Splunk Core Skills

• Have Experience in Handling Splunk Projects right from the Design phase to implementation, Development and Support.
• Implemented and supported Splunk Standalone, Distributed and Clustered Environments.
• Good Hands-on experience in configuring Universal forwarders, Heavy forwarders, Indexers Search head, indexer cluster, searchhead cluster and license master.
• Install, configure and administrate Splunk Enterprise Servers on Red-hat Linux and Windows severs.
• Extensive experience and actively involved in Requirements gathering, Analysis, Reviews during onboarding.
• Design plan for Indexer storage size for the upcoming quarters by discussing with management.
• Manage indexed data by creating buckets in index ( hot,warm,cold, frozen/thawed).
• Design plan for additional search head to accommodate more users in the long run.
• Aware of creating roles and users by providing access to required data and capabilities.
• Creating index and manage Indexer cluster and apply bundle to indexer when create new index.
• Worked on optimizing the Existing Search quires for better performance using different streaming non- streaming splunk commands
• Good Command on Splunk Processing Language [SPL]
• Good Knowledge splunk objects like Reports, Dashboards, Apps, Alerts.
• Experience in Building advanced visualizations using html tags
• Worked on Splunk App for Enterprise Security.
• Have working Knowledge on Creating Data models, tags, pivots and macros
• Fetching the data from databases using DB Connect for SQL Applications.
• Ability to analyze scenarios of software implementations and provide solutions for problems using Splunk
• Worked with the team to create and implement Semantic Layer
• Developed and implemented Splunk objects using Devops tools.
• Delivered Splunk objects across multiple projects.
• Worked on optimizing the Existing Search quires for better performance
• Participate as an escalation point for 24x7 operations support for Splunk.

 Splunk Integration Skills

• Implemented Splunk integration to external systems – SLIC
• Integrated REST API in Splunk
• Integrated Splunk with Remedy 8.0.
• Integrated Splunk with AWS cloud

 Incident Response Skills

• Perform the role of an incident commander during the course of a security incident or during major outages as per the business need and emergency.
• Ensure the “chain of custody” is maintained throughout the process
• Ensure that the NIST Incident response lifecycle procedures are followed throughout the course of the incident (Detection and Analysis; Containment, Eradication, and Recovery; Post-incident Activity)
• Maintaining incident logs and prepare incident reports for review with the Security governance and leadership teams.
• Participate in Incident review following major Incidents and support the corresponding teams and stakeholders
• Responsible for planning and coordinating all the activities required to perform, monitor, and report on the process
• Identify potential problems and/or increasing trend of repetitive Incidents
• Solving complex problems with information technology software and hardware.
• Responsible for assigning incidents to respective teams
• Ensure that Incidents assigned to their Support Groups are resolved and that service is restored
• Providing SME support to the Tier 1 & Tier 2 Analyst’s
• Create Knowledge with repeatable procedures with a goal of reducing the number of Incidents
• Providing training for technical support teams
• Developing procedural manuals for various IT issues

Information Security Skills

• Have Experience in handling Zero-day attack issues and High Severity Virus Issues, By Working closely with research teams.
• Recognizing problems by identifying abnormalities; reporting violations.
• Determines security violations and inefficiencies by conducting periodic audits.
• Upgrades system by implementing and maintaining security controls.
• Keeps users informed by preparing performance reports; communicating system status.
• Maintains quality service by following organization standards.
• Maintains technical knowledge by attending educational workshops; reviewing publications.
• Contributes to team effort by accomplishing related results as needed.

Project and People Management Skills

• Lead, develop and motivate a high-performance team of support to deliver excellent technical support and customer service in an accurate and timely manner.
• Apply a balance management approach with equal emphasis on business and people management results.
• Responsible for sending all Incident notifications as per agreed process
• Mentor the staff members (1:1, call coaching and case reviews) to lead them to their improvements.
• Conduct weekly Team meetings & Monthly One on one session with all Team members and give feedback on their performance & inputs to improve their stats.
• Conduct Performance Appraisal once in 6 months for all the team members.
• Analyze trends/data and drive development of plans to take advantage of potential opportunities.
• Reduce the shrinkage under control through psychological approaches.
• Have exposure in creating RFP for the Practice,
• Coordinating manpower planning and recruitment activities in the Practice.
• Training new hires on Security and Big Data tools.