Post Job Free
Sign in

Security Data

Location:
Tampa, FL
Posted:
April 02, 2019

Contact this candidate

Resume:

Jayaprakash N

Email: ******.******@*****.***

Mob: 312-***-****

Visa Status: Green Card

PROFESSIONAL EXPERIENCE:

* + years of Total IT experience in configuring, implementing and supporting Splunk Server Infrastructure across Windows, UNIX and Linux.

Experience in understanding of Splunk5.x and 6.x product, distributed Splunk architecture and components including the installation of Search Heads, Indexers, Forwarders, Deployment Server, License Model, and Heavy/Universal Forwarder.

Proficient in Parsing, Indexing, Searching Concepts like Hot, Warm, Cold, Frozen bucketing.

Creating dashboards with Scheduled Searches or Inline Search vs Scheduled Search in a Dashboard.

Experience developing Splunk Queries and Dashboards targeted at understanding application performance and capacity analysis.

Knowledge of Configuration files in Splunk props. conf, Transforms.config, Output.confg.

Experience in Tuning SQL queries using utilities like EXPLAIN PLAN, SQL Trace, and TKPROF to improve the performance.

Experience developing Splunk Queries and Dashboards targeted at understanding application performance and capacity analysis

Design, Deploy and Support enterprise Splunk logging application. Assist other enterprise instances as Splunk Subject Matter Expert SME.

Expert in creating SQL Queries, PL/SQL Packages, Functions, stored procedures, cursors, Collections (Nested tables and V arrays), Records, Object types and Database Triggers.

Familiar with the Subversion version control software.

Splunk and Python Script is used to show how these logs can be analyzed for certain Events / Patterns and deduce information which can, in turn, be used to Self-learn and Self-Heal when these events re-occur on a regular basis.

Assisted internal users of Splunk in designing and maintaining production quality dashboard.

Ability to work in a team environment and as an individual with strong technical and communication skills, and good zeal in adopting new technologies in a fast paced environment.

Installed and configured Splunk Enterprise and Enterprise Security(ES)

Performed troubleshooting and/or configuration changes to resolve Splunk integration issues. Scripting and development using Perl and Python. Creating and managing apps, Create the user, roles, Permissions to knowledge objects.

Experience in optimizing searches for better performance, Search time vs. Index time field extraction and understanding of configuration files, precedence and working.

Gathered various sources of Syslog and XML data from devices, applications, and databases.

Involved in writing complex IFX, Rex and Multi kV command to extracts the fields from the log files. X.

Strong organizational skills to work independently and prioritize a heavy workload under the pressure of competing tasks.

A very good team player and self-starter with Strong analytic, writing, communication skills and quick learner with the ability to work independently and as part of a team.

WORK EXPERIENCE:

Splunk Admin/Developer

Client: Next Era, Palm Beach, Florida

Duration: Nov 2017 – Current

Roles and Responsibilities:

Installation and configuration of Splunk product in different environments. Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.

Install and maintain the Splunk adds-on including the DB Connect, Active Directory LDAP for work with directory and SQL database design.

Create Splunk Search Processing Language (SPL) queries, Reports, Alerts, and Dashboards.

Creating Reports, Pivots, alerts, advance Splunk search and Visualization in Splunk enterprise.

For Secure Network, we use VPN technology for developing to allow remote users and branch offices to securely access corporate applications and other resources. Provided technical services to projects, user requests and data queries.

Performed data conversions from flat files to a normalized database structure.

Created and maintained Indexes for various fast and efficient reporting processes.

Import & Export of data from one server to other servers using tools like Data Transformation Services (DTS) and bulk copy. Periodic monitoring of the system for bottlenecks.

Updated security software to prevent database security threats.

Implemented system recovery procedures to minimize losses should an attack occur.

Reviewed system access data and monitored database access.

Updated cyber security protocol and developed effective training procedures.

Analyzed database growth, space requirement, and User/Login Roles.

Managed test data and their updates between development and production databases and migrated stored procedures and database objects.

Compared the Logs in networking devices take them into Splunk for find issues quickly.

Participated in Tools tribe meetings and gathered requirements from all SME's and developed dashboards for WIB, Bill pay, Navv app, www app.

Worked for getting data in managing Splunk apps. Assisted internal users of Splunk in designing and maintaining production-quality dashboards.

Knowledge on Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.

Maintained Splunk Environment with multiple indexers; managed and configured settings.

Created EVAL Functions where necessary to create new field during search run time.

Used Ifx, Rex and Regex command for field extraction.

Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Regex, Dashboards, Clustering and Forwarder Management

Identify the pattern and trends that are indicators of routine problems.

Implemented forwarder configuration, search heads and indexing.

Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Regex, Dashboards, Clustering and Forwarder Management.

Built dashboards, views, alerts, reports, saved searches using XML Search

Processing language (SPL).

Analyzed and monitored incident management and incident resolution problems. Involved in the transformation of IRS ETI user requirements into Splunk ITSI Use cases.

Created ITSI Dashboards/ Glass-Tables

Resolved configuration based issues in coordination with infrastructure support teams.

Created many Splunk ITSI Log Analytics artifacts describing IEP Services.

Maintained and managed assigned systems, Splunk related issues, and administrators.

Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.

The splunkd process, using pipelines threads configured with XML.

using cluster master component, it manages a cluster of indexers that multiple copies of data.

In Splunk Enterprise Security, Traffic search dashboard assists in searching network protocol data and using Network production domain for routers, switches, and firewalls.

In SDLC process by correlating a task with DevOps teams for document changes and tasks. correlating this data with data from the planning process and build system security teams of a planned change. By correlating tickets with commits, pairing the data with the build system protects the business.

By using a data-driven approach to gain visibility into the environment.

Using the network, generating traffic shows results from the vulnerability scanners on the network.

Environment: Splunk 6.0.1, ITSI,Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL, XML, Java Script, MS Excel, MS Power Point.

Splunk Developer

I Heart Media, San Antonio, TX

May 2015 - Oct 2017

Roles & Responsibilities:

Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modeling.

Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering, and Forwarder Management.

Administer and configure Splunk components like Indexer, Search Head, Heavy forwarder etc.; deploy Splunk across the UNIX and Windows environment; Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.

Performed Splunk administration tasks such as installing, configuring, monitoring, and tuning.

Developed Cyber Security Standards on NIST Frameworks and insured their proper implementation to reduce the risk of vulnerability to IT assets.

Setup Splunk forwarders for new application tiers introduced into an existing application.

Experience in working with Splunk authentication and permissions and having significant experience in supporting large-scale Splunk deployments.

Coordinate incident handling with IT and Security staff.

Process phone calls and email requests for events.

Manage the Security Incident and Event Management (SIEM) infrastructure

Analyze network traffic and various log data and open source information to determine the threat against the network required response, containment, investigation, and remediation.

Responsible for incident response, tuning, system administration, operations and maintenance of the Security Incident and Event Management (SIEM) system

Monitored Security Management Console for Security Operation Centre (SOC) for ensuring confidentiality, Integrity, and Availability of Information systems.

Perform cyber and physical access control log monitoring to include firewall logs, IPS logs, anti-virus logs, weblogs, and SIEM logs.

Onboarding of new data into Splunk. Troubleshooting Splunk and optimizing performance.

Actively involved in standardizing Splunk Forwarder deployment, configuration, and maintenance across various Operating Systems.

Monitored Security Management Console for Security Operation Centre (SOC) for ensuring confidentiality, Integrity, and Availability of Information systems.

Created Dashboards, Visualizations, Statistical reports, scheduled searches, alerts and worked on creating different other knowledge objects.

Analyzed security-based events, risks and reporting instances.

Prepared, arranged and tested Splunk search strings and operational strings.

Involved in interacting with business owners, developers and business analysts in improving the application.

Gained in-depth knowledge of Ant build and Web Sphere servers.

Involved in handling various Incident and request related to the application.

Involved in monitoring the ticketing tool and taking ownership of the tickets.

Worked on various defects analysis and fixed them.

Worked closely with business partners in addressing their queries.

Environment: Splunk6.1.3, Oracle 11g, SQL Developer, python scripting, Linux, UNIX, UNIX shell scripting.

Splunk Developer

Satyam Computers, Hyderabad, India.

Aug 2010 - Feb 2015

Responsibilities:

Responsible for Designing and implementing Splunk-based best practice solutions.

Requirement gathering and analysis. Interacted with team members and users during the design and development of the applications and Splunk Objects.

Involve in analyzing daily application volume trend, Issues, Errors, and the end to end reconciliation reports. Taking immediate appropriate action in case of any business or customer impact.

Monitor the performance of Splunk via the Splunk Monitoring Console.

Worked on index clustering and configured the Master nodes and peer nodes.

Used XML, Advanced XML and Search Processing Language(SPL) for creating Dashboards, views, alerts, reports and saved searches.

Identified current cybersecurity trends and socialized possible future breaches to the cybersecurity and IT team.

Create post cyber mitigation and remediation reports.

Upgraded and Optimized Splunk setup with new discharges.

Managed Cyber Security threats through prevention, detection, response, escalation, and reporting

Responsible for Parsing the data using REGEX in heavy forwarder level.

Used various Splunk Apps such as Splunk on Splunk, Splunk MINT.

Worked on UNIX/Linux, Splunk DBI Connect, Experienced with various components (indexer, forwarder, search head, deployment server).

Creation and implementation of shell scripts to take care of Splunk file backup, monitoring alert log and log rotation.

Responsible for maintaining the Splunk UBA.

Helped the client to set up alerts for different kind of errors.

Configure and Install Splunk Enterprise, Agent, and Apache Server for the user and role authentication and SSO.

Monitored and resolved a Different kind of Health Issues of Splunk.

Parsing, Indexing, and concepts of Hot, Warm, Cold and Frozen bucketing.

Install and maintain the Splunk add-on including the DB Connect 1, Active Directory LDAP for work with directory and SQL database.

Educational Details

Bachelor’s in Science - Bharathiar University, India

Splunk Certified Admin Engineer- License#: Cert-256863



Contact this candidate