Kelvin Alba ad1wqa@r.postjobfree.com

Rockville, MD 202-***-****

CAREER OBJECTIVE

With years of experience as a Splunk engineer/Architect, I possess a strong understanding of UNIX systems and the expertise to work with various aspects of Splunk ranging from architectural deployments, administrative management to content and data analytics development.

I am a dedicated engineer who seeks to leverage my skills and experience in enterprising logging management to contribute to the success of a new team.

Seeking a challenging and fulfilling position advanced professional development while utilizing my expertise to its fullest potential.

CERTIFICATIONS

Splunk Certified Core User

Splunk Certified Power User

Splunk Certified Admin User

PROFESSIONAL EXPERIENCE

Nationwide, Columbus, Ohio October 2021-Present

Splunk Engineer/Architect

Ingested and parsed large volumes of heterogeneous data from various sources, such as network devices like Cisco and Fortinet FortiGate, CyberArk, applications like o365, AppDynamics, Microsoft Teams, operating systems like Linux and Windows, and databases like Oracle, SQL, MySQL, NoSQL, utilizing various methods of data ingestion. Additionally, onboarded security applications such as PulseSecure and SlackWebHook Alert to ensure comprehensive visibility and monitoring.

Implemented techniques to enhance the quality and context of incoming logs, including adding tags and field aliases to ensure streamlined and efficient search capabilities.

Create Lookups to map fields and enrich data with external sources, such as CSV files, databases, and API endpoints to provide actionable insights. Additionally, making use of advanced lookup techniques such as KV store, cached lookups, and automatic lookups to improve data accuracy and reduce search time.

Maintained day-to-day operations of Splunk configurations, including inputs, indexes, server classes, props, and transforms, while also ensuring the upkeep of other critical configurations such as limits and certificates.

Reviewed data sets and ensured they were CIM compliant by mapping fields to CIM-compliant fields, creating data models and tags, and developing extractions and transforms using advanced regex and SPL queries. Collaborated with SOC team to ensure data was easily searchable, meaningful, and properly enriched for efficient and accurate analysis, reporting, and alerting. Continuously monitored data for compliance and optimized CIM compliance as needed to maintain high data quality standards.

Worked closely with stakeholders to interpret business needs and requirements, translating them into effective and relevant monitoring and analytics using advanced SPL. Leveraged expertise in SPL to design and develop comprehensive reports and dashboards for application tools, providing valuable insights and actionable data to inform business decisions.

Implemented techniques to tune alerting in Splunk to reduce false positives, including identifying patterns in the data that can lead to false positives, adjusting thresholds and criteria for alert triggering, and fine-tuning alerting logic using advanced SPL queries and regular expression patterns. This resulted in a significant reduction in false positive alerts and improved overall system performance and efficiency.

Troubleshooted and resolved scheduled search concurrency issues. Enacted changes to optimize and streamline search heads for improved performance and reliability, utilizing techniques such as staggered search scheduling and search filtering.

Configured tokenized Splunk dashboards allowing for a more tailored and effective monitoring experience. By implementing tokenized dashboards, users were able to quickly access relevant information and gain insights into their data in a more efficient and intuitive manner. Additionally, I presented each dashboard to the respective end user to ensure that users knew how to take full advantage of the functionality provided by the tokenized dashboards.

Tresume, Manhattan, NY July 2019-October 2021

Splunk Administrator/Architect

Configured and optimized the data pipeline by leveraging props.conf and transforms.conf for maximum efficiency.

Utilized knowledge of Splunk's data models to create data sets and dashboards for efficient and effective data analysis.

Installed and configured Splunkbase TAs while additionally customizing and developing custom Splunk applications that precisely meet customer needs for monitoring purposes.

Built workflow action integrations between Splunk and external systems, including but not limited to SNOW and JIRA, to improve incident response time.

Diagnosed and resolved complex issues with platform performance utilizing troubleshooting methods, such as btool, UNIX CLI commands, introspection index, splunkd, and monitoring console.

Performed server migration by utilizing WinSCP, configuration and deployment back-ups to rebuild and replace old hardware with upgraded instances of deployment servers and deployers.

Deployed and integrated new indexers to existing clusters to expand and scale up Splunk infrastructure, ensuring seamless connectivity and optimal performance for processing high volumes of data. Employed in-depth knowledge of Splunk's indexing architecture, cluster management, and distributed search techniques to efficiently enhance the system's capacity and provide reliable and high-performance data ingestion capabilities.

Deployed Enterprise Security and configured Assets and Identities.

Enhanced system reliability and performance by administering and fine-tuning syslog servers to

Extracted fields from unstructured data by using techniques such as regular expressions (REGEX), field extractions, and automatic lookups.

Collaborated with end-users to perform data analysis to create meaningful and actionable data models.

onboard network device data, as well as configuring seamless load-balancing of incoming logs from Cisco switches and routers across syslog receivers.

Ally Financial, Detroit, MI January 2017-June 2019

Splunk Engineer/Developer

Used regular expressions often in field extractions and work on advanced transforms.conf attributes.

Onboarded event feeds from event sources into Splunk.

Performed daily health checks on system deployment.

Troubleshooted configuration issues for optimized data ingestion.

Role and user creation upon request for Splunk end-users, ensuring that the assigned roles and permissions align with the user's responsibilities and tasks within the organization. This involved creating and managing user authentication and authorization configurations within Splunk, such as LDAP or Active Directory integration, and enforcing password policies and security best practices.

Performed data quality checks and data validation to ensure data integrity and compliance with data retention policies.

Configured LDAP connection to Splunk to enable seamless authentication of users by integrating with the organization's Active Directory, allowing for centralized user management and access control. Additionally, implemented SSL encryption to ensure secure communication between Splunk and LDAP server.

Conducted regular performance tuning of the data ingestion and processing pipelines to optimize system efficiency and reduce resource utilization.

Wells Fargo, San Francisco, CA March 2013-December 2016

System Administrator

Contracted to support UNIX systems for various clients.

Spun up new server images; conferred with clients on server requirements.

Configured and managed Linux servers, including installing, patching, upgrading, and tuning for optimal performance.

Created and managed user accounts and permissions, ensuring adherence to security policies and access controls.

Monitored system logs and performance metrics to identify and troubleshoot issues, collaborating with other teams as needed.

Installed and configured software applications, databases, and web servers, such as Apache, MySQL, and PHP, to support organizational needs.

Automated system tasks using shell scripting and tools like Ansible, Puppet, or Chef, increasing efficiency and reducing manual workload.

Collaborated with development teams to support software development and testing environments, ensuring seamless integration with Linux systems.

Managed backups and disaster recovery procedures to protect critical data and ensure business continuity in the event of a system failure.

Developed monitoring reports for VMware devices • Configured sudoers access for clients.

using advanced XML and HTML to enhance dashboard visuals and integrated with drilldowns and tokenization for interactivity.

Worked with server owners on upgrades and application installations including NGINX, Splunk, syslog-ng, etc.

Configured enable boot restarts on applications.

Met SLAs in a timely fashion and reviewed prioritization of tasks.

Troubleshoot server issues including disk space, CPU, processing issues.

Opened ports, killed processes, mounted disk drives, expanded server capacity where needed.

Followed SOPs and developed new documentation for uncommon issues and troubleshooting processes.

Collaborated with cross-functional teams such as product development and engineering to identify and resolve complex technical issues.

Maintained and updated knowledge base articles and product documentation to ensure that support staff had access to accurate and up-to- date information.

Comcast, Philadelphia, PA August 2010-March 2013

Database Administrator

Provided customers with answers to technical issues, suggestions and fixes.

Answered customer questions concerning service providers.

Followed SOPs on help desk call-ins.

Proactively monitored system health and performance and took corrective actions to prevent issues and minimize downtime.

Worked closely with customers to understand their business requirements and provide customized solutions to meet their specific needs.

Provided feedback to product development teams regarding customer feedback and potential product improvements.

Conducted quality assurance testing on new products and software releases to ensure optimal performance and functionality.

Provided excellent technical support to customers through various channels such as phone, email, and chat, and resolved their issues within a timely manner.

Documented and escalated technical issues to the appropriate teams when necessary and followed up with customers to ensure resolution and satisfaction.

Troubleshoot hardware and software issues, identified root causes and provided solutions, and conducted remote diagnostic tests to resolve issues remotely.

Contact this candidate