Ernest L. Manning Jr.
Summary
Results-oriented achiever with proven ability to exceed targets and drive success in fast-paced environments. Combines strategic thinking with hands-on experience to deliver impactful solutions and enhance organizational performance.
Overview
24
24
years of professional experience
1
1
Certification
Work History
Cyber Security Engineer—Splunk Administrator
Cyber Security Engineer—Splunk Administrator
11.2022 - Current
- Analyzing data in Splunk indexes to determine relevant queries to populate specialized reporting dashboards, and modify Splunk Enterprise Security default searches to remove irrelevant alerts
- Built dashboards, views, alerts, reports, saved searches using XML and Search Processing Language(SPL)
- Developing and implementing solutions to integrate mission application generated data (collected in S3 buckets or stored on a traditional file system) into Splunk indexes
- Utilize experience with Splunk Enterprise and Splunk Enterprise Security including installation and configuration to improve implementation and address evolving system needs
- Monitored license usage, indexing metrics, Index Performance and forwarder performance
- Created Correlation Searches for security incidents through Splunk Enterprise Security
- Experience with configuring, monitoring, and troubleshooting Splunk
- Configure/monitor SolarWinds Platform, Upgrade to latest Versions
- Installed SolarWinds version (2023.4 in Dev Environments for On Prem and AWS deployments
- Tested offline and online packages within a Dev environment for large M5 deployments
- Created EC2 instances with SQL/RDS database
- Extensive experience working in an Agile environment
- Manage/Configure AWS EC2 cloud instances, security groups and S3 storage
- Experience with implementing and managing SIEM (e.g., Splunk), end-point security (IDS/IPS and HBSS
- Collaborated with IT teams to integrate security measures into software development processes, enhancing overall application security.
- Reviewed logs regularly to detect suspicious activity patterns before they escalate into full-blown incidents, enabling rapid response efforts when necessary.
- Conducted regular penetration testing to identify vulnerabilities and address them proactively, strengthening system defenses.
- Optimized existing security tools by configuring custom rulesets tailored to the organization''s specific needs, enhancing threat detection capabilities.
- Enhanced network security by implementing advanced threat detection systems and conducting regular vulnerability assessments.
- Developed comprehensive security policies and procedures for the organization, resulting in improved protection against potential threats.
- Managed incident response activities during critical security events, effectively containing threats and minimizing damage to systems and data.
Cyber Security Engineer—Splunk Project Manager
Cyber Security Engineer—Splunk Project Manager
11.2021 - 04.2022
- Leading the implementation of necessary tools, processes and reporting to ensure success of transformation
- Help design, plan, and implement enterprise wide support focused tools and technology supporting agency processes
- Assist driving a successful program and project implementations by helping IT identify the right requirements
- Validated experience in a high growth, highly scaled SaaS environment-excellent customer support
- Deployment and Managing supported and unsupported Splunk Add-ons that are required for specific data sources
- Utilize tools-Jira, confluence for team collaboration-Agile/Scrum Focused methodologies
- Integrations with other systems via API or other similar methods
- Provide documentation such as body of evidence documents (as needed), engineering documents, change management documents, system security plans, and accreditation documents
- Deliver a comprehensive Splunk deployment document to detail the specifications, deployment methods, and other architectural considerations to the production environment
Splunk Engineer
Splunk Engineer
11.2019 - 05.2020
- Fuel solutions to ensure enterprise deployments make the deepest impact possible across an organization
- Ability to drive complex deployments of Splunk while working side by side with the customers to resolve their unique problems
- Use Splunk as the primary security platform for your work
- Propose innovative uses cases for security and compliance
- Design and implement dashboards and reports; create rapid prototypes
- Keep pulse on cybersecurity trends, issues, and ideas
- Monitor Security Posture thru Enterprise Security
- Administer Enterprise Security
Critical Incident Response Manager
Federal Bureau of Investigations
02.2019 - 11.2019
- Company Overview: The contractor shall assist the government in developing a comprehensive FBI-wide cyber incident response strategy and plan
- The contractor shall assist the government in developing a comprehensive FBI-wide cyber incident response strategy and plan
- The strategy and plan shall comply with DOJ and ODNI cyber incident response requirements
- The contractor shall include FBI specific refinements/enhancements to the Threat Vector Taxonomy identified by US-CERT and NIST 800-61 Revision 2 in the strategy and plan
- The contractor shall interact with technical and non-technical personnel across the FBI involved with all aspects of cyber incident response processes in order to complete this task
- The contractor shall assist the government in developing a comprehensive FBI-wide cyber incident response strategy and plan
Cybersecurity Tier II Analyst
Department Of Energy
09.2017 - 02.2019
- Perform the monitoring, analysis, correlation and reporting of cybersecurity issues
- Provide guidance and recommendations for new tools based on changes in threats, architecture, technological advances, or organization mission
- Implementation of new tools and modifications to architecture; updates, maintenance, and monitoring of cyber security tools
- Analyze changes, events, and other potential incidents for risk to the environment; event analysis, incident determination, and incident management
- Network traffic analysis, firewall functionality, log analysis
- Experience with Security Incident and Event Management tools, Log Management and Correlation tools, and Antivirus/anti-malware tools
Security Engineer, Incident Response
TSA/DHS
09.2016 - 09.2017
- Company Overview: Security Engineer for Transportation Security Administration
- Security Engineer for Transportation Security Administration
- Troubleshoot and remedy various technical issues dealing with McAfee Sidewinders and Cisco ASA firewalls
- Administers Norton Secure Endpoint Protection antivirus while protecting/recovering critical data
- Coordinates/creates RFC request to update changes on Cisco ASA and McAfee Sidewinder firewalls
- Utilize BMC Remedy IT Service management tool for tracking, monitoring, updating customer IT issues
- Provides network content filtering using McAfee Web washers and Microsoft ISA
- Utilize Arcsight/SourceFire to monitor and troubleshoot network security related issues
- Monitors Solarwinds and provides technical expertise on various security subjects for TSA network
- Administers Site Protector, monitors for Security Events thru Splunk Enterprise Security
- Utilize Microsoft Antigen and Forefront to update and block malicious emails
- Establish and manage Logger user/group controls, specify global login, password, resource authorization and authentication settings, alerts and notification policies
- Configure event source devices/device groups, event Receivers, Forwarders, Destinations, supporting security authentication settings, and optional connector management facilities
- Provide day-to-day management/maintenance of ArcSight devices
- Performed Nessus Vulnerability scanning/reported findings
- Security Engineer for Transportation Security Administration
Senior Cloud Security Engineer
NASA
07.2015 - 08.2016
- Responsible for providing technical guidance for the security of general support systems and major applications
- Provides guidance to partners and customers in helping them understand AWS cloud services and how security compliance is achieved while operating in a public cloud environment
- Ensure complete security measures for business practices within the design, network integration/implementation, and system and application level security
- Performs security control assessment in using FedRamp guidance and conduct independent scans of the network
- Develops and maintains the Plan of Action and Milestones and supports remediation activities
- Manage and maintain applications and systems security posture deployed to AWS
- Experience using and configuring the Distributed Management Console (DMC)
- Develop reliable, efficient queries that will feed custom alert, dashboards and reports in Splunk
- Maintain a close partnership with Splunk on feature requests, upgrade planning, and product roadmap alignment
- Optimizes system operation and resource utilization, and performs system capacity planning/analysis while maintaining the security posture
- Leveraged the full utility of Splunk technology in order to monitor cyber security, protect IT infrastructure, and enable rapid containment and resolution of IT security incidents
- Troubleshoot Splunk server problems and issues, set-up log indexing utilizing universal forwarders
- Monitor Splunk infrastructure for capacity planning and optimization
- Developed incident management processes, playbooks and stakeholder communication mechanisms for the HQ Security Operations Center
- Detected security incidents via network and host monitoring utilizing Splunk Enterprise Security/Trend Micro Deep Security Agent
- Determined their severity and impact, conducted threat analysis as required with various logs network and system forensic investigation techniques
- Architected Imperva Web Application Firewalls for AWS hosted on the internet supporting mission critical operations
- Tasks include SecureSphere configuration, AWS ELB deployments, AWS CloudFormation creation and updates, and AWS Route 53 changes
Security Analyst, Security Operations Center
Hergavec Group
11.2014 - 05.2015
- Utilizes McAfee SIEM/ESM to analyze/locate and mitigate malicious activities across network
- Effectively coordinates Computer Security Incident Handling process
- Monitors McAfee NSM/IPS, and FireEye for malicious inbound traffic
- Utilizes CounterACT Forescout Network Access Control for swift network host access removal
- Administers CA ticketing system to create/track and close all security related incidents
- Monitor Imperva DAM/WAF for database intrusions
- Participate in root cause analysis of critical events for improving preventative and reactive processes
- Responsible for reporting, escalating, and remediating anomalous events based on the established protocol
- Performs day-to-day security log review and analysis in adherence with MICS, SOX, and PCI requirements
Security Engineer, Incident Response
TSA/DHS
07.2012 - 05.2014
- Company Overview: Security Engineer for Transportation Security Administration
- Security Engineer for Transportation Security Administration
- Troubleshoot and remedy various technical issues dealing with McAfee Sidewinders and Cisco ASA firewalls
- Administers Norton Secure Endpoint Protection antivirus while protecting/recovering critical data
- Coordinates/creates RFC request to update changes on Cisco ASA and McAfee Sidewinder firewalls
- Utilize BMC Remedy IT Service management tool for tracking, monitoring, updating customer IT issues
- Provides network content filtering using McAfee Web washers and Microsoft ISA
- Utilize Arcsight/SourceFire to monitor and troubleshoot network security related issues
- Monitors Solarwinds and provides technical expertise on various security subjects for TSA network
- Administers Site Protector, monitors for Security Events
- Utilize Microsoft Antigen and Forefront to update and block malicious emails
- Establish and manage Logger user/group controls, specify global login, password, resource authorization and authentication settings, alerts and notification policies
- Configure event source devices/device groups, event Receivers, Forwarders, Destinations, supporting security authentication settings, and optional connector management facilities
- Provide day-to-day management/maintenance of ArcSight devices
- Performed Nessus Vulnerability scanning/reported findings
- Security Engineer for Transportation Security Administration
Firewall Administration
Department of State
03.2011 - 03.2012
- Monitor and manage MacAfee Control Center and NAGIOS for device alerts (Stonegate and Sidewinder Firewalls) and clusters to include active connections, performance, logging activity, disk space, suspicious log activity, anomalies, and cluster load balance
- Monitor Blue Coat Proxy preventing illegal web surfing
- Perform daily back up of Sidewinder/Stonegate firewalls
- Monitoring Department Of State/State Aid firewalls for over 30 foreign connectivity sites
- Performs onsite Tier 2 technical support and troubleshooting of firewall and content filtering systems to include firewall rule sets, ports, any database modification requests and reports of objectionable content availability
- Modify and configure rule bases as requested by and approved by the Firewall Advisory
- Process and implement IP blocks requested by the CIRT team and make the appropriate changes on all applicable firewalls
- Monitor, track, and update Remedy tickets as necessary in order to maintain current status for all incidents/problems; escalate incidents/problems to Tier 3 Exchange engineers; assist FW engineers in root cause analysis
Non Commissioned Officer in Charge, Network Support
United States Air Force
01.2009 - 12.2011
- Company Overview: 20 Year Retired Air Force Veteran
- Manage 7 Juniper firewalls, 13 Cisco routers, and 31 INEs that sustain a 99.9% uptime for Joint Staff circuits
- Operates 10 Oracle dbase servers; manages four fixed/three deployable server enclaves supporting 6,200 users
- Manages & administers GSORTS database/application to ensure availability of 1.9M+ force readiness records
- Utilize General Dynamics Encryptor Manager (GEM) to remotely configure/troubleshoot 100 TACLANE encryptors and Fastlane ATM/SONET encryptors worldwide
- Led crew of 12 operators in Creating/monitoring user Remedy trouble tickets, oversaw closure of 1500+ tickets
- Maintain Juniper firewalls utilizing Network Security Manager
- 20 Year Retired Air Force Veteran
Intrusion Detection Analyst
DODIG
01.2011 - 09.2011
- Ensure all DOD IG procedures are followed, emphasizing teamwork and awareness, interfacing with client and security partners, and maintaining coverage and performance standards at all times
- Analyze daily user traffic utilizing SPLUNK/BRO/SOURCE FIRE/NIKSUN
- IDS event handling of real time detection and identification, analysis and correlation
- Escalation, notification, responding, remediation and formal reporting
- Collaborate with community partners to combat the threats and techniques used by adversaries
- Employ the DoD OIG production IDS tools and systems (including Bro-IDS, Sourcefire, TippingPoint, Splunk, Niksun, Wireshark, Websense, and Qtip) to monitor/detect cyber-threats/ intrusion attempts on DOD IG network
- Develop and tune custom Bro-IDS policies for increased automated detection
- Manage and maintain Websense web content filter
- Put in block for malicious websites using Websense
- Create and edit sourcefire rules and variables
- Create custom filters for TippingPoint with CSW tool
- Analyze network traffic to identify potential threats to security and/or misuse of DOD IG networks
NCOIC Advanced Programs Network Operations
Nellis AFB
01.2008 - 12.2009
- Maintained 15 network servers supporting F-22A, F-16, F-15C, F-15E, A-10 and H-60 operational test data
- Performed audits on 95 networked SAP computers; purged 100% of dispensable logszero security incidents
- Monitored User’s Remedy/Footprints trouble tickets, quickly solving most problems on first call
- Conducted emissions security (EMSEC) inspections and completed accreditation packages for classified systems
- Responsible for installation, maintenance and security of $.1M network infrastructure supporting 300+users
NCOIC 547th IS JWICS Information Systems Security Officer
Nellis AFB
01.2004 - 12.2008
- Managed/configured switches, routers and encryption devices used to support file, web server, and email access
- Managed $2.5M Top Secret (TS) network supporting the Air & Space missions for five diverse AF Wings
- Delivered 8,736 hrs of TS network support for global Predator/Reaper ops99.7% equipment/circuit up-time rate
- Sole administrator of M3 Messaging Server utilizing RED HAT system administration
- Performed Network eEye Retina Vulnerability scans, Helped mitigated over 100 network vulnerabilities
Network Control Center
Nellis AFB
01.2001 - 12.2004
- Led fix efforts for 200+ Remedy trouble tickets 98% call resolutioneliminated tier two supportsaved 30+ man hours
- Configured and maintained computers and provided superior maintenance support to over 3,000 users
- Administered Combat Information Transfer System/Base Information Protection (CITS/BIP) equipment to protect $16.1 million Metropolitan Area Network (MAN)
- Employed hardware/software tools to deter, isolate, and recover from network security intrusions for base network of 3,800 personnel, 2,700 computers, 22 routers, 95 switches, and 36 Unix systems
Education
Master of Science - Cyber Security
University of Phoenix
Tempe, AZ03.2025
Bachelor of Science - Business
Available Upon Request
Available Upon Request04.2023
Bachelor of Science - Information Technology
Available Upon Request
Available Upon RequestAssociate of Science - Information Technology
Community College of The Air Force
Montgomery, AL02.2011
NCOA Certificate -
Non-Commissioned Officer Academy (NCOA)
Kirkland Air Force Base, NM01.2009
Airman Leadership School Certificate -
Airman Leadership School
Kapuan Air Station, GermanyHigh School Diploma -
Waukegan East High School
Waukegan, ILSkills
- Wireshark/BRO/SPLUNK
- Nessus Vulnerability Scan
- WebSense/FootPrints/Remedy
- McAfee Network Security Man
- Imperva DAM/WAF
- FireEye Malware Protection
- Arc Sight Logger
- HP Web Inspect
- AWS
- Incident Response
- HBSS/Trillex
- Information Assur
- Security Controls
- Enterprise Sec
- Rapid 7
- Communications Security(COMSEC)
- Trend Micro Deep Security Manager
- Performance Management
- Intrusion Prevention System
- Information Systems Security Management
- SolarWinds
- Nagios
Certification
- Splunk Enterprise Security Certified Admin, 08/23
- Security + Certified, 07/30/09
System Administration Training Highlights
- Network +
- CCNA Boot Camp
- Database Fundamentals
- A+
- Security + Certified
- Taclane Operator
- Juniper Network Security Manager
- GCCS-J Oracle Administration
- Unix System Administration
- CompTia Advanced Security Practitioner (CASP)
- Certified Ethical Hacker (C|EH)
Security Clearance
- DOD Top Secret Clearance SCI Poly, 09/21
- DOD Secret Security Clearance
- Public Trust
Timeline
Cyber Security Engineer—Splunk Administrator
Cyber Security Engineer—Splunk Administrator
11.2022 - Current
Cyber Security Engineer—Splunk Project Manager
Cyber Security Engineer—Splunk Project Manager
11.2021 - 04.2022
Splunk Engineer
Splunk Engineer
11.2019 - 05.2020
Critical Incident Response Manager
Federal Bureau of Investigations
02.2019 - 11.2019
Cybersecurity Tier II Analyst
Department Of Energy
09.2017 - 02.2019
Security Engineer, Incident Response
TSA/DHS
09.2016 - 09.2017
Senior Cloud Security Engineer
NASA
07.2015 - 08.2016
Security Analyst, Security Operations Center
Hergavec Group
11.2014 - 05.2015
Security Engineer, Incident Response
TSA/DHS
07.2012 - 05.2014
Firewall Administration
Department of State
03.2011 - 03.2012
Intrusion Detection Analyst
DODIG
01.2011 - 09.2011
Non Commissioned Officer in Charge, Network Support
United States Air Force
01.2009 - 12.2011
NCOIC Advanced Programs Network Operations
Nellis AFB
01.2008 - 12.2009
NCOIC 547th IS JWICS Information Systems Security Officer
Nellis AFB
01.2004 - 12.2008
Network Control Center
Nellis AFB
01.2001 - 12.2004
Master of Science - Cyber Security
University of Phoenix
Bachelor of Science - Business
Available Upon Request
Bachelor of Science - Information Technology
Available Upon Request
NCOA Certificate -
Non-Commissioned Officer Academy (NCOA)
Airman Leadership School Certificate -
Airman Leadership School
Associate of Science - Information Technology
Community College of The Air Force
High School Diploma -
Waukegan East High School
Similar Profiles
Paul VinhPaul Vinh
The Center for Naval Analyses - CNA at Network Engineer/AdministratorThe Center for Naval Analyses - CNA at Network Engineer/Administrator
Hector Albeiro Lopez MartinHector Albeiro Lopez Martin
PARTES Y COMPLEMENTOS PLASTICOS SAS at SAP BO Support Administrator & EngineerPARTES Y COMPLEMENTOS PLASTICOS SAS at SAP BO Support Administrator & Engineer
AKASH KULTHEAKASH KULTHE
Amit Engineering Works at Electrical Design Engineer ( Administrator)Amit Engineering Works at Electrical Design Engineer ( Administrator)
Forsab BrilianForsab Brilian
Splunk Engineer / Cyber Security Engineer at CAPGEMINISplunk Engineer / Cyber Security Engineer at CAPGEMINI
Rodrigo OliveiraRodrigo Oliveira
Splunk / Cyber Security Engineer at ConfidentialSplunk / Cyber Security Engineer at Confidential