Jacob O.

Experience

• 

  Legg Mason

  Oct 2015 - May 2018

  Linux Engineer

  Managed server installations and network configurations in line with corporate policies.Automated system management tasks, enhancing reliability and performance.Maintained secure server environments using best practices and emerging technologies.Implemented security protocols, including routine updates and patch management.Optimized deployment workflows, minimizing application downtime.Performed system analyses to identify improvement opportunities.Recommended and implemented strategic system upgrades.Developed and enforced server security standards across environments.Collaborated with IT teams to streamline operational processes.Conducted risk assessments to ensure system and data security. Show less

• 

  USPTO Contract

  Jun 2018 - Jun 2020

  Splunk administrator

  Installed and maintained Splunk Enterprise for efficient log analysis and incident response.Enhanced detection with custom alerts and correlation rules.Integrated Splunk into CI/CD pipelines for continuous monitoring.Developed comprehensive documentation for Splunk system configurations.Designed and implemented scalable data ingestion strategies for large log volumes.Created executive-level dashboards for actionable insights and reporting.Resolved Splunk performance issues to maintain high availability and reliability.Managed Splunk Connect for Syslog to ensure robust log ingestion.Optimized configurations to maximize performance and efficiency Show less

• 

  Social Security Administration

  Jun 2020 - May 2023

  Splunk Engineer

  Architected Splunk infrastructure for secure data analysis and proactive threat detection.Developed dashboards to enhance SOC operational visibility and effectiveness.Automated Splunk administrative tasks using Python and Ansible, reducing workload.Delivered training to SOC analysts, leading to faster incident response times.Optimized log parsing and indexing processes to ensure CIM compliance.Integrated external threat feeds to strengthen alerting and threat hunting capabilities.Conducted Splunk system upgrades to maintain compliance and performance standards.Enhanced query performance by designing and implementing search optimization strategies.Configured specialized Splunk apps for use cases like cloud monitoring.Improved incident response with actionable, real-time dashboards for hybrid environments. Show less

• 

  Cyberasquare Consultant

  Jun 2023 - now

  Splunk Engineer |SEIM

  Developed and fine-tuned complicated SPL queries and dashboards that provided appropriate security metrics, and shortened the time needed to address specific threats.Integrated threat intelligence into Splunk using Python and APIs for Splunk which have allowed easy integration of third-party threat feeds.Normalization of data and CIM mapping for improved compliance with the applicable industry security standards.Co-ordinated Splunk performance by capacity planning and improving arrangements regarding indexers and search heads.Implements within a ‘Security Operations Center’ style 24/7 environment utilizing Splunk for aggregation and analysis of organizations log data and focused investigation of security related incidents.Identified and neutralized APTs and did root cause and real time correlation and application and threat intelligence.Developed runbooks for Escalated Incidents and created use-cases and related automation practices within Splunk Phantom.Managed the endpoint detection and response (EDR) solutions integration with Splunk to gain better understanding of hosts and potential threats. Show less