Robert Church

Undisclosed

Manager Cyber Defense

April 2020 - Present

• Developed strategy for upgrading Redhat and Splunk environments utilizing Ansible Role based playbooks
• Managed 90+ server deployment utilizing Multisite replication in multiple datacenters
• Developed dozens of high quality Ansible Playbooks for automating complex manual operations
• Managed all aspects of highly customized Enterprise Security environment
• Imported data from multiple API based frameworks into Splunk
• Developed dozens of high quality dashboards focusing on current needs
• Developed strategy for importing syslog data to Splunk via syslog-ng
• Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps
• Created apps, dashboards, and data-models to fit business requirements
• Perform field extractions, using rex command and regex in configuration files

KPMG

Senior Associate - Architecture and Engineering

Data Architect

November 2018 - April 2020

• Designed report saving company between 250k and 500k in server licensing costs
• Integrated Servicenow CMDB and Request data with Splunk utilizing inputlookups
• Designing and implementing Splunk-based best practice solutions
• Conveyed advanced concepts related to designing and developing processes utilizing Splunk best practices
• Captured, analyzed, and monitored front end application logs
• Develop data extraction tools utilizing Python, Bash, and Powershell
• Provide regular support guidance on complex incidents requiring data in Splunk
• Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps
• Created apps, dashboards, and data-models to fit business requirements
• Perform field extractions, using rex command and regex in configuration files

Splunk Linux Architect

• Responsible for the design, performance, implementation and capacity of the Splunk multisite platform
• Provided support for system admins and developers to ensure the delivery of data
• Develop and implement software release management strategy utilizing Jenkins/Bitbucket/Ansible
• Optimized deployments from 4 hours to 28 minutes saving > 900 man hours/year
• Migrated Enterprise Security from shared cluster to dedicated cluster
• Engineered rsyslog solution utilizing CRIBL, syslog-ng, for > 5M transactions a day
• Create retention policies, perform administration, maintenance and optimization
• Manage all aspects of Redhat 6/7 servers running Splunk Enterprise services
• Provide security consulting to project and development teams
• Identify KPI and develop dashboards with visual metrics for stakeholders

Charles Schwab

Senior Splunk Engineer

2018 - 2018

• Develop and implement software release management strategy for Splunk utilizing JIRA/Bitbucket/Bamboo
• Develop and implement migration strategy from Standalone SH to Clustered SH
• Develop Python scripts to automate the remediation of 700+ Splunk App configurations
• Standardize Splunk server configurations for 6.x and 7.x
• Develop Python and Bash scripts for backend Splunk and Linux administration
• Optimize data ingestion with a goal of complete CIM compliance
• Assist with the design and implementation of a 200+ Splunk server expansion
• Perform Hot/Cold/Frozen capacity planning for 2 Petabyte storage expansion
• Standardize Universal Forwarder and Heavy Forwarder configurations
• Onboard new log sources with log analysis and parsing to facilitate event correlation
• Create dashboards for IT Operations, and Service owners used to monitor application and device health

KPMG

Senior Associate - Linux Systems Administrator

2016 - 2018

• Engineered strategy utilizing Redhat Satellite with custom kickstart scripts
• Designed multiple highly redundant web solutions supporting 35,000 connections/min
• Support 1300+ Linux servers in a multi platform environment
• Designed multi-node Redhat IPA solution with replication supporting > 1000 users
• Perform asset and inventory management via python API calls
• Created multiple Splunk dashboards ensuring application and infrastructure visibility
• Manage all aspects of RSA Netwitness Log and Packet SIEM appliance
• Created multiple Splunk reports aggregating and parsing billions of records
• Deploy hosts in AWS and Azure hosts via web console and python API
• Identify and mitigate conditions using custom written Python and Bash scripts
• Utilize Ansible and Salt-Stack for task automation and configuration management
• Serve as an organization point of escalation for all Linux based problems