Arijit Bhattacharya
Cybersecurity Consultant
Kolkata
Summary
Experienced Splunk, SIEM, and Cribl Engineer with 7 years' expertise in designing, implementing, and optimizing log management, security monitoring, and data processing solutions. Skilled in configuring and maintaining Splunk and SIEM platforms, and developing intricate Cribl LogStream pipelines. Proven track record of driving operational excellence and delivering results in complex enterprise environments. Strong analytical and problem-solving abilities, committed to staying updated with emerging technologies and best practices. Passionate about contributing to organizational success and security through collaboration and continuous improvement.
Overview
7
7
years of professional experience
5
5
years of post-secondary education
4
4
Certifications
3
3
Languages
Work History
Cyber Security Consultant
EY
10.2022 - Current
- Conforming data from log sources within the SIEM, adhering to the Common Information Model (CIM)
- Proficiency in parsing and anonymizing data before integrating it into the SIEM
- Develop and maintain correlation searches, alerts, and dashboards within the Splunk SIEM platform to monitor security events and detect potential threats
- Leverage Splunk's capabilities to analyze log data in real-time, identify anomalies, and respond promptly to security incidents
- Enhance threat detection capabilities by integrating threat intelligence feeds, developing use cases based on industry frameworks such as MITRE ATT&CK, and refining detection mechanisms
- Utilize Splunk's search processing language (SPL) to perform advanced log data analysis, including statistical analysis, pattern recognition, and trend identification
- Create custom dashboards, reports, and visualizations to present actionable insights derived from log data, catering to requirements from various stakeholders
- Collaborate with security analysts and incident responders to investigate security incidents, conduct forensic analysis, and generate incident reports
- Configure Cribl LogStream pipelines to process, transform, and route log data efficiently, meeting specific use case requirements
- Optimize LogStream configurations to enhance data processing performance, scalability, and resource utilization
- Collaborate with stakeholders to understand their log data needs and design effective solutions using Cribl LogStream
- Documenting configurations, processes, and best practices for log data management using Cribl LogStream
- Participating in the evaluation and selection of new logging and monitoring technologies, including providing insights into the strengths and weaknesses of Cribl LogStream compared to alternatives
- Contributing to the continuous improvement of log data management practices within the organization.
IT Analyst
Tata Consultancy Services
09.2021 - 10.2022
- Working on huge datasets, having billions of rows, to develop key business insights
- Working on building dashboards to monitor environment operational health of multiple clients
- Ingestion of logs through HEC and DBConnect to import huge datasets into Splunk, effectively to design and develop dashboard, reporting and visualization solutions providing monitoring insights to end users
- Working directly with client to ensure each demand is met with correct solution
- Leveraging SPL and statistical knowledge to develop charts and plots from key metrics that would provide insights into overall and service level system health
- Development of automation scripts in Python for automatic log ingestion into Splunk through HEC endpoint
- Development of design documents and Run-books for infrastructure so as to log all development information for future reference.
Splunk Analyst
OnProcess Technology
09.2019 - 09.2021
- Performing data analysis, managing disruption and undertaking proactive measures to ensure smooth operations
- Using SPLUNK to create & manage dashboards as well as monitor critical log data; ensuring performance issues are resolved in near-real time
- Using SPL to Reverse Engineer through logs to grab issues and pin-point causes; analyzing and responding to critical issues
- Designing and implementing custom searches and reports
- Customizing & deploying Splunk apps & Dashboards as per internal customers
- Creating Splunk Application (Splunk APP) & Add-on to collect, parse data as per the requirement & management of Splunk Applications
- Creating Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards
- Working on large datasets to generate insights using Splunk
- Monitoring production error and root cause analysis using Splunk
- Acting as End-User Advocate, with capability to lead proactive improvement initiatives and projects for identified supportability issues.
Cloud Ops Engineering Associate
Accenture
12.2016 - 09.2019
- Monitored alert log through Splunk: Analyzed storage, backup FS & other critical areas through Splunk log monitoring
- Configured alerts and Forwarders Installation in Splunk Servers
- Involved in standardizing SPLUNK forwarder deployment, configuration and maintenance across servers
- Setting-up Splunk DMC and maintaining instance for monitoring health of clusters
- Configuring Clusters for load balancing and fail over solutions; debugging Splunk integration issues
- Managing & deploying Splunk on premise & Cloud Infrastructure
- Provided support, expansion & maintenance of Splunk Infrastructure to meet future architecture design and deployment requirements
- Performed basic and advanced scripting tasks with Splunk to automate repeatable processes using Python.
Education
Bachelor of Technology -
08.2011 - 08.2015
ISC -
05.2010 - 05.2011
Skills
Splunk SIEM
undefinedCertification
Splunk Core Certified Power User
Timeline
Cyber Security Consultant - EY
10.2022 - Current
IT Analyst - Tata Consultancy Services
09.2021 - 10.2022
Splunk Analyst - OnProcess Technology
09.2019 - 09.2021
Cloud Ops Engineering Associate - Accenture
12.2016 - 09.2019
Calcutta Institute of Engineering And Management - Bachelor of Technology,
08.2011 - 08.2015
Mansur Habibullah Memorial School - ISC,
05.2010 - 05.2011