Saidu Koroma
Alexandria,VA
Summary
Experienced Splunk Engineer and Cybersecurity Professional with over 5 years of experience supporting enterprise IT infrastructure and SIEM platforms. Proven success in deploying, maintaining, and optimizing large-scale Splunk environments across hybrid Unix/Linux and cloud-based infrastructures. I am skilled in complex SPL, automation scripting, log ingestion pipelines, and troubleshooting systems. Adept at collaborating with DevOps, cloud, and security teams to drive observability, compliance, and incident response.
Overview
6
6
years of professional experience
1
1
Certification
Work History
Splunk Engineer / SOC Analyst
Leidos
03.2023 - Current
- Designed and managed a distributed Splunk architecture, including indexers, clustered search heads, and deployment servers.
- Configured data ingestion from firewalls, endpoint logs, DNS, and authentication systems; tuned parsing and props/transforms.
- Automated alert generation and response workflows using Python and the Splunk API.
- Collaborated with cloud teams to integrate AWS logs, CloudTrail, GuardDuty, and VPC flow logs into Splunk.
- Performed patching, upgrades, and performance tuning on Splunk instances; created uptime and health dashboards.
- Maintained RBAC for SOC and IT teams based on data zones and compliance roles.
- Created SOPs, incident response guides, and monitored critical events after hours and weekends.
- Leveraged CrowdStrike Falcon EDR for endpoint detection and response, triggering alerts, identifying suspicious processes, and validating IOC hits.
- Query Language KQL (Kusto Query Language)
SOC Analyst (Splunk-Focused)
Loudoun County Government
VA
01.2020 - 01.2022
- Led threat hunting initiatives using SPL to uncover anomalies across network and endpoint activity.
- Integrated threat intelligence feeds and enriched alerts for automated triage.
- Tuned correlation rules, reduced false positives by 30%, and improved detection fidelity.
- Collaborated on red-blue team exercises and mapped findings to MITRE ATT&CK techniques.
- Built dashboards for brute-force, DNS tunneling, and insider threat detection.
Data Center Operator
TEKsystems
DC Metro Area
01.2019 - 01.2020
- Supported infrastructure monitoring and hardware troubleshooting for high-availability environments.
- Configured Cisco routers/switches and performed firewall adjustments for LAN/WAN optimization.
- Worked on incident response, logging issues, and preventative maintenance during after-hours shifts.
Education
Bachelor of Science - Information Technology (Cybersecurity Focus)
Strayer University
Washington, DC09.2024
Skills
- Splunk
- Distributed architecture
- SPL dashboards
- Alerts
- Ingestion pipelines
- Rest API integration
- Unix/Linux systems administration
- Cisco routers
- Switches
- VLANs
- tcp/ip
- dns
- DHCP
- Firewall rules
- aws
- Azure
- GCP
- Log integration
- RBAC
- Hybrid monitoring
- bash
- Python
- PowerShell
- Wireshark
- snort
- Metasploit
- Sysmon
- Security Onion
- NIST
- HIPAA
- RBAC implementation
- Audit readiness
- Endpoint behavior
- Dns queries
- Brute force detection
- Lateral movement analysis
- ServiceNow
- Netcool
- Remedy
- SCCM
- CrowdStrike Falcon
- Endpoint telemetry analysis
- EDR triage
- Threat intelligence integration
- Behavioral detection
- KQL
- Threat analysis
- Security monitoring
- Network security
Certification
- CompTIA Security+
- Splunk Core Certified User
- CompTIA Network+
- CompTIA A+
- CEH (in progress)
- CySA + (In Progress)
Projects
Splunk Lab Engineer | Home SOC Environment, 2023, Present, Deployed full Splunk stack with Windows/Linux UFs and HF in virtual lab., Simulated brute-force attacks with Kali tools and built dashboards for login anomalies., Integrated cloud logs (AWS CloudTrail) for hybrid visibility., Automated ingest of Windows Event Logs using PowerShell and Sysmon., Created scripted alerts for ransomware behavior and DNS beaconing., Leveraged CrowdStrike Falcon EDR for endpoint detection and response, triggering alerts, identifying suspicious processes, and validating IOC hits.
Timeline
Splunk Engineer / SOC Analyst
Leidos
03.2023 - Current
SOC Analyst (Splunk-Focused)
Loudoun County Government
01.2020 - 01.2022
Data Center Operator
TEKsystems
01.2019 - 01.2020
Bachelor of Science - Information Technology (Cybersecurity Focus)
Strayer University
Similar Profiles
Cody FlanaganCody Flanagan
NRC LAN Admin at LeidosNRC LAN Admin at Leidos
Timothy SmithTimothy Smith
Key Management Infrastructure(KMI) Account Manager at LeidosKey Management Infrastructure(KMI) Account Manager at Leidos
Tim WalterTim Walter
Systems Integration Engineer at LeidosSystems Integration Engineer at Leidos
Samuel AdjeiSamuel Adjei
Senior Solution Architect at LeidosSenior Solution Architect at Leidos
Jabari NeddJabari Nedd
Linux System Administrator (contract) at Army National GuardLinux System Administrator (contract) at Army National Guard