Summary
Overview
Work History
Education
Skills
Education And Certifications
Security Clearance
Certification
Timeline
Generic

Rohit Sharma

Cyber Security Specialist
Sydney

Summary

Professional with 12+ years of experience in IT and SIEM consultant roles with sound knowledge of SIEM deployments, Splunk, Splunk Enterprise Security, Splunk ITSI and cyber security fundamentals. Resourceful Specialist offering expertise in problem-solving, data analysis and customer service. Adept at quickly learning new technologies and processes for driving success. Proven track record of successfully managing multiple projects and developing innovative solutions.

Overview

14
14
years of professional experience
4
4
years of post-secondary education
8
8
Certifications

Work History

Specialist- Cyber Security (Contract)

Insurance Australia Group (IAG)
11.2023 - Current
  • Analyse different Applications within IAG and create security Detection use cases based on Architecture and functioning of application
  • Developing latest threat intelligence and according to Mitre ATTACK and magma frameworks
  • Define and build correlation searches to generate notable events using SIEM solution
  • Creation of Playbooks for threat detection team to act upon any threats.

Functional Analyst Splunk SIEM (Contract)

Transport for NSW/Sydney Trains OT
12.2021 - 11.2023
  • Analysis and development of the new use cases and detection rules that needs to be implemented
  • Identifications and remediation of shortfalls within detection rules and techniques
  • Collaborate with CSOC analysts to finetune detection rules to reduce false positives notable events
  • Collaborate with CSOC team in defining the playbooks for each type of notable events
  • Onboarding the data from various cyber security streams like app Control, Microseg, NAC, advance threat detection etc and present them on a Splunk SIEM dashboards
  • OS, application, network, firewall data ingestion from seven different domains through Splunk supported add on and syslog
  • Helping CSOC team to resolve any security incident by providing them relevant information
  • Data ingestion and integration of events through various sources including azure storage, event hub, syslog sources, Nozomi alerts and various other applications
  • Setting up dashboards on Splunk enterprise security
  • Setting up data models and CIM mapping.

Splunk Engineer (Permanent)

AGL, Australia
06.2021 - 12.2021
  • In Splunk ITSI, creating and managing services, entities, KPI searches, base searches etc
  • Reports, dashboards, and alerts creation while working on Splunk cloud instances
  • Creation and validation of process and technical documents of monitoring on confluence
  • Timely resolution of BAU task and incidents along with the other project deliverables and updating them in JIRA sprints.

Sr. IT Technical Specialist (Permanent)

Link Group, Australia
05.2019 - 06.2021
  • Mentoring a team of 5 resources in monitoring and observability team
  • Requirement gathering from different application owners, ingesting application data, and building dashboard, reports, alerts etc
  • Configuring Splunk apps and add on’s for Splunk enterprise, Splunk ITSI and Splunk enterprise security Instances
  • Deploying Splunk applications in multi-site clustered / distributed environment
  • Engaged with all levels of the business including project teams, service delivery, infrastructure, and business operations
  • Creating and managing app, creating users, roles, knowledge objects
  • Develop technical design/ architecture documents, use case documents
  • Hands-on working experience on Splunk ITSI instance
  • Getting data to Splunk using API calls and http event collector
  • Creating, representing changes in CAB meeting, handling service requests and incidents and resolving them within SLA using service now
  • Planning and implementing technical solutions, operating procedures and policies as needed and documenting them.

Splunk Engineer (Permanent)

Avocado Consulting, Australia (Client- Transport for NSW)
09.2018 - 05.2019
  • Configuration of Splunk system components like universal/heavy Forwarders, search head nodes, indexers, and deployment servers
  • Good knowledge of Splunk search processing language (SPL), reporting, dashboards, and search acceleration techniques
  • Writing and analysing Splunk configurations through Splunk configurations files - inputs.conf, props.conf, Indexes.conf etc
  • Deploying Splunk applications in cluster/distributed environment with Deployment Server and Deployer servers
  • Creating and managing app, Create user, role, Permissions to knowledge objects
  • Creation and configuration of multi-site Splunk indexer clusters and search head clustering from scratch
  • Develop technical design/ architecture documents, use case diagrams, workflow diagrams.

Service Desk Analyst (Contract)

Chirpn IT Solutions, Australia (Client- SBS Australia)
03.2018 - 09.2018
  • Investigating and resolving incidents and problems to restore service within the agreed SLA
  • Ensuring follow-up with customers to confirm incidents are resolved
  • Identifying opportunities for continuous improvement and driving them to implementation Complying with quality and process measures for key work practices in the team
  • Working on Monitoring applications like SolarWinds for managing reports, Alerts for critical applications.

Senior System Administrator/Enterprise Monitoring and migration lead (Full Time)

Bureau Veritas, India
06.2017 - 12.2017
  • Enterprise monitoring solution through monitoring tools like, Splunk, CA Nimsoft/ CA UIM, Splunk, CA DevTest and SolarWinds
  • Use of SQL queries to make reports and NOC views through SolarWinds
  • Monitoring and tuning system performance thresholds after analysing the QOS data and peak trends
  • Installation, upgrade, and administration support for Orion Solar winds platform including network performance monitor (NPM), network configuration manager (NCM), patch manager, server & application monitor (SAM)
  • Completed migration of monitoring infrastructure from on premises environment to Azure cloud.

Technical Specialist (Full Time)

HCL Technologies, India
04.2015 - 06.2017
  • Extensive experience with CA UIM to keep track of monitoring activities and service now ticketing system
  • Monitoring of SMTP, files and directories, network monitoring through SolarWinds using the MIBs
  • Documented and reviewed new report templates, functional reports, and system configurations
  • Upgrading CA UIM monitoring application to latest versions
  • Solar winds monitoring and reports generation for fine tuning
  • Alerts configuration and reports configurations.

Systems Engineer

Tata Consultancy Services, India
07.2014 - 04.2015
  • Managing enterprise application for example Nimsoft within Scandinavian region
  • Managing more than 200 users across remotely and face to face
  • Worked on terminal servers and SCCM deployment
  • Providing accurate and intelligent support across windows server 2003/2008/2008 platforms for monitoring application
  • Working across different business requirements on Microsoft platform
  • Set up monitoring for windows servers, Linux Servers, AS 400 Servers, databases, URLs, exchange, AD, logs etc
  • Set up monitoring for cisco L2 and L3 switches and routers.

Sr. Analyst

HCL Technologies India
09.2011 - 06.2014
  • Providing level1 to users regarding server issues and critical alerts
  • Worked as a Sr
  • Analyst in Network Operation centre (NOC)
  • Worked on different Monitoring Tools like SCOM, nagios, Splunk, OEM, HP SIM, DFM
  • Worked on BMC remedy/HPSM for ticketing
  • Monitoring servers’ performance, disk space, and availability
  • Taking appropriate actions based on the type of failure/issue
  • Handling escalation procedures for all SEV1, SEV2, and SEV3 security, servers, application, and networks tickets
  • Interfaces with vendors to ensure timely attention to maintenance concerns
  • Ensure problem tickets are opened properly and timely with the correct severity.

Sr. Analyst

Elevate BPO Services Pvt. Ltd. India
07.2010 - 08.2011
  • Addressing user ticket related to hardware, software, and network
  • Walking customers through installing application and customer peripherals
  • Guide users with simple step by step instructions on resolving desktop related issues.

Education

Bachelor of Technology - Electronics And Communication

Dr A P J Abdul Kalam Technical University
India
08.2005 - 06.2009

Skills

Splunk SIEM, Splunk ITSI, Cyber Security, Detection Engineering, Linux, Windows

undefined

Education And Certifications

  • Bachelor of Technology
  • Comptia Security +
  • ITIL V3 Certified
  • Splunk Certified Architect
  • Splunk Certified Core User
  • Splunk Certified Power User
  • Splunk Certified Admin
  • Splunk Certified ITSI Admin
  • Splunk Certified Enterprise Security Admin
  • Certified in Cybersecurity from ISC2

Security Clearance

NV1

Certification

Splunk Architect

Timeline

Specialist- Cyber Security (Contract)

Insurance Australia Group (IAG)
11.2023 - Current

Functional Analyst Splunk SIEM (Contract)

Transport for NSW/Sydney Trains OT
12.2021 - 11.2023

Splunk Engineer (Permanent)

AGL, Australia
06.2021 - 12.2021

Sr. IT Technical Specialist (Permanent)

Link Group, Australia
05.2019 - 06.2021

Splunk Engineer (Permanent)

Avocado Consulting, Australia (Client- Transport for NSW)
09.2018 - 05.2019

Service Desk Analyst (Contract)

Chirpn IT Solutions, Australia (Client- SBS Australia)
03.2018 - 09.2018

Senior System Administrator/Enterprise Monitoring and migration lead (Full Time)

Bureau Veritas, India
06.2017 - 12.2017

Technical Specialist (Full Time)

HCL Technologies, India
04.2015 - 06.2017

Systems Engineer

Tata Consultancy Services, India
07.2014 - 04.2015

Sr. Analyst

HCL Technologies India
09.2011 - 06.2014

Sr. Analyst

Elevate BPO Services Pvt. Ltd. India
07.2010 - 08.2011

Bachelor of Technology - Electronics And Communication

Dr A P J Abdul Kalam Technical University
08.2005 - 06.2009

Similar Profiles

CREATE PROFILE
Rohit SharmaCyber Security Specialist