Karthick R

Threat Detection Engineer|Splunk Developer| Splunk Admin

• Administered Splunk systems, ensuring efficient processing of 13TB data and maintenance of 17,000+ data sources.
• Maintain Splunk dashboards, alerts, and reports: Supported security monitoring and operations by managing and maintaining Splunk dashboards, alerts, and reports.
• Analyze Security Incidents: Determine the nature, impact, and root cause of security incidents, and provide recommendations for remediation.
• Use the MITRE ATT&CK Framework: Map out adversary tactics, techniques, and procedures (TTPs) to enhance detection capabilities.
• Normalize Data Sources: Ensured proper data parsing and CIM compliance by normalizing various data sources into
  Splunk.
• Create and Fine-Tune Security Alerts: Developed and refined security alerts within Splunk, Data bricks, sentinel to detect
  anomalous activities and potential threats.
• Assist in Incident Investigation: Utilized Splunk, crowdstrike and XSOAR to investigate security incidents.
• Design and Develop Custom Splunk Apps: Extend platform functionality by designing and developing custom Splunk apps and add-ons to meet specific organizational needs.
• Collaborate with Cybersecurity Teams: Translated the requirements of cybersecurity teams into effective Splunk solutions.
• Integrate Threat Intelligence Feeds: Enriched security data and improved threat detection by integrating threat intelligence
  feeds into Splunk.
• Create and Fine-Tune Correlation Searches and Runbooks: Developed and optimized correlation searches and security
  incident response runbooks.
• Implement and Manage Splunk ES: Configured and customized Splunk Enterprise Security (ES) solutions, including
  security dashboards and threat intelligence frameworks.
• Develop and Maintain Splunk Data Models: Streamlined data normalization and improved search efficiency by developing
  and maintaining Splunk data models and knowledge objects such as field extractions, lookups, and tags.
• Work with Threat Hunting, SOC, and Incident Response Teams: Ensured comprehensive threat detection and response strategies through close collaboration with Threat Hunting, SOC, and Incident Response teams.

• Developed Splunk use cases to enhance data analysis and security monitoring.
• Administered Proofpoint to ensure optimal email security and threat prevention.
• Implemented and maintained Splunk use cases, contributing to improved data insights and security measures.

Worked as a Spam Analyst for Apple services, leveraging Splunk for detailed email traffic monitoring, advanced spam filter development, and rapid resolution of security incidents. Proficient in generating comprehensive reports, dashboards, and knowledge objects to support effective threat mitigation, and enhance operational security.

• Continuously monitor and analyze email traffic across Apple services to identify and flag potential spam, phishing, and other malicious activities using Splunk.
• Design, implement, and maintain advanced spam filters and detection rules within Splunk to effectively block and mitigate spam threats targeting Apple services.
• Optimize Splunk search queries and data models to improve the efficiency and effectiveness of spam detection mechanisms.
• Conduct thorough investigations of spam-related security incidents, leveraging Splunk's capabilities to trace the source, method, and impact of the attack.
• Generate detailed reports and dashboards in Splunk to provide insights into spam trends, detection efficacy, and areas for improvement, supporting proactive security measures.
• Conduct detailed malware analysis to identify and mitigate threats originating from malicious email attachments and links, enhancing overall email security measures.
  Implement and manage response and remediation protocols within Splunk to promptly address and mitigate identified spam and phishing threats, reducing the potential impact on Apple services.
• Worked as a Scrum Master to drive process improvement initiatives within the team, and led a team of 5, enhancing overall efficiency and project delivery.