Feras Anani
Rockville,MD
Summary
Seasoned Linux and Splunk Administrator with 5 years of combined experience. Expertise includes managing, optimizing, and securing Linux-based systems, as well as extensive knowledge in alert management, system optimization, and security analysis within Splunk environments. Proficient in scripting, automation, and problem-solving to enhance system performance and reliability. Adept at leveraging SPL for advanced analytics, ensuring system health through proactive monitoring, and implementing best practices to drive performance in complex deployments. Committed to continuous learning and professional development to stay current with the latest technologies and best practices.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Splunk Administrator
CareFirst
Owings Mills, MD
11.2021 - Current
- Alert Development and Management: Designed and implemented custom alerts to monitor system performance and security threats.
- Configuration of Alert Systems: Configured fire alert systems to enhance real-time threat detection and response capabilities.
- Severity Rating for Alerts: Assessed and assigned severity ratings to alerts to prioritize incident response effectively.
- Prioritization of Alerts: Prioritized alerts based on severity to ensure critical issues are addressed promptly.
- Troubleshooting Alerts: Diagnosed and resolved issues with misconfigured alerts to maintain optimal system performance.
- Alert Optimization: Optimized alert settings to reduce false positives and improve system efficiency.
- False Positive Mitigation: Implemented strategies to reduce false positive alerts, ensuring accurate threat detection.
- SPL Optimization: Enhanced SPL queries for faster and more accurate data retrieval.
- Implementation of Best Practices: Applied Splunk best practices at client sites to ensure consistent and efficient operations.
- Log Monitoring: Monitored and analyzed log data to detect and address potential issues proactively.
- Documentation: Created and maintained comprehensive documentation using Confluence for knowledge sharing.
- Custom Input Parsing: Customized the input parsing process to improve data ingestion and accuracy.
- Knowledge Object Utilization: Leveraged knowledge objects to support statistical analysis and reporting.
- Automated Backups: Automated Splunk backups using cron jobs to ensure data integrity.
- Directory Maintenance: Cleaned the Splunk directory weekly, archiving and removing old data to optimize storage.
- Vulnerability Mitigation: Mitigated log forwarder vulnerabilities to maintain system security.
- Data Anonymization: Obfuscated sensitive data such as social security numbers to protect user privacy.
- Security Analysis Support: Supported security analysis by providing detailed alert reports and insights.
- System Health Monitoring: Monitored system health and resolved issues using various troubleshooting methods.
- Resource Issue Investigation: Investigated resource issues using the Splunk monitoring console and other tools.
- Deployment Performance: Led complex deployment projects, ensuring high performance and reliability.
- Provisioning and Decommissioning: Provisioned new equipment and decommissioned outdated devices to maintain operational efficiency.
- Architectural Guidance: Participated in architecture meetings, providing insights to guide strategic decisions.
- Business Process Implementation: Whiteboarded and implemented business processes to enhance security posture based on Splunk best practices.
- Backup Configuration: Configured and managed backup and restore processes using Splunk Enterprise.
- Backup Management: Decommissioned bare-metal indexers at remote sites, ensuring secure and efficient operations.
- Index Cluster Management: Managed indexer clusters, including quarantining and configuring backups.
Linux System Administrator
Canada Dry
Lanham, MD
09.2019 - 10.2021
- Implemented Logical Volume Management (LVM) for optimizing storage solutions within the /opt directory.
- Performed regular patch management on RHEL servers using YUM to ensure systems are up-to-date and secure.
- Configured and maintained secure Apache Tomcat servers, ensuring HTTPS connections for enhanced security.
- Managed Active Directory integration and LDAP for user authentication and directory services.
- Administered user accounts, including creation, management, and deactivation, ensuring secure access control.
- Monitored and maintained the health of bare metal devices using tools like Nagios and SolarWinds for optimal performance.
- Conducted performance and reliability monitoring of servers through audit logs to identify and address potential issues.
- Proactively identified and addressed system issues, providing actionable recommendations during Scrum meetings.
- Maintained and updated burndown charts to track sprint progress and task completion rates.
- Utilized KVM switches to monitor and configure Dell and HP hardware efficiently.
- Employed Wireshark for packet analysis to improve network security and troubleshoot issues.
- Provided one-on-one support to clients on-site, ensuring prompt resolution of technical issues.
- Developed use cases and project plans to justify and guide new projects and system enhancements.
- Implemented VPN solutions with two-factor authentication for secure remote access.
- Documented and executed a disaster recovery plan, including detailed backup schedules and policies.
- Automated backup processes using cron jobs to ensure adherence to backup schedules.
- Performed NTB resynchronization and forced clock updates to maintain system time accuracy.
- Ensured time synchronization across systems using Chrony, enhancing time-dependent applications' reliability.
- Configured and managed firewall rules to open necessary ports while maintaining security.
- Administered and troubleshooted DNS configurations to ensure proper domain name resolution.
- Developed and enforced firewall access policies to secure network traffic.
- Created and maintained Bash scripts for automated file backups, improving data security.
- Provided application support for Microsoft Office and other HR-related applications.
- Developed strategies to address system vulnerabilities, including patch management and deploying specialized controls.
- Resolved incidents and managed service requests using ServiceNow, ensuring minimal downtime.
- Configured and maintained network file sharing and FTP services to streamline file transfers.
- Resolved connectivity issues related to HTTPS ports, ensuring secure web services access.
Education
Master of Science - Accounting And Information Systems
University of Maryland - Global Campus
Adelphi, MDBachelor of Arts - Accounting
University of Maryland - Global Campus
Adelphi, MDSkills
- Linux
- Skilled with RedHat servers
- Performance Testing
- Performance Tuning
- System monitoring
- Server monitoring
- Server Management
- Load Balancing
- System updates
- Network Security
- Firewall configuration
- Operating system installation
- Splunk Enterprise
- SPL (Search Processing Language)
- Python
- Firewall Configuration (systemctl)
- Rail 8 Installation
- Confluence Documentation
- Cron Jobs
- REST API Calls
- btool
Certification
- Splunk Certified, Splunk - Pearson Vue
Core User, Core Power User, and Enterprise Admin
Timeline
Splunk Administrator
CareFirst
11.2021 - Current
Linux System Administrator
Canada Dry
09.2019 - 10.2021
Master of Science - Accounting And Information Systems
University of Maryland - Global Campus
Bachelor of Arts - Accounting
University of Maryland - Global Campus
- Splunk Certified, Splunk - Pearson Vue
Core User, Core Power User, and Enterprise Admin
Similar Profiles
Kisha WebsterKisha Webster
Solutions Consultant at CareFirstSolutions Consultant at CareFirst
LaTonya Y. BarnesLaTonya Y. Barnes
Technician, Procurement Operations at CareFirstTechnician, Procurement Operations at CareFirst
Xaviera GrahamXaviera Graham
CSA at CareFirstCSA at CareFirst