Sql Server Microsoft Office
Resume:
DAVID BAMIDELE NGWODO EMAIL: ad1x0y@r.postjobfree.com
***** ********** ***** **** *****: 301-***-****
BOWIE, MD 20720 WORK PHONE: 202-***-****
SUMMARY OF QUALIFICATIONS & TECHNICAL EXPERTISE/EXPOSURE
Over 30 years working in IT Networking environment and performing testing, analysis, database and implementation activities
Experienced in Splunk UBA & Ent., ForeScout, RSA Archer, Windows NT & 2000,2003,2008, Cisco router, Switches, Hubs, Microsoft Office 2013, Microsoft Exchange Server 2000, 2003, 2007,2010, Outlook 2007, Dell, HP, DFS, FRS, Remedy, Heat, HP Openview, Oracle, SQL server, Internet, Lotus Notes, Netscape Navigator, Belarc, Zenworks 3.x & 4.x, BackupExec for NT/2000 v7.3, 8.x, Compaq DLT Autoloader Library, Brightstor Arcserve for Windows v9 & 2000, Windows 2008 Active Directory Services, SunSolaris 8, NETIQ, ManageWise 2.6, Netsight Element Manager, VirusScanners(Norton), Citrix Metaframe, eTrust, Quest, Aelita, Legato, Hyena, Veritas NetBackup 6.x, 7.x, McAfee EPO, Tenable, BeyondTrust, Orchestrator 5.x., Cuckoo, AppsDynamic, Tanium,Trend Micro, Infoblox, Moloch PCAP, Solarwinds
PROFESSIONAL EXPERIENCE
1/23 – Present
SIEM/Splunk Engineer
Windwalker – Graham Technologies
Client: United States Customs Immigration Services(USCIS) - - Camp Springs, MD
Utilize enterprise splunking, Splunk cloud ServiceNow & Jira Ticket Tracking tool to do daily project tasks.
Manage SOC knowledge base(JIRA/Confluence, SNOW)
Responsible for the deployment, administration, log ingestion, health monitoring, and content creation for the SIEM
Helped to administer a variety of other security tools within the client environment
Administer the clients SaaS SIEM, the supporting hardware/software, and additional client security tools
Develop, implement, review, and tune SOC detection content
SIEM health monitoring, optimization, and capacity planning
Onboard and maintain a wide variety of data sources to include various OS, appliance, and application logs
Design and modify reports, dashboards, and visualizations to support the SOC’s mission
Troubleshoot/solve complex integration challenges and configuration issues
Technical documentation of engineering tasks (tool onboarding, process documents, etc.)
Strong understanding of System log files and other structured and unstructured data
Assist in analyzing and testing web applications like JSON, XML, and/or OSCAL, Java, JavaScript
Design dashboards to capture metrics from the SOC and utilize Design tools like Balsamiq Wireframes to show Splunk Dashboard design layout
Have 3 or more conference meetings every week with my immediate superior and fellow Splunk team members to discuss about current and previous ServiceNow & Jira Tickets and ways to provide solution to our daily tasks
12/21 – 1/23
Senior Splunk SME Developer
Take2IT – Booz Allen & Hamilton
Client: U.S. Department of Veteran Affairs - - Washington, DC.
Utilize ServiceNow & Jira Ticket Tracking tool to do daily project tasks.
Supporting existing enterprise splunking, Splunk cloud and monitoring infrastructure
Worked on creating, administering, and maintaining Dashboard Classic and Dashboard Studio as well as ITSI
Worked extensively discovering various Splunk Data Sources like ServiceNow, App dynamics, ForeScout, Aternity, Bigfix, ZingBox, BioMed, e.t.c.
Worked extensively doing researching using various application tools like ServiceNow, App dynamics, ForeScout, Aternity, Bigfix, ZingBox, BioMed, e.t.c. to identify data sources
Responsible for the maintenance and continuous improvement of all aspects of a large-scale Splunk SIEM infrastructure.
Ensure the continuity and smooth functionality of the Splunk service, its associated components, and its integrations with other services.
Worked with the Splunk team to Design and implement solutions to address business problems, understanding the Splunk architecture requirements for scalability, security, performance, and cost-efficiency.
Worked with Splunk team members as well as business units closely on overall blueprint and roadmap to translate requirements into an appropriate solution design.
Develop best practices, standards, and architectural principles for the Splunk service, Creation and maintenance of architectural documentation.
Worked on modifying as well as writing Splunk queries to generate Dashboard Classic, Studio and ITSI.
Have 2 or more conference meetings every week with my immediate superior and fellow Splunk team members to discuss about current and previous ServiceNow & Jira Tickets and ways to provide solution to our daily tasks.
Contact Technical resources, Splunk vendors as well as applications vendors if needed.
Generate appropriate alerting within SIEM to trigger investigations and participate in Incident Response activities.
10/21 – 12/21
Splunk Content Developer & Splunk Data Admin
Mphasis - - NY, NY
Client: Blackrock IT - - - NY, NY
Responsible for content creation, content monitoring, and content on boarding for cloud service provider logs.
Responsible for data feed migration from a 3rd party MSSP to our Enterprise Splunk environment.
Worked closely with a technical resource on the system infrastructure side to deploy the Splunk Universal Forwarder on all hosts and work to set up the flow of data between the hosts and the Enterprise Splunk environment. The log sources include, but not limited to Host Based logs for all instances (Security, AD, and any local text files), O365 logs, Azure logs, AWS Cloudtrail, GuardDuty (and various services), Web Application Firewall.
Worked closely with technical resources to normalize all data to the Splunk Common Information Model for another team to create content off of.'
Supporting existing enterprise splunking, splunk cloud and monitoring infrastructure
Thorough knowledge on Azure and Amazon Web Services components and best practices.
Utilize Remedy and ServiceNow Ticket Tracking tool to do the project tasks.
Worked as a Splunk team member to carry out daily tasks using Remedy/ and ServiceNow ticket tracking tool.
Worked extensively doing researches on mid level to advanced Splunk queries for different data sources.
Worked independently as well as with technical resources, Splunk vendors and applications vendors.
Worked with SOC, IR analysts and threat hunting analysts to design response actions to newly created detection rules
03/21 – 10/21
CyberSecurity Engineer
Divine Information Technology, INC. - - Bowie, MD.
Responsible for the maintenance and continuous improvement of all aspects of a Mid/large-scale Splunk SIEM infrastructure.
Ensure the security of the Splunk environment by performing proactive health checks and keeping abreast of new threats and vulnerabilities that may affect them.
Provide expert advice to the Security Technical Design Authority.
Remain current and up to date with emerging technologies, business requirements and enhancements & develop proposals for changes that may be required.
Provide input and recommendations on cyber security policy, risk, and overall security best
practices
11/20 – 03/21
Cybersecurity Splunk - Security Metrics Engineer Lead
Hill Associates - - Rockville, Maryland
Client: U.S. Department of Treasury, Department Office - - Washington, DC.
Serve as a subject matter expert to solve complex cybersecurity requirements.
Utilize software tools and data management methodologies. Analyze ingested data to respond to across business, IT and security functions.
Drive outcomes across Security and IT. Apply your in-depth expertise in Splunk to support Federal Information Security Management Act (FISMA) Level 4 (Managed and Measurable) IT controls for specified systems.
Turn data into action with intelligent analytics and clear insights. Define raw input requirements to support data models as well as final outputs required to ensure Department personnel are able to assess the security status of computing systems.
Utilize Splunk and other tools to develop data requirements, data catalog, data descriptions, data sources, data formatting to ensure that security controls can be measured and managed.
Develop a dashboard or other automated data presentation designs.
Provide data analysis to support response to security incidents that may occur with IT systems.
Maintain familiarity with the Agency IT and security systems operated by the OCIO, as well as systems operated by other groups with the Agency.
Provide recurring reports (weekly, monthly) on program status
Ensure program performance meets Government contract requirements.
Work and thrive in a fast-paced team environment.
Interact with leadership and staff across the Agency and its Bureaus.
07/20 – 11/20
CYBER SECURITY SPLUNK SME
LEIDOS - - Reston, VA.
Client: U.S. Department of Homeland Security - - Washington, DC.
Build, implement and administer Splunk in Windows and Linux environments.
Assist in the technical design process, and provide guidance/direction to the customer on how to best get value from Splunk products.
Establish and maintain configuration control and provide technical support.
Perform data ingestion and visualization for Splunk.
On-board new data sources into Splunk, analyze the data for anomalies and trends, and build dashboards highlighting the key trends of the data.
Design, develop, recommend and implement Splunk dashboards and alerts to support the ESOC Operations team.
Perform integration activities to connect with 3rd party software APIs.
Work with stakeholders to develop requirements and deliverables.
Manage automating Splunk deployments and orchestration within a Cloud environment.
Experience implementing, architecting and administering Splunk and Splunk Enterprise Security Suite
Experience writing Splunk queries in Splunk Programming Language (SPL)
Experience developing in XML, Bash, JavaScript and Python, Perl, PowerShell scripts
Extensive experience with two of SQL, MySQL, or Oracle
Experience administering Linux OS, particularly RedHat Enterprise
Experience working in an Agile environment and working in AWS
Thorough understanding of HTTP, REST APIs, JSON and syslog data format
06/20 – 7/20
CYBER SECURITY ENGINEER III
Kingfisher Systems, Inc. – Falls Church, VA.
Client: GOVPLACE – DHS US International Boundary and Water Commission – Washington, DC.
Implement and maintain enterprise-class security solutions a federal agency to support and sustain CDM and HACS requirements. Align standards, frameworks and security with overall business and technology strategy
Identify and communicate current and emerging security threats.
Design security architecture elements to mitigate threats as they emerge.
Create solutions that balance business requirements with mission, cyber security, and CDM/HACS requirements.
Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
Experience in security solution design using existing and emerging technologies to achieve enterprise solutions.
Experience working with Security Authorization requirements, developing and enhancing the security risk posture, and analysis and reporting of IT security metrics.
Perform Architectural design on ServiceNow, SailPoint, McAfee ePO Policy Auditor and Application Control, Tripwire IP360 VNE, Tenable Security Center, and RSA Archer
04/19 – 06/20
CYBER SECURITY SENIOR CDM ARCHITECT ENGINEER
Dinocrates Group LLC – Rockville, MD.
Client: National Oceanic Atmospheric Administration – Department of Commerce – S/Spring, MD.
Serves as the lead subject matter expert to the NOAA CDM program manager for all phases of CDM. Splunk development/administration experience with Python scripting in an Agile Methodologies environment. Responsible for the monitoring and tracking of security relevant events and assists in the development and implementation of security procedures.
Develops the current state and desired state architecture across NOAA systems for all aspects and phases of CDM. For all phases, assists and documents the readiness and ability of the Bureau to begin phase or incorporate the technologies required to meet the phase requirements.
Develops presentation materials on current status of CDM activities from a technical and informational/usability perspective.
Develops SPLUNK queries and data reports to facilitate the evaluation and determination of data accuracy across the Bureau. Evaluates tools and technologies proposed under the CDM program and presenting findings to the NOAA CDM program manager and additional staff.
Serves as liaison between the CDM integrator and NOAA management and additional staff.
Works with the CDM project manager on integration activities and schedules.
Works with the Junior security architect on the development of standard operating procedures and all technical and managerial presentation/documentation activities.
Assisting the CDM team in the development of a CDM/cyber security roadmap in conjunction with the existing CSD OCIO cyber security roadmap to ensure the correlation between the CDM activities and cyber security division activities are addressed.
Responsible for engineering design, security tools maintenance and development of cyber security technology along with integration of new architectural features into existing infrastructure. Resolve architecture implementation issues during integration and test.
Perform security tools maintenance as required on McAfee Web Gateway/Proxy, DLP such as Symantec, Email security tools such as IronPort and FireEye, CDM tools like BigFix, ForeScout, Splunk, Tenable. Experience in Unix and Linux Administration, REST API, SDKs, SQL
Support multi-disciplined teams in the design and implementation of the cyber security system architecture. Apply cyber security standards, directives, guidance and policies to an architectural framework. RMF. NIST 800-53, NIST 800-37
Provide architectural analysis of cyber security features and relate existing system to future needs and trends. Provide broad based experience in the systems engineering lifecycle and apply the experience to specific cyber security initiatives relating to architectural design and development.
Experience identifying new tools and/or required upgrades based on ROI. Knowledge of Windows and Linux operating systems, hardening baselines such as STIGs. Experience with Change Management(CRs, CCBs, etc.). Performance metrics related to security operations.
Utilize SCAP scanner tool to compares a target computer or application's configuration and/or patch level against that of the SCAP content baseline. I also used it to automate management of vulnerabilities and policy compliance for the organization.
10/18 – 04/19
SECURITY OPERATIONS CENTER TIER 2 TECHNICIAN
Z Federal – Sparks Group – Rockville, MD.
Client: U.S. Census – Department of Commerce – Greenbelt, MD.
Work with alerts from the Tier 1 SOC Analysts, to perform in depth analysis and triage of network security threat activity based on computer and media forensics, malicious code analysis, and protocol analysis. Utilize wireshark for packet capture(PCAP) to identify network
performance issues, etc. Splunk development/administration experience with Python scripting in an Agile Methodologies environment.
Assist with the development of incident response plans, workflows, and SOPs, Deploy and maintain security sensors and tools, Monitor security sensors and review logs to identify intrusions. Monitor key security infrastructure elements, identify security events, perform analysis, and initiate response activities. Experience in Unix and Linux Administration, REST API, SDKs, SQL. Responsible for the monitoring and tracking of security relevant events and assists in the development and implementation of security procedures.
Perform packet analysis by identifying malformed packets and the payload of the packet. Integrate security products, including designs for all organizational networks as well as designing, engineering, planning, integrating, configuring, testing and deploying.
Think critically and creatively while analyzing security events, network traffic, and logs to engineer new detection methods, Work directly with cyber threat intelligence analysts to convert intelligence into useful detection, Collaborate with incident response team to rapidly build detection rules and signatures as needed.
Develop and implement detection use cases, Develop and implement IDS signatures, Assist with incident response efforts, Create and brief customer reports.
Participate in on-call rotation for after-hours security and/or engineering issues, Perform customer security assessments, Develop and run table top exercises. Identify incident root cause and take proactive mitigation steps, Perform lessons learned activities, Mentor junior analysts and run brown bag training sessions, Review vulnerabilities and track resolution, Review and process threat intel reports and sources.
Provide documentation and interaction with other analysts and Operations and Maintenance (O&M) personnel to ensure a complete and functioning system that meets requirements.
08/18 – 10/18
CDM Tools Engineer
CGI Federal – Patriot LLC – Fairfax, VA.
Client: Department of Homeland Security HQ
Serves as subject matter expert providing technical knowledge and analysis of highly specialized applications and operational environments, high-level functional systems analysis, design,
integration, documentation and implementation advice on exceptionally complex problems that need extensive knowledge of the subject matter for effective implementation
Participates as needed in all phases of software development with emphasis on the planning, analysis, testing, integration, documentation, and presentation phases.
Applies principles, methods and knowledge of the functional area of capability to specific task order requirements, advanced mathematical principles and methods to exceptionally difficult and narrowly defined technical problems in engineering and other scientific applications to arrive at automated solutions. Risk Management Framework NIST 800-53, NIST 800-37.
Utilize SIEM Monitoring tools: Forescout, Splunk, Qradar, IBM BigFix, Tenable Security Center, RES Workspace, McAfee Application Control for Continuous Diagnostics Mitigation. Splunk development/administration experience with Python scripting in an Agile Methodologies environment. Monitoring tools: Splunk, DB protect, AppProtect
Experience in Unix and Linux Administration, REST API, SDKs, SQL. Responsible for the monitoring and tracking of security relevant events and assists in the development and implementation of security procedures.
05/18 – 08/18
McAfee/ Systems Engineer
Divine Information Technology, INC. - - Bowie, MD.
Build & Setup business or Office IT Networks
Install, Configure & Upgrade Operating systems, Software, hardware, and Applications
Perform, Build as well as maintenance tasks on Laptops, Servers, Desktop PC, Printers, e.t.c.
Troubleshoot & Repair all Computer Equipment
Provide Anti-Virus Install e.g. McAfee, Upgrade and Cleanup, e.t.c.
11/15 – 05/18
Cyber Security Operations Engineer - - Security Operations Center
ManTech International Corporation – Reston, VA.
Client: Department of Homeland Security HQ
Reston, VA.
Experience with CDM dashboard or Security Information Event Management (SIEM) systems, including ingest of third-party data for rendering within the dashboard or SIEM.
Provide initial configuration and troubleshooting for McAfee and ForeScout products supporting network monitoring, device detection, endpoint software inventory, configuration compliance assessments, and vulnerability detection in SOC. Experience in Unix and Linux Administration, REST API, SDKs, SQL. Monitoring tools: Splunk, DB protect, AppProtect
Familiarity with basic IPv4 local area networking concepts like subnets, masking, switches, routers, gateways. Familiarity with the NIST 800 publications governing the FISMA Act
Operate and provide Tier 2 and Tier 3 CDM support for Splunk, Vulnerability Manager, ForeScout CounterAct, RSA Archer, e.t.c. Performed Vulnerability Scanning on Retina servers to determine Microsoft patches needed. Risk Management Framework NIST 800-53, NIST 800-37.
Subject Matter Expert in McAfee ePO, McAfee Policy Auditor, McAfee Application Control.
Ensure Active Monitoring of Network and Endpoint Inventory in SOC.
Able to manipulate data in order to conduct sound and accurate analysis regarding output.
Able to learn and assist in managing CDM DHS-specific Compliance dashboards and applications. Mentor Junior Cyber Security Operation Engineer.
Support data collection from McAfee and ForeScout by a Splunk repository. Reconcile information aggregated within Splunk with native databases of McAfee ePO and ForeScout CounterAct.
Conduct appropriate analysis and ensure calls that are unable to be resolved are appropriately forwarded to next level support services, both internal engineering and product vendors.Support the following: Provide initial problem resolution where possible, Generate, monitor, and track incidents through resolution, Provide software support, Maintain frequently asked questions and
their resolutions, Obtain customer feedback and conduct surveys, Contribute technical input to CDM CMaaS User and Operator Training in Security Operation Center.
Experience using McAfee Host Intrusion Prevention System Configuration, McAfee Host Intrusion Prevention System Management, McAfee Application Control, McAfee Policy Auditor, McAfee
Install, Operate and perform administrative tasks on Linux Redhat 6.x.
Risk Advisor, Splunk, RSA Archer, Security Content Automation Protocol (SCAP), Asset Summary Reporting Format (ASR) in Security Operation Center. Implement FSMO roles.
Develop effective written procedures and SOPs to guide & IA/scanning team on daily operations, Work with the other IT support teams in troubleshooting and remediating outstanding
Vulnerabilities. Make sure software configurations achieve a high level of security for systems and applications. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
Operate and maintain a suite of vulnerability scanning tools, including Retina, Nessus, Assist in research, analyze, design, test, and implement new or vendor-supplied security software solutions. Provide up- to-date documentation and procedures on security software product. Splunk development/administration experience with Python scripting in an Agile Methodologies environment in a private and public cloud. Develops and manages security for more than one IT security area across the enterprise.
administration. Analyze scan results, prioritize, identify solutions and make recommendations based on the analysis. Utilize Wireshark for troubleshooting network issues.
Examine data from multiple disparate sources with the goal of providing new insight. Design and implement custom algorithms, flow processes for data sets used for modeling, data mining, and research purposes. Perform penetration tests, identify exposure and risks, and recommend appropriate security solutions. Responsible for the monitoring and tracking of security relevant events and assists in the development and implementation of security procedures.
Make recommendations regarding the selection of cost-effective compensating security controls based on NIST 800-37 to mitigate risk. Stay up to date with current vulnerabilities, attacks, and countermeasures. Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates and maintains the documented security controls.
Worked on developing Splunk Use Cases, Dashboards, Alerts and Reports based on different sources of data, including databases as well as developing content for Splunk, including creation of complex correlation logic and operational dashboards
Hands-on on experience utilizing both pre-built dashboards/add-ons within Splunk system and customized Splunk dashboards and search queries.
On-boarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data
Experience creating and managing Splunk knowledge objects (field extractions, macros, event types, CIM, data models etc) and asisting with developing modules, plugins or API end points.
09/15-11/15
McAfee/ Systems Engineer
Divine Information Technology, INC. - - Bowie, MD.
Build & Setup business or Office IT Networks
Install, Configure & Upgrade Operating systems, Software, hardware, and Applications
Perform, Build as well as maintenance tasks on Laptops, Servers, Desktop PC, Printers, e.t.c.
Troubleshoot & Repair all Computer Equipment
Provide Anti-Virus Install e.g. McAfee, Upgrade and Cleanup, e.t.c.
08/11-09/15
Systems Administrator
I4DM – Millersville, MD
Client: HP – Department of Veteran Affairs
Washington, DC.
Extensive experience in implementing security, web and database security assessment tools, static/dynamic testing tools & boundary defense technologies i.e. IBM BigFix, Tripwire, Rapid7, IBM Appscan, Fortify, Checkmarx, and QRadar for data collection just like Splunk.
Performed analytics examination of logs and Snort based IDS events as well as web server log
Performed Information Assurance Vulnerability Management to improve IA posture and ensure government compliance using SAINT, McAfee Vulnerability Manager.
Performed and evaluated vulnerability scans within a multi-platform, large enterprise environment. Reacted to and initiated corrective action regarding security violations and attempt
to gain unauthorized access, virus infections that may affect the network or other event affecting security. Identified various security risks, threats, and vulnerabilities of networks, systems, and new technology initiatives. Installed firewalls, intrusion prevention and detection systems, enterprise anti-virus systems and software deployment tools. NIST 800-53, NIST 800-37.
Provided complex engineering analysis and support for firewalls, routers, networks, and operating systems. Performed security risk assessments, developed security risk mitigation recommendations, and identified security controls for systems, applications, and networks.
Assessed, implemented, and documented security requirements for Federal information systems and ensured compliance with Computer Network Directives. Participated in the security definition, design review, integration, and testing during system / software development. Conducted network
security reviews that include validation of current network security policy, requirements, design, comparative analysis, and assessment of the information assurance architecture.
Configured firewalls (Cisco 5500 series, Palo Performed log and event management with the use of ArcSight SIEM, Splunk. Alto firewall, SonicWALL), intrusion detection systems (OSSEC, Snort)
and other network security devices. Install, Operate and perform administrative tasks on Linux Redhat 6.x. Utilize Metasploit, WIreshark, NMAP for troubleshooting network and Pen Test.
Implement, Configure, Troubleshoot, Monitor System performance in a Windows Server operating systems for 2003/2008/2008R2 Standard and Enterprise editions. Work with the customer to request new Windows Server hardware and/or resources.
Responsible for system configuration, system backup, software installation and maintenance, software license maintenance, utilization, and system performance for servers supporting a variety of software application systems. Make recommendations to management concerning hardware/software upgrades for more effective system use. Install, Configure and Administer ESXi 5.5 and Vcenter into a virtual environment
Provide primary administration and support for the DFS/FRS, DNS, IIS 6/7, SSL certificates, .Net, Active Directory/LDAP environment which includes Perform assessments on Active Directory environments and implement remediation to assure the stability, security, and scalability of AD
environments. Assist with overseeing all high level Active Directory needs. Design and Implement Active Directory plans for new integrations. Build servers for local and remote sites. Define processes, policies and nomenclature to be used by Directory Services administrators throughout the organization. Delegate access to directory for IT administrators as needed.
Provide SQL server 2003 and 2008 administration support(mirroring, replication, store procedures, triggers and scripts). Administer and Manage Big F5,Coyote Equalizer Load
Balancers. Provide Sharepoint 2007 and 2010 administration support, PKI experience, VMware, HL7, Perl, T-SQL and Microsoft Maps API experience.
Provide analysis support toward problem resolution for the client in software and system performance of production processing and system throughput. Make recommendations and/ or develops new procedures for problem resolution. Perform security audits on designed computer systems to ensure compliance with established client policies. Makes recommendations and/ or
develop procedures to reach compliance. This includes a contingency plan for recovery following a catastrophic system failure.
Formed a Migration Plan for relocating all network hardware, servers from one location to another
Utilize Microsoft Visio to create network diagrams for all servers in the racks. Perform detailed inventory of all network equipment, servers in the racks.
Perform analysis of all security systems log files, review and keep track of triggered events, research current and future cyber threats, reconcile correlated cyber security events, develop and
modify
Contact this candidate