Data Security

SUMMARY:

* ***** ** ****** ********** as Splunk Administration/Developer, Software Analysis, Design and Development for various software applications in providing Business Intelligence Solutions in Data Warehousing for decision Support Systems, and Database Application Development.

Expert in Extracting, Transforming, Analyzing, Visualizing, and presenting data from diverse business areas in novel and insightful ways to enable Directors, Vice Presidents, and C-level executives to take informed action.

Experience in using various configuration management tools to handle servers and to automate scripts like Puppet & Chef.

Splunk Certified Admin - 8.x/8.3 and Splunk Certified Power User-8.x/8.3.

Certified Sumo Power Admin, Sumo Pro User, Certified Sumo Power User.

Certified AWS Technical Professional.

Certified Information Security Expert (CISE-Level: 1).

Excellent experience in Operational Intelligence using Splunk 8.x/7.x/6. x.

POC's with the Confluent Schema Registry, Rest Proxy, Kafka Connectors for Cassandra and HDFS (Hadoop 2.0);

Strong experience in all facets of SDLC viz. requirement analysis, designs, development, testing, and post implementation revisions (Agile/Scrum/Waterfall).

Experience in scripting languages like Python, Shell and Perl to automate the log rotations, onboarding data from various application teams and to reload deployment servers.

Expertise in developing proof of concepts (POC) on Splunk Enterprise Security (ES) implementation mentored and guided security team on understanding the use cases in Splunk.

Experience in providing monitoring and response to security events for Security Operations team (SOC).

Experience in working with Splunk authentication and permissions and having significant experience in supporting large scale Splunk deployments.

Expert in installing SPLUNK apps for Linux and UNIX environments.

Experience in creating and developing various configuration files in Splunk (props.conf, transforms.conf, inputs.conf, outputs.conf, authentication.conf, authorize.conf).

Experience in Big Data and familiar with components of Hadoop Ecosystem: HDFS, Hive, HBase and Pig.

Expertise in Hadoop Application Development and integrated in to Splunk.

Good knowledge about Splunk architecture and various components (indexer, forwarder, search heads, deployment server), Heavy and Universal forwarder, License model.

Expertise in Preparing, arranging and testing the Splunk search strings and operational strings.

Extensive experience in deploying, configuring, and administering Splunk Clusters.

Experience in developing Splunk queries and dashboards targeted at understanding application performance and capacity analysis.

Experience in working with Change / Incident Management teams to apply changes to existing servers and to onboarding new data to Splunk servers.

Extensive knowledge in creating Actuate reports using XML, Dashboards, visualization and pivot tables for the business users.

Excellent written, analytical, co-ordination, interpersonal, leadership, organizational and problem-solving skills, Ability to adapt, learn new technologies and get proficient in them very quickly.

TECHNICAL SKILLS:

Log Management Tool/ Monitoring Tool

Splunk & Splunk ES, Splunk on Splunk, Splunk DB 2 Connect, Splunk Cloud, Splunk IT Service Intelligence, Splunk Web Framework, and Nagios

Security/ Vulnerability Tools

Crowdstrik, Palo alto, MacAfee, Check Point, Cisco Source Fire, Nessus, Rapid &&Proofpoint

Remote Tools

Putty, mRemoteNG

Ticketing Tools

Jira, Archer, Service Now, IBM Resilient

Operating Systems and languages known

Windows 7/8/10, Red hat Linux, Centos, AWS, Python, Java Scripting

SIEM (Having Knowledge):

IBM Qradar/ ArcSight

EDUCATIONAL DETAILS:

Mechanical engineering from JNTUH-2011Guntur.

PROFESSIONAL EXPERIENCE

Splunk Admin

IDB Bank, New York.

Aug 2017 – Till date

Responsibilities:

Creating SQL loader scripts to load data from flat files into the database and creating External Tables to manage data which is store at the OS level.

Splunk DB Connect 2.0 in search head cluster environments of Oracle.

Created Splunk App for Enterprise Security to identify and address emerging security threats using continuous monitoring, alerting and analytics.

Worked on Amazon AWS, configuring, launching Linux and windows server instances for Splunk deployment.

Dashboards and Reports to show Login count of each application, to show which app resources being accessed more, Number of failed logins, statistics on High hitting applications.

Prepared, arranged and tested Splunk search strings and operational strings.

Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Outputs.conf and Inputs.conf files.

Perform daily log reviews for Possible NOW's security infrastructure to include firewall, security gateways, system, network, Splunk, etc.

Used Some App Dynamics to Check the data in Applications performance.

By using AWS collect detailed billing data and in-depth analysis of Amazon Web server.

Worked with SIEM (security information and event management), Manage Splunk user accounts (create, delete, modify, etc.) Scripted SQL Queries in accordance with the Splunk.

Interpreted and developed SIEM products to meet the internal and external and customer requirements.

Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms.

Installing of Splunk Enterprise, Splunk forwarder, Splunk Indexer, Apps in multiple servers (Windows and Linux) with automation.

Monitored Splunk infrastructure for capacity planning, system health, availability, and optimization.

Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management

Maintain current functional and technical knowledge of the Splunk platform and future products.

Managing Splunk Deployment Server for distributing configurations, apps, and content updates to groups of Splunk Enterprise instances.

Developed end to end data processing pipelines that begin with receiving data using distributed messaging systems Kafka through persistence of data into HBase.

Implemented Spring boot microservices to process the messages into the Kafka cluster setup.

Closely worked with Kafka Admin team to set up Kafka cluster setup on the QA and Production environments.

Had knowledge on Kibana and Elastic search to identify the Kafka message failure scenarios.

Implemented Kafka producer and consumer applications on Kafka cluster setup with help of Zookeeper.

The ability to create, de-code and debug complex Splunk queries.

Managing indexes and cluster indexes, Splunk web framework, data model and pivot tables.

Environment: Splunk 6.x, Splunk Enterprise, Splunk modules, Splunk DB connect, Web Logic server 8.x/9.x/10.x/11g, Tomcat 6.x, Apache 2.x, Solaris10, Oracle 11g/10g, Me, Version Controls SVN, GIT, web services, SSL, SIEM

Splunk Admin/Developer

CIT livingston, New Jersey.

June 2015 – July 2017

Responsibilities:

Install and maintain the Splunk adds-on including the DB Connect 1, Active Directory LDAP for work with directory and SQL database.

Installed HTTPS certification for splunk

Played a major role in understanding the logs, server data and brought an insight of the data for the users.

Collected data from various resources. Installed forwarders, Indexers, Search Heads on the servers.

Field extractions for the log files, extracted complex Fields from different types of Log files using Regular Expressions.

Configured LDAP Develop custom app configurations (deployment-apps) within SPLUNK.

Managed Confluence users, permissions, user's directories. Configured all configurations required for splunk

Created EVAL Functions where necessary to create new field during search run time

Defined KPIs for ITSI, alerts and Glasstables and KPI base searches. Backup the configuration in ITSI. worked on applications likely DBconnect, Firebridage, ITSI and Add-ons

Worked on DB Connect configuration for Oracle, MySQL. Configured Distributed Management Console(DMC)

Environment: Splunk, LDAP, MySQL, Linux, Bash, Perl, Hbase, Hive, Pig, Oracle 11g, MS SQL Server 2012, TFS,SVN.

Splunk Developer

Rackspace, SanAntonio TX

Sep 2013 – May 2015

Responsibilities:

Built many of the proof-of-concept Dashboards for IT operations, and service owners which are used to monitor application and server health.

Expert in Analyzing the Security Related Logs from various sources using SIEM system which creates alerts whenever it detects Anamolous Transactions and also blocks malicious activities.

Maintenance of SPLUNK Environment with multiple indexers.

Played a major role in understanding the logs, server data and brought an insight of the data for the users.

Managing SPLUNK universal forwarder deployment and configuration, Monitoring and Maintaining Splunk performance and optimization after deployment.

Developed complex dashboards to monitor manage and track the traffic volume across, response times, Errors, Warnings across various data centers, applications and servers.

Helped in integration of Splunk with service now, Maintaining Splunk Instance and Monitoring health of the Cluster.

Depending upon the Data retention requirements configured and maintained hot, warm, and cold buckets.

Conducted and automated Splunk configuration files susch as Props.conf, transforms.conf, inputs.conf, outputs.conf setting, Props file management for event breaking and time stamp matching.

Responsible for daily Security checks, monitoring unsuccessful logons, monitoring inactive users and locking the inactive users in production system i.e. daily Health Checks.

Checking for Suspicious Behavior, Compromised Account, Remote Account Takeover using User Behavior Analytics.

Worked on setting up Splunk to capture and analyze data from various layers Load Balancers, Web servers and application servers.

Involved in setting up alerts for different type of errors, Analyzed security based events, risks and reporting instances.

Designed core scripts to automate Splunk Maintenance and alerting tasks.

Migrating some of the servers with Elastic Search tool for monitoring Health of the servers.

Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.

Various types of charts Alert Settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects.

Experience in working with Splunk authentication and permissions and having significant experience in supporting large scale Splunk deployments.

Used the Splunk DB Connect application to associate and integrate unstructured data from web logs, syslogs and access logs with structured data from the firm’s Microsoft SQL Server database, providing the firm with meaningful context and business insight.

Deployed Splunk Enterprise on AWS to gain real-time visibility across AWS and entire IT environment.

Analyzed FACETS for Group Information, Enrolling Subscribers, adding members, Related Entities, Class/Plan definition and Premium Rate Tables.

Involved in helping the UNIX and Splunk administrators to deploy Splunk across the UNIX and windows environment.

Create dashboard from search, Scheduled searches Inline search vs. scheduled search in a dashboard.

Generated Splunk Search Processing Language (SPL) queries, Reports and constructed

Dashboards using XML, arranged and tested Splunk search strings and operational strings.

Environment: Splunk 4.3,5.0,6.0,6.1 Tomcat 6.0, IBM HTTP Server, Splunk Enterprise Security, Splunk UBA, Apache 2.0, Solaris10, Windows 2008, Oracle 11g/10g, web services, LDAP, AWS, HTML, XML, SSL, JDBC. Datameer, Linux, Bash, Perl, Hawq, Sed, rex, erex, Splunk Knowledge Objects, Python.

SQL Developer

Wipro: Bangalore, India.

Sep 2011 – Aug 2013

Responsibilities:

Created, Maintained and scheduled various reports in SSRS like Tabular Reports, Matrix Reports and Parameterized Reports using SQL Server Reporting Services SSRS.

Involved in writing various DB Objects like User defined function, instead of triggers, Usage of Indexes for accomplishing various tasks, worked on Performance tuning queries by looking at the Indexes, Appropriate joins, Query Statistics and Execution plans.

Created Stored Procedure, Views, Cursors and functions to support application.

Developed confidential proprietary analytical tools and reports with Microsoft Excel, and Power Pivot, and Power Point.

Extensively worked on creating SSIS packages and have used for each Loop containers, Sequence Container for developing processes and loaded data using different transformations such as Derived Columns, Condition Split, Aggregate, Merge Join and Union all.

Deployed and scheduled reports using SSRS to generate all daily, weekly, monthly and quarterly reports including current status.

Creating Distributed Partitioned Views, Debugging/Troubleshooting Stored Procedures, upgrading existing ones.

Used Database Engine Tuning advisor and SQL Profiler for Monitoring memory, processor, Disk I/O and SQL Queries.

Developed and delivered dynamic reporting solutions using MS SQL Server 2008 Reporting Services (SSRS).

Conducted and implemented T-SQL queries for developing complex stored procedures, triggers, tables, user functions, CTE, user profiles, relational database models and data integrity, SQL joins and query writing.

Extensively created SSRS reports (Executive Summary report for Annual and Quarterly) and Configured Report Server on all the environments. Also automate deployment for SSRS reports for all the environments.

Wrote stored procedure and function used in SSIS package and SSRS reports.

Configured Database Mail, created operators, jobs and alerts for automating databases.

Created ETL packages with different data sources (SQL Server, Flat Files, Excel source files, XML files etc.) and then loaded the data into destination tables by performing different kinds of transformations using SSIS packages.

Experience in Database Backup, Recovery and Disaster Recovery procedures.

Involved in monitoring and tuning report performance by analyzing the execution plan of the report.

Developed DTS Packages to transform data to MS SQL Server from Excel for further analysis.

Design of ETL processes to transfer customer related data from MS Access, excel to SQL Server.

Actively supported Business users for change requests and provide support to team members.

Data migration (Import & Export - BCP) from text to SQL Server.

Environment: SQL Server 2008, SSRS 2008, SSIS, SSAS, TFS, Query Analyzer, SQL Profiler, Active Directory and Windows XP platform, Web services, Visual Studios 2008, Data Transformation Services, and T-SQL.

Contact this candidate