-networking.
• Experience in writing complex Interactive Field Extractor (IFX), Rex and Multikv command to extracts the fields from the log files.
• Created Statistical reports, Alerts and worked on creating different other knowledge objects.
• Good knowledge on onboard new log sources with log analysis and parsing to enable SIEM correlation.
• Configuring Search Head, Indexer cluster and R-Syslog for syslog Aggregation.
• Strong experience in commands (SIEM, CIM and CLI) as a part of SIEM, monitoring notable events through Splunk ES.
• Hands on experience in Installation & configuration of Splunk in both Amazon Web Services and Azure cloud environments.
• Strong experience with enterprise monitoring tools configuration and management (Dynatrace/New Relic).
• Maintained communication with train crews via Radio and telephone to ensure proper train reporting and accurate consist
• Used Splunk JS Stack along with development tools.
• Involved in Hadoop cluster task like Adding and Removing Nodes without any effect to running jobs and data.

Environment: IT Enterprise Controls, BCP/DRP, SDLC, NIST, SQL, Solaris, Oracle, Java, Microsoft Suite, LINUX, Palo Alto, Fortinet, Tableau, Cisco ASA, Salesforce, Cisco IOS and NX-OS routers/switches, Service Now, Check Point, Juniper Net screen, Juniper SRX, Splunk

Confidential, Charlotte, NC

Splunk Developer/Admin

Responsibilities:

• Configuring various Dashboards/Reports and schedule PDF delivery to respective teams using Splunk.
• Worked on Splunk ITSI Engineer will work with various IT resources to configure, tune and support the NOC 'Managers of Manager' (MoM) for the NOC
• Word around updating Splunk 6.x to 7.x version.
• Created correlation searches for security incidents through Splunk enterprise security
• Created correlation searches through Splunk enterprise security.
• Work around different log sources like Firewall, VPN, DNS, AV, Proxy Logs
• Experience with Next Generation Firewalls, Stateful firewalls, SSL, Remote Access VPN experience.
• Contribute to the system architecture and design decisions for Splunk’s machine learning infrastructure, for both cloud and on premise environments, and for both batch and stream based processing.
• Proven experience installing, configuring, and troubleshooting IPSEC/SSL Remote access VPN infrastructures. (Cisco, Pulse Secure, PaloAlto, Citrix)
• Experienced on Splunk 7.1 and Data Modeling with ITSI
• Involved in troubleshooting the slow database calls using transaction snapshots and diagnostic sessions using AppDynamics.
• Worked with Dynatrace to conduct health checks against web portal and to figure out if anything goes wrong with the website.
• Integrating the Splunk with AppDynamics to analyze performance issues.
• Troubleshoot and isolate the root cause of such problems by Mining performance data from AppDynamics and viewing it in Splunk using the AppDynamics Controller REST API.
• Monitoring tool (Dynatrace) and capabilities to find root cause for incident and problem management.
• IPV6/IPV4 routing, sub-netting, and networking routing technologies
• Knowledge of Rsyslog to collect data from network infrastructure to enable collection of logs via syslog.
• Experience with administering machine learning training and production environments
• To secure configurations of load balancing in F5 SSL/VPN connections, troubleshooting and related network security measures.
• On boarded Data source types include scripted inputs and modular inputs.
• Extracted fields in Splunk GUI using Regex expressions
• Worked Continually ITSI to enable effective monitoring for the NOC
• Work around onboarding different type of data sources like Endpoint logs, Authentication logs, Proxy logs, DNS logs, VPN logs.
• Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modeling.
• Detailed knowledge about scripting language such as Python, bash etc.
• Python Scripting and development skills with strong knowledge of Regular expressions
• Involved in writing complex Interactive Field Extractor (IFX), rex and Multikv command to extracts the fields from the log files.
• In splunk Es Configured all CIM Compatible add-no's and apps.
• Create Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards
• Performed Splunk administration tasks such as installing, configuring, monitoring and tuning.
• Expert user of Splunk GUI to run the normal queries for troubleshooting and first level of data analysis.
• Worked on developing content side to create use cases based on Security.
• Worked on Onboard the data as per data source requirement.
• Worked with questionnaire to data owner this form will capture all the info regarding data source like what kind of log Source it is.
• Worked on Splunk JS Stack to develop Splunk apps
• Used Backbone.js which provides an MVC framework as a structure for code.

Environment: Splunk 6.x, 4.x, Puppet, RHEL 7x, Solaris, Hadoop, HBase, Hive, AWS, VPC, Cloud watch, Cloud Trail, MS Exchange, Voice, Video, Predictive Model-eLife, LDAP

Confidential

Security Analyst

Responsibilities:

• Conduct security assessments on OS, network and application vulnerability assessments to identify security weaknesses
• Create, maintain and ensure adherence to baselines, security policies, procedures, guidelines and control standards.
• The Security Analyst will be concerned with residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
• Work closely with IT teams on identifying and remediation of systems with security issues.
• Work with relevant internal IT Application, Infrastructure, Network and Support teams.
• Managed the non-compliances, by raising CIRATS tickets through internal tool TSCM.
• Inducted into Quality team as one of the important Quality analysts for qualitative improvement
• Develops a common set of security tools. Defines operational parameters for their use and conducts reviews of tool output.
• Develops security processes and procedures and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.
• Firewalls, IDS/IPS, VPN, and other network security components from an evaluation, deployment assessment, and audit perspective.
• Expert knowledge and experience with Anti-Virus/Anti-malware products.
• Ensure that the IT systems are compliant with applicable regulations
• Experience with Linux, Windows, Active Directory security configuration and design, monitoring/alerting, intrusion detection, encryption, vulnerability management, database security, and wireless network security.
• Assist with Technology services, Enterprise Risk, Legal and Group Audit in effectively managing technology risks and develop timely and effective remediation and mitigation plans