Rain Lilly Lane Brampton L6R 1S4
Immigration Status: Open work permit
Around 4+ years of experience in various places of software development and experience in configuring and implementing splunk server.
Expertise in customizing splunk for monitoring, Application management and security.
Streamlined operations, realize efficiencies and cost saving by integrating teams across service lines, resulting in savings.
Strong experience with Splunk 5.x and 6.x product, distributed Splunk environment.
Expertise in Installation, Configuration, Migration, Trouble-Shooting and Maintenance of Splunk infrastructure.
Expert in using several search commands like streamstats, eventstats, maxsearch, stats, chart, time chart, transaction, strptime, strftime, eval, where, xyseries, table etc.;
Design, Deploy, and Support enterprise Splunk logging application. Assist other enterprise instances as Splunk Subject Matter Expert SME.
Creating accurate reports, Dashboards, Visualizations, Elastic search and Pivot tables for the business users.
Experience in using Splunk platform in Linux and windows
Good knowledge of creating and implementing of shell scripts to take care of Splunk file backup, monitoring alert log and log rotation.
Creating and Managing Splunk DB connect Identities, Database Connections, Database Inputs and Outputs, access controls.
Experience in Operational Intelligence using Splunk platform.
Experience with Splunk UI/GUI development activities by managing the Splunk knowledge objects like Field extraction, Tags and Lookups management.
Familiar in System Administration with Windows 2003-2008 Servers, Red Hat Linux Enterprise Servers, Solaris and IBM AIX servers.
Experience in developing END to END planning & Implementation of Various Network Devices and Business Application with the SIEM Device - QRADAR/SPLUNK.
Expert level understanding of Qradar Implementation & its Integration with other N/W devices and Applications and the troubleshooting work.
Experience in creating custom views, reporting and automated alerting for both operational and security use using Qradar.
Ability to Debug Splunk related and integration issues.
Configured Clusters for load balancing and fail over solutions.
Implemented workflow actions to drive troubleshooting across multiple event types in Splunk.
Extensive knowledge in writing Packages, Stored Procedures, Functions and Database.
Triggers using PL / SQL and UNIX Shell scripts.
Strong qualitative analysis skills to lend insight into highly ambiguous and sensitive business problems. In-depth understanding of processes and technology integration challenges.
Hands on experience in Python, Shell Scripting, TIBCO designer, Oracle SQL, Siebel eScript, Java Script, CSS, HTML, Auto Hot Key.
IBMQradar, Splunk, IBM Guardium.
Splunk 5.x and 6.x, Splunk Enterprise, Splunk on Splunk, Splunk DB Connect, Splunk IT Service Intelligence, Splunk Web Framework, Splunk Machine Learning Tool kit, Splunk Hunk.
Windows 2000, XP, Windows NT, Unix/Linux (Red Hat), VM Ware.
Requirement Analysis, Business Analysis, detail design, data flow diagrams, data definition table, Business Rules, data modelling, Data Warehousing, system integration
Oracle 11g/10g/9i/8i, MS-SQL Server 2000/2005/2008, Sybase, DB2 MS Access.
Apache Tomcat 6.0, web logic8.1/9.2, web sphere 6.0
SDLC, Object Oriented Analysis and Design.
C, C++, Java, Python, UNIX shell scripts.
Splunk Developer Aug 2019 - Present
Herjavec Group - Toronto, ON
Designing and implementing Splunk-based best practice solutions.
Requirement gathering and analysis. Interacted with team members and users during the design and development of the applications and Splunk Objects.
Receiving promptly, handling, gathering requirements through remedy tickets and resolving at on time.
Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.
Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.
Creating, maintain, support, repair, customizing System & Splunk applications, search queries and dashboards.
Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app.
Developed Splunk Objects and reports on Security baseline violations, Non-authenticated connections, Brute force attcaks and many usecases.
Good experience in working with SNMP traps and Syslog NG in onboarding the security devices on Splunk.
CI/CD integration for testing environments using Concourse.
Design, support and maintain large Splunk environment in a highly available, redundant, geographically dispersed environment.
Installed Splunk Common Information Model add-on is packaged with Splunk Enterprise Security, Splunk IT Service Intelligence, and the Splunk App for PCI Compliance.
Install, configure, and troubleshoot Splunk. Experience with regular expressions and using regular expressions for data retrieval. Work with application owners to create or update monitoring for applications.
Experience creating and maintaining Splunk reports, dashboards, forms, visualizations, alerts.
Good experience in building Splunk Security Analytics. Lead logging enrollments from multi-tier applications into the enterprise logging platforms.
Developed specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow.
Strong knowledge of Windows, Linux, and UNIX operating systems.
Experience in responding to requests and incident tickets within defined Service Level Agreements.
Supports, Monitors and manages the SIEM environment
Integration of Splunk with a wide variety of legacy and security data sources that use various protocols.
Installation and configuration of Splunk apps to onboard data sources into Splunk
Experience with creating disaster recovery plans and testing.
Manage and support change in the environment. Experience of working on a very large enterprise environment
Splunk SPL (Search Processing Language) and Dashboarding/Visualization. Setup dashboards for network device logs.
Developed alerts and timed reports Develop and manage Splunk applications. Have done many POCs.
Security Engineer June 2017 – July 2019
Simmex Infotech Pvt.Ltd ( Remote )
Created and configured KPI's in Splunk IT Service Intelligence (ITSI).
Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
Designing and maintaining production-quality Splunk dashboards.
Maintained the high availability of Splunk Infrastructure in production environment.
Researches, designs and develops infrastructure, and tools that will support security requirements and log management for the enterprise.
Provides engineering analysis, design and support for firewalls, routers, networks and operating systems. Performs vulnerability scans using vendor utility tools. Monitors security audit and intrusion detection system logs for system and network anomalies.
Migrated rules from ArcSight into Splunk6.6.3. Developed searches to match the results expected the same seen in ArcSight.
Developed customized python for dev and Shell scripts for production environments to install, manage, configure multiple instances of Splunk forwarders, indexers, search heads and deployment servers.
Configured Splunk for dynamic analytics and machine data indexing
Worked on Splunk search processing language, Splunk dashboards and Splunk DB connect app.
Created Splunk App for Enterprise Security to identify and address emerging security threats using continuous monitoring, alerting and analytics.
Using VMware for Cloud Computing and Splunk Virtualization Services.
Worked on Amazon AWS, configuring, launching Linux and windows server instances for Splunk deployment.
Expertise with Design, Implementation, Configuration and Management of Splunk Enterprise.
Involved in the requirement gathering and analysis. Interacted with team members and Business users during the design and development of the application.
Worked on developing internal web application, Employee Ideal Portal using JAVA, JSP and Spring Framework
Used monitor text files and convert their contents into syslog messages.
Created Access controls, to the user by creating AD (Active Directory) groups power and usergroups.
Assisted stakeholders of Splunk in designing and maintaining production-quality data, dashboards and various applications.
Involved in Proof-of-Concepts (POC) on Splunk implementation mentored and guided other team members on Understanding the use case of Splunk.
Working on Splunk ITSI glass tables, deep dives, ITSI modules.
Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields into Splunk.
Developing SIEM configurations, use cases and operational models or specific security solutions to meet the customer's requirement and assess risks imposed by technical solutions
Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
Created several different dashboards for multiple different teams and clusters in Splunk infrastructure.
Install Splunk forwarder and Splunk indexers and Search heads on various platforms like windows, Linux, Unix.
Installed, configured and administered Splunk Enterprise Server and Splunk Forwarder on RedHat Linux and Windows servers.
Hands on development experience in customizing Splunk dashboards, visualizations, configurations, reports and search capabilities using customized Splunk queries.
Experience supporting large scale Splunk deployments.
Troubleshoot Splunk components like forwarders, indexers and search heads and performance issues.
Importing the data in Splunk through inputs.conf, props.conf and transforms.conf.
Create multiple Splunk role-based LDAP authentication.
Use Splunk Nessus app to import, convert and ingest scan data for reporting
Conducts penetration testing and vulnerability management practices.
Prepared, arranged and tested Splunk search strings and operational strings.
Created and configured management reports and dashboards.
Splunk Developer June 2016 –May 2017
Midzone Technologies, Kerala India
Provide regular support guidance to Splunk project teams on complex solution and issue resolution.
Expertise with Splunk UI/GUI development and operations roles.
Supported Splunk environment with 96 Indexers, n number of forwarders, 6 search heads and generated 15 TB of data per day.
Creating DevOps dashboard that aggregates data across multiple services to identify critical threats and proactively mitigate risks.
Plan and Build Splunk Cluster environment with High Availability resources.
Data Extraction is done using Sqoop to load from Oracle DB to Data lake (Big data) platform.
Designing and maintaining production-quality Splunk dashboards using Xml.
Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
Scripting and development skills (Python) with strong knowledge of regular expressions
Supports, Monitors and manages the SIEM environment.
Installation and configuration of Splunk apps to onboard data sources into Splunk.
Manage and support change in the environment. Experience of working on a very large enterprise environment.
Splunk SPL (Search Processing Language) and Dash boarding/Visualization. Setup dashboards for network device logs.
Developed alerts and timed reports Develop and manage Splunk applications. Have done many POCs.
Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
Developed build scripts, UNIX shell scripts and auto deployment processes.
Experience on use and understand of complex RegEx (regular expressions).
Bachelor’s in Computer science and engineering LBS College of Engineering (Kannur university)
July 2013 - May 2017