Cloud Administrator Data
Resume:
LILIANE JIOGUE TAZO
Splunk Engineer / Splunk Administrator/ Splunk Developer
***********@*****.***
***** ****** *****, ******, **, 20707
PROFESSIONAL SUMMARY
Resourceful Splunk Engineer, Splunk Enterprise Administrator and Splunk Cloud Administrator with eight years background in information and technology. Progressive experience marked by continuous contributions above and beyond requirements. Career achievements in Splunk deployments, network buildouts, and data security. PROFESSIONAL EXPERIENCES
Splunk Engineer May 2020 – Present MATRIX RESOURCES (END CLIENT WELLS FARGO BANK) /CONTRACT
- Provide Splunk consultation, support and recommendation to clients and line of businesses.
- Perform requirement gathering for data on-boarding from clients and perform data data on- boarding from different end points using UF, HF, HEC, Splunk DBconnect etc.
- Manipulate different type of data input such as local files, files and directories, data from UDP and TCP, through HEC, scripted inputs.
- Create custom apps for new data into Splunk, map serverclass with UF/ deployment client, whitelist hosts.
- Perform configuration development work in Dev environment, promote configuration to UAT for the client’s review and to PROD after validation and change review.
- Configure rsyslog for logs from syslog servers through the heavy forwarder.
- Test data and Custom new sourcetype.
- Manage indexes.
- User role access and permission for Splunk Enterprise and for Splunk Cloud.
- Write regex to perform field extraction at search time.
- Help solving requests for Splunk performance issue, optimizing Splunk searches, custom dashboard, report and alert, summary index, all about knowledge, data onboarding issues, update, and others.
- Created knowledge objects such as dashboards, reports, alerts, tags, field aliases, event types, lookups, workflow actions, field extractor, fields and others.
- Use CIM to normalize data (normalize data in pivots), to validate data indexed data for compliance (using Splunk add-on builder) and to improve performance through data model acceleration.
- Create data model and pivot for reports and for visualization.
- Build dynamic dashboard with different inputs (dropdown, time, multi-select, submit button etc..), with filter, drilldown etc… and manage permission.
- Manage Prebuilt panels.
- Create and develop custom applications in Splunk.
- Apps reviews
- Splunk upgrade and apps migration.
- Troubleshoot configuration files etc…
- Work alongside with SOC, helping them on Splunk Enterprise Security investigation
(threat detection).
Splunk Engineer August 2017- April 2020
TRINITECH CONSULTING COMPANY BELTSVILLE-MD (END CLIENT CHRYSALLIS INC )/CONTRACT
- Implemented and maintained Splunk infrastructure in a single environment and in a clustered environment on-prem and in Splunk Cloud or through a third-party cloud provider.
- Set up new Splunk instances for scaling, migration, and re-architecting optimal solution for existing instances.
- Resolved configuration-based issues in coordination with infrastructure support teams.
- On-boarded data into Splunk from many sources such as windows servers, application servers, syslog servers etc.
- Configuration troubleshooting
- Designed and managed inputs for Universal Forwarder/Heavy Forwarder to capture data.
- Identify unnecessary log events in Splunk and work with the teams to correct system issues generating excessive log events.
- Documented existing and newly ingested data sources. work with users requesting new data sources.
- Managed Splunk indexes (create news indexes and delete old or unused indexes as necessary).
- Managed parsing, event line breaking, timestamp extraction.
- Performed SPL searches for search performance, summary indexes and report acceleration.
- Created knowledge objects such as dashboards (using xml, etc.…), reports, scheduling searches, alerts, tags, field aliases, event types, search time fields extractions, and others
- Prepared arranged, and tested Splunk search strings and operational strings.
- Deployed Splunk apps and created custom apps.
- Apps upgrade
- Splunk Upgrade and migration
- Created and managed new Lookups. Troubleshooting Splunk issues on the back end and on Splunk Web. User Management (creating roles and user authentication).
- Used the Monitoring Console to investigate Splunk performance, resource usage and more.
- Managed application enhancements to improve performance and stability.
- Updated vulnerability dashboard to make sure that Tenable data are loading on the panel.
- Ensured that security data is CIM compliant by checking our existing data model and comparing the fields with Splunk data model using Splunk docs.
- Installed and managed Splunk certification for Splunk inter-connection
- Checked the tagging and creating Fields Aliases when the field names were not matching the prescribed field names. Worked alongside with CSIRT (Computer Security Response Team).
Control Agent in IT and Technology Department at ECOBANK September 2013- July 2016
- Controlled all operation input into the system using Linux for report consolidation.
- Used Active Directory permission to extract or export file from the window server.
- Developed regulatory strategies to fix deficiencies and meet banking compliance and regulation.
- Processed the balancing reconciliation of internal and external account.
- Produced daily, weekly, monthly, and annual report for all bank operation input of my branch.
- Monitored and logged management on UNIX and Windows servers, including processes, crash and swap management with password recovery and performance tuning.
- Used bash shell scripting to schedule and automate processes.
- Used bash shell script to execute programs and print files. EDUCATION
Master in International Relations option International Marketing in Institute of International Relations of Cameroon 2013
Master in Economic Science and Management in University of Yaoundé II 2010 Bachelor Economic Science and Management University of Dschang 2009 CERTIFICATIONS
- Splunk Core Certified User
- Splunk Core Certified Power User
- Splunk Enterprise Certified Admin
- Splunk Enterprise Security Certified Admin
TECHNOLOGY SKILLS
OS: Windows, Linux
Software: Office365(Word • Excel • PowerPoint), powershell Tech Stack: AWS, Vmware, Vagrant, virtual box, Sv code, GIT and GITHUB scripting language: BashShell, Python, XML
Software: Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud, Scribl Automation tools: Terraform, Ansible
Security: Security Incident, Incident Respond, Thread detection, Malware detection, Key indicators, Risk scores, Risk Objects, Risk factors, Security investigations etc…
Contact this candidate