Murali Thadathil Madhavan

Architecture & Administration:

• Architected and managed enterprise SOC infrastructure with Splunk deployment supporting 2TB/day license capacity
• Designed and implemented HA/DR solutions across multiple Splunk sites ensuring 99.9% uptime
• Led indexer and search head cluster deployments with seamless scalability and performance optimization
• Established data retention policies and archival strategies aligned with compliance requirements
• Managed end-to-end data onboarding pipeline with automated parsing and normalization

Deployed Splunk Enterprise Security with custom correlation searches and threat intelligence integration

Managerial Responsibilities:

• Directed and mentored a cross-functional security team of 15+ members to enhance SOC operational efficiency
• Developed and enforced automated SOC process frameworks and best practices, improving incident response times by 30% through workflow and alert automation
• Managed budgeting and resource allocation for SOC infrastructure upgrades and software licensing
• Collaborated with executive leadership to align SOC strategies with organizational risk management and compliance goals
• Led vendor management and contract negotiations to optimize cost and service levels for security tools and services

• Infrastructure Management:
• - Designed Splunk architecture supporting 1TB/day license with clustered indexers and search heads
• - Managed cluster operations including node additions/removals and app/config bundle deployments
• - Implemented KV Store management and lookup optimization strategies
• - Established data governance framework including retention and archival policies
• Security & Analytics:
• - Led development of custom Splunk apps and security dashboards for threat visibility
• - Integrated Splunk with external systems for centralized security monitoring
• - Built advanced use cases for Enterprise Security, Palo Alto, AWS, and Qualys
• - Promoted forensic analysis and advanced threat hunting capabilities
• Change & Project Management:
• - Applied structured change management methodology across all Splunk deployments
• - Conducted change impact assessments and risk mitigation planning
• - Coordinated cross-functional teams for seamless data onboarding and system changes
• - Integrated change activities into project timelines ensuring delivery excellence

• SOC Implementation:
• - Deployed on-premises Splunk infrastructure with comprehensive capacity planning
• - Developed SOC dashboards, reports, and alerts based on approved security use cases
• - Implemented privileged user monitoring and anomaly detection
• - Created firewall threat/traffic analytics and antivirus malware detection use cases
• - Integrated Qualys vulnerability data for risk-based security monitoring
• - Developed L1 SOC runbooks and operational procedures
• Analytics & Development:
• - Built custom visualizations and regex-based parsing for security data
• - Developed advanced security apps and customized SPL queries
• - Implemented security compliance monitoring and reporting frameworks

• SOC Leadership:
• - Led SOC implementation projects from architecture to deployment
• - Designed security use cases for Enterprise Security, Check Point, and Windows SOC
• - Established privilege user management and access monitoring frameworks
• - Developed comprehensive security dashboards covering firewall, antivirus, and vulnerability management
• Customer & Project Management:
• - Maintained customer relationships through regular status updates and documentation
• - Managed change request processes with detailed documentation
• - Created RFPs and coordinated recruitment activities for security practice
• - Trained new hires on security tools and Big Data technologies

• Security Architecture:
• - Designed and maintained enterprise security systems and infrastructure
• - Defined system security requirements and developed detailed security architectures
• - Prepared SOPs and protocols for security operations
• - Configured and troubleshot security devices including firewalls, IDS, anti-virus, and authentication systems
• Incident Response:
• - Led incident detection and response activities ensuring rapid threat mitigation
• - Developed automated security tools to identify and remediate vulnerabilities
• - Conducted security assessments and prepared comprehensive reports with remediation recommendations
• - Maintained deep expertise in operating system security and security protocols

• - Led team of 12 support professionals delivering technical support and customer service excellence
• - Managed incident lifecycle and SLA compliance with proactive notification strategies
• - Analyzed trends and developed action plans to improve service delivery
• - Reduced team shrinkage through effective leadership and process improvements
• - Prepared weekly and monthly performance reports for management review

• - Mentored technical support agents on process excellence and problem resolution
• - Ensured team metrics achievement and individual performance optimization
• - Conducted performance analysis and provided targeted coaching
• - Developed training materials and knowledge base articles

• - Provided IT support for enterprise environments managing Windows infrastructure
• - Administered user accounts, access rights, and shared resources
• - Performed hardware maintenance and network troubleshooting
• - Managed anti-virus deployment and security patch compliance