Open to opportunities

haresh kulkarni

@hareshkulkarni1

Results-driven Cyber Security Analyst and Splunk Lead, delivering SIEM monitoring, incident response, and threat detection.

India

Message

What I'm looking for

I’m looking for a role where I can lead SIEM/Splunk security monitoring, build detections with SPL and correlation searches, and improve incident handling and security posture across enterprise systems.

I’m a results-driven Cyber Security Analyst with 16 years of experience in the IT industry, focused on IT operations, monitoring, incident handling, threat analysis, and improving security posture.

In my current role, I support Splunk Enterprise Security end-to-end—implementing and maintaining data models, dashboards, and advanced visualizations. I write SPL queries for the SOC team for threat detection, build knowledge objects (event types, lookup definitions, and custom fields using REGEX), and ingest logs from Windows and Unix devices into Splunk.

I also manage Splunk configurations and performance: deploying, configuring, administering Splunk clusters, handling upgrades/migrations, setting up Splunk Forwarders, and optimizing setup using Hot/Warm/Cold/Frozen bucketing. I create correlation searches using Splunk configuration files (props.conf, Transforms.conf, Output.confg) and implement workflow actions to drive troubleshooting across event types.

Earlier, I’ve managed Splunk platform operations and user administration, built alerts and timed reports, and ensured tickets are fully updated with the most current data. I’m passionate about protecting enterprise systems through strong security monitoring, vulnerability management, and security compliance basics.

Experience

Work history, roles, and key accomplishments

Current

Cyber Security / Splunk Lead

Current

Russell Investments

Mar 2022 - Present (4 years 3 months)

Implemented and supported Splunk Enterprise Security, building data models and dashboards and writing advanced SPL queries for threat detection. Managed Splunk clusters, configured forwarders, maintained correlation searches and knowledge objects, and handled incident and request workflows for SOC operations.

Splunk Enterprise Threat Detection Correlation Searches Splunk Configuration (Props.Conf Transforms.Conf)Splunk Forwarder Incident Management Linux Windows Administration

Splunk Developer

Blue Rose Technologies Pvt Ltd

Mar 2021 - Sep 2021 (6 months)

Provided overall management of the Splunk platform by onboarding logs via GitLab and supporting Splunk on UNIX, Linux, and Windows. Troubleshot alerts and dashboards, assisted with automation of maintenance processes, and supported platform issue resolution for clients.

Splunk Platform Administration Onboarding Gitlab Alert And Dashboard Troubleshooting Splunk Automation Splunk

Splunk Engineer & Dashboard Dev

The Net Bangalore Pvt Ltd

Sep 2017 - Feb 2021 (3 years 5 months)

Monitored environment operational health using key performance indicators and managed Splunk users, applications, retention policies, and index administration. Integrated third-party data feeds into centralized Splunk, built alerts and timed reports, and developed scripts to automate Splunk maintenance and alerting tasks.

Splunk App Development User Administration Alerts & Timed Reports Splunk

Senior Technology Specialist

Wells Fargo India Solutions Pvt Ltd

Aug 2016 - Jul 2017 (11 months)

Optimized Splunk peak performance by distributing indexing and searching workloads across different machines. Created and configured search strings and dashboards, extracted fields with regular expressions, implemented EVAL-based field creation, and supported architectural inputs for Splunk deployments.

Field Extraction EVAL Functions Dashboards Splunk Architecture Deployment Support

Splunk Administrator (Incident Analyst)

Monsanto Holdings Pvt Ltd

Jun 2010 - Mar 2016 (5 years 9 months)

Designed a load-balanced Splunk enterprise architecture with LDAP authentication and built dashboards and applications for business and technical teams. Managed day-to-day Splunk troubleshooting and supported 500 GB/day of infrastructure with 22,000 users, including installation/upgrades through Splunk 6.2 and integration of OS, network, and application data.

Splunk Architecture (Search Heads Indexers Forwarders)LDAP Data Integration Incident Request Support

System Analyst

I-Source Info Systems Pvt Ltd

Sep 2008 - Jun 2010 (1 year 9 months)

Installed, configured, and maintained enterprise software and Windows environments from Windows XP through Windows Server 2008 R2. Managed user account actions (reset/unlock/enable/disable/rename), handled Outlook mailbox and McAfee anti-virus updates, and monitored user tickets using BMC Remedy with monthly service quality reporting.

Windows Administration SQL Oracle .NET Outlook Mailbox Support

System Engineer

Affinity Software Bangalore Pvt Ltd

Nov 2005 - Sep 2007 (1 year 10 months)

Configured Red Hat Linux AS/ES servers for production and development environments and reconfigured networking hardware to stabilize performance. Conducted day-to-day network administration and troubleshooting, maintained hardware inventory, and supported end-user application and PBX/VOIP phone system issues.

Linux Administration Network Troubleshooting Configuration Inventory Network Hardware PBX VOIP System Support

South Zone Manager

Slim Gym Enterprises

Jan 1999 - Jan 2005 (6 years)

Increased sales and services of Hi-Tech pumping systems by generating new orders and following up on payment collection. Tracked existing and new customers and managed sales-related activities within the south zone.

Sales & Management Customer Relationship Management Service Sales