Leslie Owusu Aborah
SPLUNK ENGINEER/ADMINISTRATOR
Smyrna,TN
Summary
Innovative and results-driven Splunk Engineer with over five years of experience in IT, specializing in data analytics, cybersecurity, and enterprise-level Splunk administration. Proven expertise in designing and optimizing Splunk queries, enhancing system monitoring, and developing advanced security dashboards. Adept at identifying patterns, mitigating threats, and optimizing data workflows to support critical business objectives. Strong collaboration skills, working across IT, security, and operations teams to implement tailored data solutions that drive efficiency and security
Overview
7
7
years of professional experience
6
6
years of post-secondary education
4
4
Certifications
Work History
Snr. MDR Engineer -SIEM
5iron cyber
Franklin, TN
03.2024 - Current
- Developed and executed complex Splunk searches to retrieve, analyze, and correlate security events across multiple log sources, increasing incident detection accuracy by 35%
- Optimized threat detection and response workflows, reducing mean time to detect (MTTD) by 40% through advanced correlation searches and automation
- Designed and maintained SOC dashboards for real-time security event monitoring, enabling swift analysis of key threat indicators
- Configured and fine-tuned automated alerts, reducing false positives by 30%, ensuring critical threats are prioritized effectively
- Collaborated with security analysts and threat hunters to enhance Splunk use cases for detecting malware, insider threats, and anomalous network activity
- Implemented security best practices for log management, data retention policies, and Splunk user role access controls to maintain compliance with regulatory requirements
- Conducted regular security audits and log analysis to identify vulnerabilities, providing actionable insights for remediation
- Established strong working relationships with clients through exceptional communication skills, fostering trust and collaboration.
DATA ANALYTICS ENGINEER – SPLUNK
Ogletree
Greenville, SC
12.2022 - 03.2024
- Developed and executed complex Splunk searches to retrieve, analyze, and visualize data, leading to a 30% improvement in system monitoring efficiency
- Optimized data onboarding and query performance, reducing search time by 40% and enhancing response times for security events
- Designed and deployed advanced dashboards and visualizations that provide real-time insights into operational and security metrics
- Configured automated alerts, reducing false positives by 25%, ensuring rapid detection and response to anomalies
- Enhanced data security by implementing robust user access controls, log retention policies, and best practices for compliance
- Collaborated with IT & security teams to align Splunk solutions with organizational security objectives and regulatory requirements
- Authored technical documentation and conducted training sessions to enhance Splunk adoption across departments
SPLUNK ADMINISTRATOR
Clyde and Co LLP
Kansas City, Missouri
07.2020 - 09.2022
- Orchestrated support for a Splunk cloud environment with deployment servers, heavy and universal forwarders
- Reduced system downtime by 20% through proactive monitoring and swift issue resolution
- Reviewed and onboarded new data sources into Splunk via HEC, syslog, and UF/HF, ensuring comprehensive data coverage
- Increased data source coverage by 20%, enhancing the overall visibility of security events
- Analyzed data for anomalies and trends in collaboration with the Security Team, providing actionable insights
- Improved anomaly detection accuracy by 25%, aiding in the early identification of potential security threats
- Collaborated closely with security analysts to gather requirements, troubleshoot, and fine-tune queries and correlation rules
- Enhanced query efficiency, resulting in a 15% reduction in false positives and more accurate threat detection
- Implemented best practices for knowledge object management on the search head, optimizing search performance
- Achieved a 20% improvement in search speed, enabling faster data analysis and response times
- Developed regex patterns for field data extractions to support visualizations of use-cases
- Streamlined data extraction processes, reducing extraction time by 30% and improving visualization accuracy
- Successfully troubleshooted search head outages, minimizing downtime and ensuring continuous data availability
- Reduced search head outage duration by 25%, maintaining uninterrupted data analysis capabilities
- Communicated effectively with the company on critical Splunk overhauls and planned maintenances impacting usability
- Minimized user disruptions by 40%, providing transparent communication and managing expectations
- Developed dashboards for monitoring systems, showcasing key security trends and business metrics
- Improved system visibility, leading to a reduction in response time to critical security incidents
Linux SYSTEMS Administrator
Clyde and Co LLP
Kansas City, Missouri
02.2018 - 09.2020
- Performed day to day Management of Linux VM Infrastructure including configuring, troubleshooting, and resolving issues in a Linux Server environment
- Addressed user and environment issues quickly and efficiently with minimal downtime
- Performed Server Deployment, upgrades, version release management Performed Red Hat Satellite upgrade
- Created and updated Process Documentation for future reference
- Performed monthly scheduled Patch Management via Redhat Satellite
- Maintained user access using Red Hat Identity Management Domain
- File system Management – create and monitor Logical Volume Manager (LVM) and Swap Space and extend necessary file systems
- Supported Network configuration management as it relates to the use of DNS, LDAP, DHCP, TLS/ SSL
- Administered SSH, NFS and FTP on Linux servers
- Automated and scheduled jobs using Cron utility
- Monitored and resolved service tickets via Change Management System (Jira)
- Experienced working in a VMWare virtualized environment
- Performed system backup and compression using tar, gzip and bzip
- Provisioned accounts: added new user accounts, removed users, changed ownerships of groups using chown, chgrp commands
- Modified file permissions using chmod and set special permissions using ACL
- Automated and scheduled jobs using Cron utility
Education
MBA - Finance
Park University
Kansas City, MO 07.2011 - 12.2013
B.A - Economics and Sociology
University of Ghana
Ghana 08.2006 - 05.2010
Skills
- Splunk Enterprise
- Splunk Enterprise Security
- Networking protocols (TCP/IP, IPSec, HTTP, HTTPS, SSL)
- PowerShell
- Python
- Splunk SPL
- Regular Expressions
- Active Directory
- SCRUM Framework
- Linux server troubleshooting
- written communication
- oral communication
- interpersonal skills
- organizational skills
Time management
Quality control
Technical reporting
Root-cause analysis
Process improvement
Certification
Splunk Core Certified Power User
Timeline
Snr. MDR Engineer -SIEM
5iron cyber
03.2024 - Current
DATA ANALYTICS ENGINEER – SPLUNK
Ogletree
12.2022 - 03.2024
SPLUNK ADMINISTRATOR
Clyde and Co LLP
07.2020 - 09.2022
Linux SYSTEMS Administrator
Clyde and Co LLP
02.2018 - 09.2020
MBA - Finance
Park University
07.2011 - 12.2013
B.A - Economics and Sociology
University of Ghana
08.2006 - 05.2010
Similar Profiles
TRINA D. SHAFFERTRINA D. SHAFFER
Training Technician at 1st Cyber Battalion, Cyber Protection BrigadeTraining Technician at 1st Cyber Battalion, Cyber Protection Brigade
PRIYASHA SINGHPRIYASHA SINGH
Cybersecurity Student at Cyber Security And Cyber DefenceCybersecurity Student at Cyber Security And Cyber Defence
PETER BERNHARDTPETER BERNHARDT
Senior Cyber Threat Intelligence Analyst at 1st Cyber Battalion, Cyber Protection BrigadeSenior Cyber Threat Intelligence Analyst at 1st Cyber Battalion, Cyber Protection Brigade
Hannah BridgesHannah Bridges
Shipping Clerk at Sinomax UsaShipping Clerk at Sinomax Usa
Jordan JohnsonJordan Johnson
World History Teacher at Smyrna High SchoolWorld History Teacher at Smyrna High School