Splunk Engineer and Analytics Specialist with 4 Years Experience
Resume:
****************@*****.***
PROFESSIONAL SUMMARY
Service-focused Splunk Engineer with 4 years of experience designing and optimizing dashboards, alerts, reports, and correlation searches using Splunk SPL. Skilled in transforming complex datasets into actionable insights to support service reliability, security operations, and system monitoring. Strong technical background spanning Linux, Windows, AWS, JIRA, ServiceNow, and cloud-based environments.
Expertise includes:
Building and customizing interactive Splunk dashboards for operational and executive-level reporting
Writing efficient SPL queries for performance monitoring, anomaly detection, and troubleshooting
Developing correlation searches and automated alerting for proactive incident management
Collaborating across teams to align Splunk solutions with organizational goals
Advanced data parsing and XML log processing for Windows Event Logs and complex data sources •
Troubleshooting Splunk collect command issues and data indexing workflows
Collaborating across teams to align Splunk solutions with organizational goals
Retired U.S. Army Combat Veteran with 22 years of active-duty service, including leadership as a Senior Logistics Operations Officer. Brings exceptional problem-solving, time management, and mission-focused execution under pressure. Known for self-driven initiative, operational discipline, and the ability to lead and support high-impact technology initiatives.
AREAS OF EXPERTISE
Data & Analytics:
Data Parsing & XML Processing
Data Monitoring & Visualization
Data Onboarding & Observability
Query Analysis & Optimization
Dashboard Drill-Down Development
Security & Infrastructure
Privileged Access Management
Keycloak Authentication Logs
Vulnerability Assessment (ACAS)
Palo Alto Firewall Management
Network Security & Threat Intelligence
Endpoint Protection Monitoring
Technical Administration:
Splunk Administration & Collect Command
Linux/Windows Administration
AWS Cloud & On-prem Environments
Role Based Access Control
License & User Management
Development & Operations:
Software Version Management
Bitbucket & Apache Administration
RHEL & Windows Updates
API Integration & Troubleshooting
App Deployment & Configuration
Project Management:
Team Leadership & Training
Incident Response & IT Operations
Agile Sprint Planning (JIRA)
Documentation (Confluence)
PROFESSIONAL EXPERIENCE
OpenPath LLC - Buford, GA (03/21-Present)
Splunk Engineer (MSSP)
A frontend Splunk Engineer with extensive background in Observability (OOP pipelines) and advanced data parsing solutions. Proficient in using Splunk Processing Language (SPL) to create complex searches, dashboards, and alerts for log analysis and system monitoring. Skilled in analyzing and troubleshooting Kubernetes container logs to monitor application performance, detect issues, and ensure system reliability.
Recent Advanced Projects & Accomplishments:
Data Parsing & Processing Excellence: • ACAS Weekly Scans Dashboard Enhancement: Developed sophisticated data parsing solution using regex field extraction to resolve "First Discovered" and "Last Observed" null value issues. Created manual calculation workaround for finding dates with 90-day historical analysis capability • XML Windows Event Log Processing: Implemented comprehensive XML event log ingestion and parsing system, including nested element handling and graceful error management for malformed logs • Splunk Collect Command Optimization: Diagnosed and resolved collect command indexing issues, ensuring proper event writing to target indices with validated metadata preservation
Security & Authentication Monitoring: • Keycloak Log Integration: Established end-to-end Keycloak authentication log monitoring in Splunk, including custom field parsing for timestamps, users, realms, and event types with corresponding alerting infrastructure • Palo Alto Security Dashboard Restoration: Comprehensive remediation of Palo Alto application security and networking issues, restoring critical dashboards for User Behavior, SaaS Activity, File Activity, Web Activity, and Global Protect Activity monitoring • Endpoint Protection Dashboard Development: Created advanced monitoring solutions for device patching, vulnerability status, and privileged access management with real-time threat detection capabilities
Infrastructure & Version Management: • Software Version Dashboard Expansion: Enhanced software version tracking dashboards to include Bitbucket, Apache, Windows, and RHEL version monitoring with automated update notifications • Dashboard Drill-Down Functionality: Resolved complex drill-down issues across multiple dashboards, ensuring seamless navigation and data accessibility for end users
Core Technical Expertise: • Experience in multiple SIEM platforms (Splunk, Cribl, SumoLogic) • Multi-vendor environment integration including SaaS solutions • Enterprise logging with focus on security event monitoring • Continuous integration and delivery SDLC with automation • Splunk REST API implementation • AWS public cloud platform expertise (EC2, S3, SNS, SQS) • Agile/SAFE methodologies utilizing JIRA and ServiceNow • Regular expressions and BASH scripting • Enterprise-scale operations and maintenance
Dashboard & Visualization Development: • Privilege Escalation Monitoring Dashboard • Security Operations Center Overview Dashboard • Threat Detection and Response Dashboard • DataModels, Lookups, Eventtypes, and Calculated Fields creation
Log Source Integration Experience: • Zscaler Syslog Migration • Palo Alto firewall logs • Linux and Windows Event Logs • AWS Logs and General System Logs • Keycloak Authentication Logs • XML-formatted Windows Event Logs
Infrastructure Management: • GitHub/GitLab version control • Linux Server Builds and AWS Security Groups configuration • Splunk Web configuration including banner modifications and user/role management • Development and Production synchronization • ServiceNow ticket management (case, incident, problem) • Confluence documentation creation and maintenance
Previous Experience:
Continuing Education (06/19-03/21)
DynCorp International - Abu Dhabi (06/18-06/19)
Logistics Site Manager • Managed all US Air Force Logistical site operations and personnel • Provided strategic planning and technical logistics expertise • Planned resources for competing priorities and managed project timelines • Selected, developed, and motivated staff while negotiating transportation costs
US ARMY - Global (04/13-02/18)
Senior Logistics Advisor/Manager • Performed senior level logistic operations globally, managing the largest multi-level operation in Kuwait and El Paso, TX • Supervised over 150 personnel across Transportation, Bulk Fuel, Water, Ammunition accountability and automated logistics warehouse functions • Maintained quality
control processes and ensured compliance with safety protocols • Responsible for accurate and timely logistics status reporting (LOGSTAT)
EDUCATION:
Bachelor of Science: Trident University International (CA) - Business Administration
CERTIFICATIONS:
Security Clearance: • Top Secret/Secret with SCI ELIGIBLE • Past Secret Cleared based on SSBI with Counterintelligence (CI) Polygraph
Professional Certifications: • Splunk Core Certified User • Splunk Power User • Splunk Admin • Defense Acquisition Workforce Improvement Act (DAWIA) Certification
Acquisition Level 2, Systems Engineering Level 2, Information Technology Level 2 • Lean Six Sigma Course
Leadership & Professional Development: • Equal Opportunity Course • Supervisor Development Course • Sexual Harassment/Assault Response and Prevention Course • Conflict in the Workplace Training
Contact this candidate