ISMAIL MOHAMMED
Austin,TX
Summary
SPLUNK ENTERPRISE - CERTFIED ADMIN
Highly motivated Splunk Engineer with 7 years of expertise in Splunk development and administration. Proven ability to design, implement, and maintain Splunk solutions, including SIEM setups for large-scale broadband providers. Strong Linux administration skills and a track record of successfully driving projects from inception to completion. Excellent communication and collaboration skills.
Overview
8
8
years of professional experience
Work History
Splunk Engineer
Charter Communications
North Carolina
10.2020 - Current
- I am part of a 5-member team that is working on a project for data onboarding, application monitoring issues, solving issues, and closing project issues.
- Day-to-day maintenance of Splunk applications is also part of the project.
- Installation and configuration of the Splunk product in different environments.
- Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-Ons, Dashboards, Clustering, and Forwarder Management.
- Upgraded Splunk Enterprise from 8.1.0 to 9.0.4.1 in clustered environments and non-clustered environments.
- Experience in Linux and Systems Administration.
- Logs integration for different technologies, like Rapid7, Trapstation, and other technologies.
- Involved in setting up alerts for a different type of errors, data enrichment using the lookups, and data interpretation using the fields and fields extraction, and performing the data normalization using the tags.
- Good understanding of configuration files, precedence, and daily work exposure to Props.conf, transforms.conf, inputs.conf, outputs.conf, and setting up a forwarder based on requirements.
- Configuring monitoring tools and services to track the performance and health of AWS resources, as well as setting up logging to collect and analyze system and application logs.
- Install and maintain the Splunk add-on, including the DB Connect 1, Rapid7, Palo Alto, and LDAP for working with the directory and SQL database.
Splunk Admin/Developer
Deloitte
Colorado
01.2018 - 08.2020
- Developed Splunk infrastructure and related solutions as per automation toolsets.
- Experience in Splunk GUI development, creating Splunk apps, searches, data models, dashboards, and reports using the Splunk query language.
- Provide regular support, guidance to SIEM operational teams on complex solutions and issue resolution.
- Worked with client engagements, data onboarding, and writing alerts and dashboards using the Search Processing Language (SPL).
- Analyzed security-based events, risks, and reporting instances.
- As part of SIEM, I monitored notable events through Splunk Enterprise Security (using V5.0).
- Generated shell scripts to install Splunk forwarders on all servers and configure them with common configuration files, such as bootstrap scripts, outputs.conf, and inputs.conf files.
- Onboard new log sources with log analysis and parsing to enable SIEM correlation.
- Various types of charts, alert settings, knowledge of app creation, user, and role access permissions.
- Setup and configuration of a search head cluster with three search head nodes, and managing the search head cluster with a deployer.
- Interact with the data warehousing team regarding extracting the data, and suggest the standard data format so that Splunk will identify most of the fields.
- Write automation scripts for APIs, unit, and functional test cases using Selenium WebDriver.
- Write automation scripts for REST APIs using TestNG and Java.
- Worked on DB Connect configuration for R, MySQL, and MSSQL.
Splunk Admin/Developer
Geico
New York
04.2017 - 12.2018
- I was a team member of the Professional Services (Cyber Defense) practice and participated in the delivery of Advanced Security Operation Center (ASOC) and SIEM projects.
- My tasks consist of the deployment and administration of Splunk components in a SIEM platform to allow for the creation and operation of various use cases for security incident response management relating to the IT environment.
- Monitoring or analyzing real-time events for security devices like firewalls, IDS, anti-virus, etc., using SIEM tools.
- Developed Splunk dashboards, searches, and reporting to support various internal clients in Security, IT Operations, and Application Development.
- Analyzed security-based events, risks, and reporting instances.
- Correlating events from a network, operating system, anti-virus, IDS/IPS, firewalls, or proxies, and analyzing them for possible threats.
- Created and configured management reports and dashboards.
- Involved in writing complex IFX, Rex, and Multikv commands to extract the fields from the log files.
- Created dashboards for various types of business users in the organization, and worked on creating different Splunk knowledge objects, like macros, IFX, calculated fields, tags, event types, and lookups.
- Scripting and development skills (Perl, Python), with strong knowledge of regular expressions.
Education
Master of Science - Information System Engineering And Management
Harrisburg University of Science And Technology
Harrisburg, PA01.2020
Master of Science - Wireless Mobile Communications & System Engg.
University of Greenwich
London, UK01.2012
Bachelor of Engineering - Electronics And Communication Engineering
JNTU University
India01.2010
Skills
- Splunk Administration
- Splunk Developer
- SIEM integration
- Data onboarding
- Linux/Windows
- API integration
- Performance tuning
- App deployment
- Cloud computing
- Scripting
- Troubleshooting
- Documentation
Timeline
Splunk Engineer
Charter Communications
10.2020 - Current
Splunk Admin/Developer
Deloitte
01.2018 - 08.2020
Splunk Admin/Developer
Geico
04.2017 - 12.2018
Master of Science - Information System Engineering And Management
Harrisburg University of Science And Technology
Master of Science - Wireless Mobile Communications & System Engg.
University of Greenwich
Bachelor of Engineering - Electronics And Communication Engineering
JNTU University
Similar Profiles
SHARDEY CLOPTONSHARDEY CLOPTON
Spectrum Customer Service Representative at Charter CommunicationsSpectrum Customer Service Representative at Charter Communications
Aazim KhanAazim Khan
DevOps at Charter CommunicationsDevOps at Charter Communications
Julissa MedinaJulissa Medina
Field Technician at Charter CommunicationsField Technician at Charter Communications