Rustam Abdullin available

Rustam Abdullin

Splunk Expert

Profileimage by Rustam Abdullin Splunk Expert from
  • Freelancer in
  • Graduation: Kazan State University
  • Hourly-/Daily rates:
  • Languages: English (Full Professional)
  • Last update: 06.05.2019
Profileimage by Rustam Abdullin Splunk Expert from
OS: Microsoft Windows series [advanced user], *nix [advanced user]
Splunk: 5.x and 6.x, Splunk Enterprise, Splunk Enterprise Security, Splunk DB Connect
Cloud: Amazon AWS (EC2, S3, Storage Gateway, VPC, Elastic IP, AMI, Multiple Accounts Management, IAM), Azure, Office365 Security
IT Security: Splunk [Enterprise Security], Qualys Guard, Tufin SecureTrack, Digital Guardian DLP, Sophos AV, McAfee Endpoint Protection, Kali\BackTrack Linux (metasploit framework, nikto, dirbuster, sqlmap, sqlninja, nmap etc.), Nessus
Splunk Expert, Senior Information Security Analyst
Splunk Architect
- Splunk SIEM deployment (*nix, web-apps, web-servers, Docker, Kubernetes, GSuite, Nessus, Windows, Qualys, MSSQL, MySQL, Oracle, Cisco, Fortigate, Office365)
- Splunk Enterprise Security (ES) deployment
- Splunk for Core Banking security logs monitoring (MSSQL, Linux)
- Developed Splunk infrastructure and related solutions as per business requirements
- Splunk deployment process documentation (text description, diagrams)
Splunk Developer
- SOC Dashboards deployment based on Splunk ES
- Expertise in customizing Splunk for Monitoring, Application Management and Security as per customer requirements and industry best practice (all core Splunk apps)
- Creating Vulnerability Assessment dashboard using Qualys and Nessus that aggregates data across multiple services to identify critical threats and proactively mitigate risks
- python custom scripts to collect and process data (API and text data sources)
Splunk Admin
- Splunk for DevOps and developers teams
- Migration of Splunk instances from on-premises / colocation data centers to AWS cloud
- Preparing security operations center (SOC) environment
- Developed Security Use Cases and transform into correlation searches, templates, reports, rules, alerts and dashboards
- Support, monitor and manage the SIEM environment
- Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing
- Splunk DB Connect 2.0 for Oracle, MySQL, MSSQL
- Splunk administering in environments like Window Servers, Red Hat Linux Enterprise Servers
- Installation and configuration of Splunk apps to onboard security data sources into Splunk *nix, web-apps, web-servers, Docker, Kubernetes, GSuite, Nessus, Windows, Linux, Oracle, VMWare, Cisco, network devices)
- Assist with design of core scripts to automate SPLUNK maintenance and alerting tasks. Support Splunk on *nix and Windows-based platforms. Assist with automation of processes and procedures
Splunk IT Operations
Headed Proof-of-Concepts (POC) on Splunk/Splunk ES implementation, mentored and guided other team members (programmers, DevOps) on understanding the use case of Splunk
Splunk ES / SOC
- Splunk ES deployment
- Splunk ES notable events, correlation searches, map data to CIM
- Insider threat, intelligence or incidents investigation experience using Splunk

Lee Imrey
C-level Advisor in cybersecurity management, information security technology, and cyber-risk
November 18, 2016, Lee managed Rustam directly

Rustam was a core contributor to FINCA's security program. He was willing to share what he knew, and to learn what he didn't. He exercised good judgment in balancing competing priorities, and was reliable in meeting his commitments. On the rare days he had free time, he would look ahead, and devote himself to addressing foreseeable problems before they impacted the business. I would consider him an asset to any program, and would be happy to hire him again.