Uploaded File
add photo
Mostafa
moskhalil96@gmail.com
727-490-8544
27038 sea breeze way.
Wesley Chapel, FL 33544
Splunk Developer / Admin
4 years experience W2
0
Recommendations
Average rating
37
Profile views
Summary

Strong experience with Splunk 5.x and 6.x product, distributed Splunk architecture and components including search heads, indexes and forwarders.

  • Experience in Operational Intelligence using Splunk.
  • Headed Proof-of-Concepts (POC) on Splunk ES implementation, mentored and guided other team members on Understanding the use case of Splunk.
  • Expertise in customizing Splunk for Monitoring, Application Management and Security as per customer requirements and industry best practice.
  • Expertise in Installation, Configuration, Migration, Troubleshooting and Maintenance of Splunk, Passionate about Machine data and operational Intelligence.
  • Implemented workflow actions to drive troubleshooting across multiple event types in Splunk.
  • Expert in installing and configuring Splunk forwarders on Linux, Unix and Windows.
  • Expert in installing and using Splunk apps for UNIX and Linux (Splunk nix)
  • Used Splunk Hunk for splunk analytics with Hadoop.
  • Exposed the metadata to the end users using the Splunk Analytics for Hadoop.
  • Knowledge on configuration files in Splunk (Pros.conf, Transforms.conf, output.conf).
  • Worked with SIEM team monitoring notable events through Splunk ES.
  • Supports, Monitors and manages the SIEM environment.
  • Expertise in Splunk SPL as well as python and several other languages.
  • Scripting and development skills using Perl and Python with strong knowledge of regular expressions.
  • Worked on Amazon AWS, configuring, launching Linux and windows server instances for Splunk deployment.
  • Instrumental in developing and delivering training modules on Cloud Platform
  • Expert in installing and using Splunk apps for UNIX and Linux (Splunk nix).
  • Knowledge on Configuration files in Splunk (props.conf, Transforms.conf, Output.confg)
  • Worked on large datasets to generate insights by using Splunk.
  • Production error monitoring and root cause analysis using Splunk.

Experience
Splunk Developer / Admin
Information Technology
Apr 2018 - present
Tampa, FL
  • Experience in creating Splunk dashboards and visualizations to drive security, business, and operational enablement.
  • Upgraded Splunk Enterprise from v 6.2 to v 6.5.1 in clustered environments and non-clustered environments.
  • Analyzed security-based events, risks and reporting instances. Correlating events from a Network, OS, Anti-Virus, IDS/ IPS, Firewalls or Proxies and analyzing them for possible threats.
  • Understand and interpret customer requirements for Splunk implementation for an enterprise solution.
  • Experience with creating Physical and logical data models
  • Developed Splunk Infrastructure on Cloud (Amazon AWS) in coordination with infrastructure Support Teams.
  • Worked on Splunk ITSI scales to collect and index terabytes of real-time and historical events and metrics that are both human and machine
  • generated, across multi-datacenter and cloud-based infrastructures.
  • Designs and develops RPA solutions using UiPath.
  • Designs, configures, deploys, and integrates new, modified and/or enhanced UiPath automation solution.
  • Identify processes and workflows that can be enhanced by a Robotics Process Automation (RPA).
  • Critically evaluate workflows with a view to improve efficiency and enhance the usage of RPA and workflow automation.
  • Extensive experience designing, deploying, and managing clustered Splunk Enterprise systems
  • Clustered Indexers, Search Heads, HTTP Event Collectors, and Forwarders
  • Experience in developing END to END planning & Implementation of Various Network Devices and Business Application with the SIEM Device-QRADAR/ SPLUNK
  • Experience managing data retention policies and performing index administration, maintenance and optimization, and configuration backups.
  • Onboard new log sources with log analysis and parsing to enable SIEM correlation.
  • Developed python scripts as needed in support of data collection, reporting and presentation requirements
  • Created Splunk Apps using XML and Web Components. Knowledge of app creation, user and role access permissions.
  • Experience in Java scripting and Python scripting for advanced UI integration.
  • Worked on properly creating/maintaining/updating necessary documentation for Splunk Apps, dashboards, upgrades and tracked issues.
  • Monitoring various event sources for possible intrusion and determine the severity of threat.
  • Experience in building Splunk Technology Add-ons and configuring field extractions for various data sources
  • Extensive experience Implement SPLUNK service and app monitoring for new applications, devices, and platform components.
Data Center Database Backups Database Upgrades Firewall IDS IPS Java Python RPA Scripting SIEM Splunk Splunk Developer Splunk Enterprise Security Splunk ITSI UI XML Information Security Cyber Security
Remove Skill
Splunk Admin/ Developer
Information Technology
Apr 2017 - Mar 2018
Houston, TX
  • Prepared technical documentation for reports and training material. Mentored and guided new team members by giving KT on schedule based.
  • Created custom dashboards, alerts, searches and reports to meet requirements of various groups.
  • Provided regular support, guidance to splunk project teams on complex solution and issue resolution with the objective of ensuring best fit and high quality.
  • Supported Security Operations Center's splunk usage to improve agency wide security visibility.
  • Participated in an on-call rotation for support of systems outside of normal business hours.
  • Managed data retention policies and perform index administration along with maintenance and optimization and configuration back-ups and provided granular, role-based security, manage access control to sensitive logs/data.
  • Designed Splunk Enterprise 6.5 infrastructure to provide high availability by configuring clusters across two different data centers.
  • On boarding the data from different application servers kept across the globe to the Splunk Server.
  • Configured DBConnect application in Capital Group and Indexed different database logs for the application teams.
  • Created basic search heads for the application teams and creating users, roles and granting permissions.
  • Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
  • As a member of Implementation Partner Attended meetings with Client's Stake holders and be a part of all discussions to choose a right SIEM solution suitable for the Clients Infrastructure.
  • Monitored SYF's splunk infrastructure and involved in capacity planning and optimization, involved in trouble shooting log-feeds, field extracts and search time etc.
  • Managed network design and applied security-based configurations on splunk environment according to SYF's standard security guidelines.
  • Conducted a data source assessment of all available data/logs in SYF
  • environment that can be ingested into splunk.
  • Performed an assessment of SYF's existing splunk enterprise implementation in the context of heath supportability, and scalability, which includes Reviewing indexer core configurations (server.conf, web.conf, inputs.conf), Search head core configurations (outputs.conf, authorize.conf), server class.conf audit.
Network Design SIEM Splunk Splunk Enterprise Security Windows
Remove Skill
Edit Skills
Non-cloudteam Skill
Education
Computer Engineering Technology
Texas Southern University 2019
Skills
SIEM
2021
3
Splunk
2021
3
Splunk Enterprise Security
2021
3
Cyber Security
2021
2
Data Center
2021
2
Database Backups
2021
2
Database Upgrades
2021
2
Firewall
2021
2
IDS
2021
2
Information Security
2021
2
IPS
2021
2
Java
2021
2
Python
2021
2
RPA
2021
2
Scripting
2021
2
Splunk Developer
2021
2
Splunk ITSI
2021
2
UI
2021
2
XML
2021
2
Network Design
2018
1
Windows
2018
1
AWS
0
1
Linux
0
1
Perl
0
1
Splunk Forwarders
0
1
Splunk SPL
0
1
UNIX
0
1
Windows Server
0
1