Team Leader Customer Support

KALEB Z. TECLEAB

US CITIZEN

**** **** ** ***** *********, VA 22206 ********@*****.*** 703-***-****

Highly motivated Splunk Professional Services, Cybersecurity Architect, Consultant, and Team Leader

Technology Proficiency

SIEM Tools: Splunk, UEBA, QRadar, ArcSight, ELK

Industry Standards: M 21 31, MITRE ATT& CK, D3FEND, FISMA, FedRAMP, NIST 800 series, OWASP, FIPS-140.2, FIPS-197, ISO 27001/ ISO 27002, PII, PCI, NERC CIP, HIPPA, STIGs, GDPR, CIS Controls, HMM Utilized Platforms: Windows, Unix, Linux distros, macOS

Cloud Platforms: AWS, Azure, GCP

Virtualization Technologies: VMware, Microsoft Hyper-V

Open-source system apps/infrastructures: ELK Stack, OSSEC, Snort, Apache web server

Automation tools: Ansible, Puppet, Chef

Networking: OSI layers, TCP/IP, DNS, VPN, LDAP, AD, IAM

Scripting languages: Python, .NET

Containerization: Kubernetes (beginner)

Soft Skill Highlights

Team building and mentoring

Cross-functional team player

Continuous process improvement

Effective communication and customer support

Proactive and self-driven with a strong sense of ownership

Core Accomplishments

Built strong, high performing team players

Implemented strategic initiatives and approaches to customer’s demand

Developed new procedures or systems that improved things

Professional Experience

DMI, LLC Arlington, VA

Splunk Cloud & Cribl Engineer April 2023 – May 2024

Provide cloud security on AWS, Azure, and GCP using Splunk SIEM for compromised credentials, privileged users, and insider threats.

Cribl stream installation, administration, and configuration.

Splunk and ServiceNow (SNOW) integration, configuration, and troubleshooting.

Splunk and ThreatConnect detection, integration, configuration, and automate response capabilities.

Prepare Splunk daily monitoring report to scrutinize anomalies and spikes across the data sources.

Troubleshoots various data and deployment issues in a large-scale clustered environment.

Utilized Python to analyze large datasets, generating actionable insights for business strategies.

Automated data processing tasks with Python scripts to reduce manual work and runtime by 50%.

Qmulos, LLC Arlington, VA

Splunk Engineer October 2021 - March 2023

Provides Splunk Professional Services for government and commercial clients

Develops saved searched use cases for SOC using multiple regulatory frameworks

Designs dashboards, alerts, and reports for each required use cases

Develop CIM compliant Splunk Technical Add-ons for data onboarding

Develops SPL to discover SWAM, HWAM and VULN assets identification

Develops scheduled searches to automate controls for the Q-Compliance App

Troubleshoots various deployment issues in a large-scale clustered environment

MBL Technologies, Inc. Washington, D.C.

Splunk Engineer October 2018 – October 2021

Cybersecurity role focused on creating logic and content for Security, IT Operations, and Audit Teams using Splunk

Supported Splunk CDM applications and add-ons

Onboarded various data sources (tomcat, IIS, Ngnix…) and created reports, dashboards, and performed related troubleshooting

Managed Splunk deployments on prem, AWS and Azure cloud environment

Created unique dashboards, alerts, and reports for various stakeholders

Planned and executed the installation and upgrading of several Splunk versions

Integrated Splunk with LDAP and Tenable Nessus

Managed Splunk user accounts and license usage

Performed threat hunting and detection for malicious activities across the network and digital assets

IBM CIO IT RISK Transformation and Operation Herndon, VA

Cybersecurity Architect September 2016 – August 2018

Onboarded different data sources into Splunk

Implemented different SIEM use cases

Architected security solutions to IBM internal users

Prepared log management standard for IBM internal users

Utilized Tomcat and Apache web servers for cloud server management

Performed with Log stash data collector engine, Elasticsearch database, and Kibana dashboard (ELK Stack) to provide security solution for log collection infrastructure and architecture

ASMR – An Accenture Federal Services (AFS) Company Chantilly, VA

Cybersecurity Engineer November 2015 – August 2016

Managed Splunk deployments on prem and AWS cloud

Provided hands-on Splunk architectural design and create alerts, reports, and dashboards

Managed and configure Splunk applications on distributed environment (Linux/Windows) to perform customized functionalities

Performed Splunk use cases creation, tuning, and correlation of events

Performed vulnerability assessments including port scanning, ethical cracking, and web application testing, and wireless security assessments

Gap and POAM analyst

Root cause analysis on identified vulnerabilities

Implemented security methodologies and standards such as NIST, FIPS, MITRE ATT& CK, OWASP, CKC, RMF, and others.

RHT Consulting Washington, D.C.

System Integration and Deployment July 2012 – September 2013

Upgrade and deploy Windows servers and workstations

Supported server hardening processes, to include patching and disabling accounts.

Formulate technical solutions to minimize costs.

Certifications

Splunk Certified Core Consultant

Splunk Enterprise Certified Architect

Splunk Enterprise Security Certified Admin

Splunk Enterprise Certified Admin

Splunk Core Certified Power User

Splunk Core Certified User

Ethical Hacking: Social Engineering

Cybersecurity Awareness: Phishing and Whaling

Certified Q-Audit Deployment

Certified Q-Compliance Deployment

Security+

Education and Trainings

Masters in Cybersecurity – University of Maryland Global Campus 2014 - 2016

Linux System Administration – Nova Community College 2007 - 2008

Contact this candidate