Summary
Overview
Work History
Education
Skills
Accomplishments
Timeline
Generic

Maria Lourdes Mbakwe

MILLERSVILLE,MD

Summary

Splunk Administrator IT professional with technical knowledge and skilled in information security, system administration, computer network security, project management and IT project scheduling seeking an Information Security (InfoSec) opportunity on a Cyber Security Operations team to proactively defend against evolving security threats.

Overview

6
6
years of professional experience

Work History

Splunk Administrator

Walmart
10.2021 - Current
  • Troubleshoot new and current data collection issues that make system unstable
  • Support the deployment of all supported and unsupported Splunk apps and Add-ons that are required for specific data source
  • Manage Splunk upgrade, update change management document
  • Delivered a comprehensive Splunk deployment document that detail the specification, data ingestion methodology and other architectural consideration in a production environment
  • Performed inventory of system and requirement gathering to develop security policies and procedures
  • Maintain role-based access control solution around the data collected
  • Architect, design and maintain Splunk infrastructure including log storage and event collector
  • Troubleshoot Forwarder and server issues
  • Tune searches and index performance
  • On-board new data source into Splunk and analyze data for anomalies and trends and build dashboard highlighting key trends
  • Monitor and troubleshoot existing input (files monitoring, http and optimizes search performance
  • Implement policies for the use of the computer system and network to ensure best practices and standardization
  • Manage Access Control List (ACL), Network Access Control
  • Host security, user account creation, password, least privilege, identity management, adding/deleting/creating/modifying user account information
  • Apply upgrade and patch
  • Support installation of Splunk components such forward, indexers, search head, UF and deployment server
  • Assist to build defense system using detection and prevention tool which alert for potential security violation Continuously monitor network traffic, logs analysis and report trend
  • Used tools to conduct cyber security alerting, analysis and enhanced situational awareness
  • Answering end-user queries, troubleshooting and fixing reported problems by providing technical support to computer users and analyze, solve, and correct issues in real time, providing end-to-end problem resolution
  • Enhanced client infrastructure supporting application and server, data, reporting, custom queries, dashboard, and security role Assist in all phases of incident response procedure from securing system, preserve evidence with the aim of prosecuting the perpetrator, determined contingency plan and prevented the reoccurrence of the incident
  • Work with teams to collect data for incident metric reporting
  • Support/facilitate incident remediation and prevention documentation and conformed to processes related to security monitoring
  • Monitor system performance to ensure 24/7 operability to keep the network up and running/uptime and collect data to evaluate and optimize network and system performance
  • Create a backup and recovery policy and monitor network communication to identify and recover critical data and information.

Splunk Administrator

L3Harris
01.2019 - 10.2021
  • Maintained high availability of Splunk enterprise service
  • Added users to a network, assigned and updated security permissions on the system
  • Interpreted and solved problems when a user or the automated monitoring system alert
  • Monitor system infrastructure for capacity planning and optimization
  • Managed user, role and permission and apps creation
  • On-board and maintain wide variety of data source, including OS and application logs
  • Optimize application to reduce impact on resources
  • Managed configuration and tunning in large Splunk environment
  • Ensured that company’s workstations worked efficiently, stayed connected to the central computer network and telecommunication network, upgraded network by developing, testing, evaluating, and installing enhancements
  • Provide general engineering and design support for distributed Splunk environment Maintained network performance by performing network monitoring and analysis, and performance tuning; troubleshooting network problems; escalating problems to vendor(s)
  • Create custom dashboard, write queries and generated reports, set up alert and notification Protected organization's value by keeping information confidential.

Linux System Administrator

Business Integra Inc, Information System Agency, DTIC
10.2017 - 12.2019
  • Managed and maintained a network of many Windows and Linux servers.
  • Implemented security measures to reduce security incidents.
  • Troubleshooted network issues by resolving problems within agreed-upon SLAs.
  • Created and maintained documentation for network configurations, systems procedures, and incident reports.
  • Implemented a disaster recovery plan to reduce downtime during system failure and data loss.
  • Proficient in administering Windows Server and Linux server environments.
  • Managed user accounts, security policies, group policy, and Active Directory administration.
  • Experienced in system security, including firewall configuration, and intrusion detection.
  • Proficiency in virtualization technologies, such as VMware and Hyper-V.
  • Created Linux servers using Vagrant for local development and AWS for scalable cloud deployment, streamlining server provisioning and management.
  • Deployed routine tasks with scripting such as PowerShell.
  • Conducted regular server patch management to maintain system stability and security.
  • Scripted automation tasks, resulting in a considerable reduction in routine administrative work.
  • Established SSH connections to AWS instances using Powershell and Putty for efficient server management.
  • Developed security groups as effective firewalls for managing inbound traffic.
  • Implemented rules to regulate inbound and outbound connectivity.
  • Employed encrypted private keys to securely transmit files with password protection, ensuring data security in transit.
  • Granted elevated user privileges by configuring the sudoers file, enhancing access control and system security.
  • Established SSH connectivity between two servers by enabling password authentication, facilitating secure remote access and data exchange.
  • Enabled secure data sharing between servers by modifying AWS default password authentication and configuring a specific directory for file exchange, enhancing data transfer and access control.
  • Seamlessly shared files between Windows and Linux systems using WinSCP, ensuring efficient cross-platform data transfer and management.
  • Successfully created an IAM user, enabling secure access to the AWS Console, and effectively managed permissions and security settings.
  • Thoroughly validated the connection between the AWS Console Access and the IAM user, ensuring secure and reliable user access.
  • Successfully enabled Multi-Factor Authentication (MFA) for a user through the authenticator application, enhancing account security and access control.
  • Created an AWS S3 bucket and organized it by creating folders to securely store and manage the upload of a software package, streamlining data storage and retrieval.
  • Generated access keys and authenticated to the S3 bucket.
  • Established a secure connection to AWS from the CLI through effective configuration.
  • Successfully copied a tar file from AWS to the Linux Terminal vice versa, facilitating data transfer and enabling efficient file manipulation on the Linux system.

Education

Splunk
Splunk

Master of Science - Information Technology Project Management

SNHU
Washington, DC
12.2024

Skills

  • KNOWLEDGE AREAS
  • Incidence & Threat Analysis
  • Splunk
  • System Hardening
  • Logs Review, Dashboard
  • Network Monitoring,
  • Software Development Life Cycle (SDLC)
  • Linux Operating System & Security
  • Project Planning & Tracking
  • TCP/IP Network Protocols
  • Splunk Health
  • HTTP/SIEM/LDAP
  • SIEM / Firewalls/Anti-virus
  • Infrastructure /Routers/Switches
  • NIST Risk management (RMF)
  • Forwarder and Indexer Deployment
  • Multiple Priorities Management
  • Software / Applications: Microsoft Word, Excel, Access, PowerPoint, Visio, Outlook, Project, SharePoint
  • Operating Systems: Windows, Linux/Unix
  • Project Management
  • Reporting and Documentation

Accomplishments

  • Splunk Core Certified User (1001)
  • Splunk Enterprise Admin User (1003)
  • Splunk Core Power User (1002)
  • Project Management Professional (PMP)
  • CompTIA Security+ (SY0-701)
  • Certified in Risk and Information Systems Control (CRISC)

Timeline

Splunk Administrator

Walmart
10.2021 - Current

Splunk Administrator

L3Harris
01.2019 - 10.2021

Linux System Administrator

Business Integra Inc, Information System Agency, DTIC
10.2017 - 12.2019

Splunk

Master of Science - Information Technology Project Management

SNHU

Similar Profiles

CREATE PROFILE
Maria Lourdes Mbakwe