Beau Newcomb
1421
Felspar St. Suite 3
San
Diego, CA 92109
(718)
974 - 4305
beaunewcomb@gmail.com
Qualifications
Summary:
Innovative
and certified Splunk Architect with extensive experience architecting and
managing Splunk solutions for large (Fortune 50, Fortune 500) institutions. Experience
building complex Splunk dashboards and environments across multiple
industries and varied sources of data.
|
Splunk-Specific
Experience:
-
Architected Splunk DataWebs, of various sizes and security levels for:
- Security (RSA, AD auth and Unix auth, IDM, TurboTax)
- Desktop Support (Configuration database)
- Linux Thin Client estate (Inventory)
- High Performance Computing (Performance monitoring)
- Financial Engineering
- Virtualization (Core-4 Stats- Capacity vs Provisioned vs Used vs
Deduplicated)
- Oil and Gas industry devices
Optimized
and performance-tuned Splunk VMWare app
Utilized
Splunk regex to create sourcetypes and automatic field extractions
Worked
with F5 VIPs to loadbalance incoming data to Splunk and provide
network-layer redundancy
Consulted
Unix App Development team to suggest best logging method to preserve
performance while logging to Splunk
Developed
a large (2500+ linux device) asset configuration database utilizing Splunk
as an indexing and reporting engine.
Wrote
Powershell, BASH, and PERL scripts to gather data to output to Splunk via
syslog or Splunk Universal Forwarder.
Built
live, interactive reporting dashboards based on advanced XML and advanced
Splunk search syntax
Created
search tools for various teams to filter live log data based on keywords,
host, or log type.
Setup
alerts based on Splunk searches to notify security of multiple failed RSA
login attempts.
Made
decisions on best method of aggregating data into Splunk. Forwarder install
vs syslog, vs WMI calls, etc.
Utilized
regex to filter data to appropriate indexes and mask confidential
information from being displayed in searches.
Manually
configured props.conf, transforms.conf, inputs.conf, and outputs.confs, and
other settings files via linux console.
|
Prior
Experience:
Owner
and Splunk Certified Architect – Newcomb Technologies - – San Diego, CA 10\2013 – Current
-
Provided consultation and support for Splunk environments for various
customers in the US.
-
Developed Splunk apps on demand for customers
-
Troubleshot and assisted customers with their Splunk environments
-
Planned indexing strategies and backups
-
Acted as Splunk SME for clients
Data
Security Engineer \ Consultant - Intuit (Financial Software) – San Diego, CA 2\2013 – 10\2013
-
Architected large-scale solutions based on AWS components for Big Data
(logging)
-
Wrote policies and standards required for logging of security-related events
-
Provided both engineering and operational support for a new, multi-tier
Splunk environment.
-
Created advanced saved searches to analyze and alert on real-time
authentication log data
-
Built a single-pane-of-glass dashboard consolidating TippingPoint, Websense,
Symantec Endpoint Security, and FireEye detection events across multiple
sites.
-
Engineered a “Secure Data Pipeline” solution to allow Splunk to securely
ingest sensitive personally-identifiable customer information.
-
Acted as a principle Splunk SME and provided expertise and guidance to
multiple teams across the enterprise
Splunk
Engineer \ Consultant - TIAA-CREF (Financial) – Manhattan, NY 7\2012 – 2\2013
-
Provided both engineering and operational support for a new, multi-tier
Splunk environment.
-
Advised on Splunk best practices up the stack from forwarders to indexers.
-
Refined Splunk architecture to be more secure, resilient and global.
-
Developed Splunk apps from the ground up, including dashboarding, and
securing of custom application logs.
-
Rebranded Splunk to reflect TIAA-CREF logo and company color scheme.
-
Provided basic to advanced search support and assisted teams with
configuration of their custom Splunk apps.
-
Worked closely with Splunk engineers to architect and implement the Splunk
VMWare app across multiple sites.
-
Integrated existing Splunk 3rd party apps where applicable.
-
Trained IT staff on Splunk and held web-based classes to demonstrate Splunk
features.
VDI
Operations Consultant - Bridgewater Associates (Hedge Fund) – Westport, CT 10\2011 – 2\2012
-
Diagnosed and resolved issues during the rollout of a fully virtual trading
floor.
- Used
third-party tools (Splunk) to analyze performance and identify trending
issues
-
Redesigned VMWare View server infrastructure and workstation creation
process.
-
Followed strict IT Security practices and guidelines in designing, and
supporting the View infrastructure.
-
Suggested tools to be brought into the organization to modernize and
streamline support process.
-
Advised on VDI best practices and signed off on engineering’s designs before
going production.
-
Refined support processes and procedures to mitigate risk and ensure a
consistent, quality product
Solutions
Design Engineer - Royal Bank of Scotland (Financial - Trading) – Stamford, CT 8\2008 – 8\2011
- Engineered and
delivered *NIX-based solutions to the enterprise.
-
Articulated and drove various innovative IT projects, assisting with design,
documentation, and deployment.
-
Acted as US chairman for global solutions design meetings with peers in
London and APAC.
-
Performed as a founding member of the Virtualization Technologies team, and
assisted in the design of a large VI environment featuring: Active-Active
datacenters connected via Layer-2 stretch, automated failover via PowerShell
scripts, and multi-tiered storage offering.
-
Accelerated the exit of legacy datacenters by taking the server environment
from 0% to 40%+ virtualized in 2 years.
Systems
Administrator \ Engineer - Flycell, Inc (Web startup) – Manhattan, NY
7/2007 - 8/2008
-
Built AD environment for a medium-sized office.
-
Designed and managed VMWare server farm
-
Wrote BASH script to integrate development release environment into Akamai
(CDN).
-
Interfaced closely with developers to ensure platform was stable and enough
compute was available.
- Managed
Ubuntu-based development servers (Physical and Virtual)