Summary

Overview

Work History

Education

Skills

Certification

Timeline

JEFFERSON KUSI

Atlanta,GA

Summary

Experienced Splunk and Cribl Engineer with over six years of specialized work in Security Information and Event Management, focusing on end-to-end solutions using Splunk. Skilled in maintaining complex data pipelines, optimizing ingestion and parsing processes, and designing scalable architectures for enterprise environments. Adept at supporting cross-platform integrations and managing infrastructure upgrades, all while delivering systems that improve visibility, enhance threat detection, and support long-term operational goals. A trusted resource for teams needing clear documentation, smooth implementation, and deep knowledge of the Splunk and Cribl ecosystems.

Overview

years of professional experience

Certification

Work History

Senior Splunk Architect

Bentash Tech Solutions

Atlanta, GA

03.2023 - Current

Spearheaded a 10 TB/day Splunk deployment across global data centers.
Built high-availability indexer clusters and integrated Splunk ES for SOC workflows.
Led training sessions and coached a team of four Splunk engineers.
Designed and implemented a new on-premise, large-scale, distributed Splunk deployment, encompassing clustered and standalone search heads, indexers, deployment servers, and various forwarders.
Provided comprehensive support for existing Splunk environments, including troubleshooting and maintenance of distributed Linux Splunk infrastructure.
Configured forwarders, universal and heavy alike, to ensure seamless data collection from various sources.
Created high-impact dashboards for security and infrastructure teams.
Designed and delivered over 100 custom dashboards, scheduled alerts, and real-time visualizations, enhancing operational awareness and accelerating incident triage for security and IT teams.
Authored advanced SPL (Search Processing Language) queries, and built correlation logic within Splunk Enterprise Security (ES) to detect, prioritize, and escalate high-impact threats.
Orchestrated seamless platform upgrades, app deployments, and version migrations, aligning with enterprise governance and compliance standards.
Integrated data feeds from endpoint protection, identity platforms, cloud services, and firewalls into Splunk to establish a consolidated threat monitoring framework.
Tuned search performance, optimized data models, and knowledge objects resulted in faster analytics and improved resource utilization.

Splunk Engineer

Bentash Tech

Atlanta, GA

01.2021 - 02.2023

Migrated on-prem Splunk to Splunk Cloud for 200+ log sources.
Wrote custom TAs in Python to onboard proprietary application logs.
Planned, architected, and created formal documentation for maintaining clients' Splunk infrastructure and seamlessly integrating with Cribl products, such as Cribl Stream and Edge.
Designed and implemented automated incident response playbooks in Splunk SOAR to reduce phishing response time by 70%, integrating with threat intelligence, and identity management systems for real-time remediation.
Performed a full Splunk migration from on-prem to Splunk Cloud by exporting search dashboards, saved alerts, and ingest configurations. Refactored custom apps to meet AppInspect compliance, coordinated forwarder reconfiguration, and validated post-migration KPIs and correlation rules.
Built a Splunk-based SIEM system simulating firewall traffic to detect port scans and brute-force attempts using SPL, field extractions, and real-time alerting. Created actionable dashboards, and integrated IP threat intelligence.
Built RBAC and compliance reporting for internal audit and risk teams.
Ingested logs from diverse sources and filtered irrelevant data using Cribl Stream and Edge, reducing storage costs by 15%.
Implemented Splunk Enterprise Security to monitor and correlate threats across endpoints and firewalls. Designed correlation rules and risk-based alerting to reduce false positives and accelerate incident response, aligned with MITRE ATT&CK.
Continuously successfully integrated endpoint incident response technologies such as CrowdStrike Falcon, Carbon Black Endpoint, Microsoft Defender for Endpoint into Splunk Enterprise and Cribl.

Education

Bachelor of Science - Computer Science And Programming

Georgia State University

08.2021

Skills

Splunk Enterprise
Splunk Cloud
Enterprise security
Stream
Edge
Dashboards
Visualizations
KPIs
Active Directory LDAP
Data onboarding
Index Clustering
Forwarder management
SIEM Design
Threat Detection
Alerting
Compliance
SPL
SQL
JQL
HTML

CSS
JS
AWS
Azure
Linux
Windows
Python
Bash
REST API
Ansible
Git
Problem solving
Analytical skills
Verbal communication
Written communication
Team collaboration
Detail-Oriented
Creativity
Time Management
Focused

Certification

Splunk Certified Architect
AWS Solutions Architect
Splunk Cloud Certified Admin
Splunk Enterprise Security Certified Admin
Certified Cribl Stream Admin
Certified Cribl User
CompTIA Network+
Splunk Certified Admin
Splunk Power User

Timeline

Senior Splunk Architect

Bentash Tech Solutions

03.2023 - Current

Splunk Engineer

Bentash Tech

01.2021 - 02.2023

Bachelor of Science - Computer Science And Programming

Georgia State University

JEFFERSON KUSI

Summary

Overview

Work History

Senior Splunk Architect

Splunk Engineer

Education

Bachelor of Science - Computer Science And Programming

Skills

Certification

Timeline

Senior Splunk Architect

Splunk Engineer

Bachelor of Science - Computer Science And Programming

Similar Profiles

Clifford AkotoClifford Akoto

M.A. ABU BAKAR SIDDIQUIM.A. ABU BAKAR SIDDIQUI

Sai Sandeep GangadhariSai Sandeep Gangadhari

Lo’Qwoyn D. HeadLo’Qwoyn D. Head

Kawaski CantyKawaski Canty