SHOEB HUSSAIN MOHAMMED

· Architecting Splunk Enterprise deployment, clustering (singlesite, multi-site), data onboarding and replication, clustering (single-site or multi-site) configuration, reporting.

· Creating Dashboards according to the business needs using

· Advance XML.

· Experience on Splunk Enterprise Deployments and enable continuous integration as part of configuration using (props.conf, transforms.conf, inputs.conf& outputs.conf, server.conf) management.

· Expert in installing and using Splunk apps for Unix/Linux (Splunk nix) and for Windows (Splunk windows).

· On-boarding data into Splunk from many sources such as windows servers, application servers, syslog server etc

· Troubleshooting Splunk feed issues and data ingestion for remote locations.

· Configure hot, warm and cold buckets hold data for extended period of time.

· Creating knowledge objects such as dashboards, reports, scheduling searches, alerts, tags, field aliases, event types, search time fields extractions, and others

· Worked on DB Connect configuration for Oracle, MySQL and MSSQL

· Manage splunk indexes,create new indexes and delete old or used indexes.

· Implementation and Managing ArcSight ESM, Loggers, Connectors and ArcMC.

· Health Checkup, Backup and Monitoring Log stoppage.

· Working with SUN, AIX, Linux, Windows Platforms and DB.

· Upgrading ArcSight Components.

· Connectors Installation and troubleshooting.

· User Access Management on ArcSight appliances.

· Threat Intelligence and Threat feeding. Fine tuning Rules, Reports, Dashboards.

· Device integration and decommission.

· Flex Connectors Implementation (File, DB and Syslog)

· Security Incidents Investigations and Providing reports to management.

· Implementation and Managing IBM Security Guardium DAM and FAM.

· Health Checkup and Monitoring Collectors and Central Manager.

· Integration of databases and systems for database and file activity monitoring

· hosted on various platforms.

· Responsible for Guardium Appliances Management and Administration.

· Monitoring of Guardium Appliances Six Collectors with Central Manager/Aggregator.

· Upgrading Guardium Appliances and STAP Agents.

· Configuration of Policy rules on Guardium Central Manager and push to all Collectors.

· Guardium Configuration and Data backup/Archiving. · ArcSight Administration.

· Connector Installation and troubleshooting.

· Device integration.

· Creating and Fine tuning Rules, Reports and Dashboard.

· Creating Daily, Weekly and Monthly Reports for Client.

· Responsible for administration of Palo alto firewall.

· Monitored, analyzed (Palo Alto 5050) systems logs for events of unauthorized access to detect security threats, vulnerability and collaborate with management and systems administrators to resolve issues.

· Configuration and management of the Global Protect VPN solution on Palo Alto NGFW.

· Incident handling processes of CERT.Sa (Alert drone Security Incidents-Govt Alerts).

· Troubleshooting tickets and Business as Usual operations.

· Hands on experience on firewalls, antivirus and authentication devices( palo alto, cisco, fortinet, cisco acs).

· Responsible for Qualys Vulnerability management for advance threats. · Responsible for Cyberark privilege account session manager for credential protection, session isolation and monitoring.

· Root Cause analysis in problem management for service interruption and recovery.

· Hands on experience on NAC solution device. ( Bradford NAC )

· Installing and configuring new hardware/software.

· Answering technical queries.

· Responsibility for documenting the issues of the system.

· Troubleshooting any reported problems.

· System performance tuning.

· Performing backups of data.

· Applying operating system updates, and configuration changes.