Work History

My work history with some career highlights from each role.

Certifications

  • Splunk Architect II (6.5)
  • Cribl CCOE Admin
  • Certified Kubernetes Application Developer

2018, 2022 Lumsdaine Consulting - Cork

  • Advise clients on how to improve insights and reduce cost of existing Splunk installations
  • Managed procurement and installation of Splunk Enterprise Security and ITSI
  • Worked with Security teams to implement threat detection use cases in Enterprise Security
  • Work with Site Reliability teams to build glass tables in ITSI

Dec 2021 - Jul 2022 Dell - Cork

  • Technical lead for high search volume SRE Splunk Cluster, utilising ITSI and SOAR
  • Architected indexer clusters to support 50TB/day ingestion with Enterprise License Agreement
  • Integrated Gitlab for managing Splunk configuration
  • Reduced search load by 30%
  • Helped Splunk identify and fix memory leak in 8.x
  • Set up Dynatrace monitoring of Splunk
  • Performed License and Hardware analysis, and budget presentations

2015 - 2021 Qualcomm - Cork

  • Technical lead for a 30TB/day Splunk 8.x cluster
  • Worked with user base of 7000, with 2000 monthly active users
  • Integrated and managed premium apps such as ITSI, Enterprise Security and Phantom (Splunk SOAR)
  • Set up Cribl Logstream POV to get 50% data reduction (very similar to Splunk DSP)
  • Onboarded several hundred different sourcetypes, with varying props and transform requirements
  • Worked with Security teams to enable company wide endpoint Windows event logs collection
  • Set up mass database auditing with dbconnect (1000 + databases)
  • Used multiple log transport systems for data ingest:
    • AWS, Google Cloud and Azure logs via Kinesis, Kafka and Eventhub
    • Syslog-ng for networking devices and hosts unable to accommodate Universal Forwarder or HEC
    • Splunk HTTP Event Collector
    • Splunk Universal Forwarder on approximately 100,000 hosts
    • Various apps to pull from third party APIs and unusual sources

2015 Xanadu Consultancy - Cork

  • Managed the infrastructure for a high stakes betting exchange
    • Managed hypervisors and server for betting exchange website
    • Managed multi site replicated MySQL databases
    • Set up Elastic + Logstash + Kibana based log analytics platform

2011-2014 Horseshoe Lane Services / Phoenix HSL - Sydney

  • Managed approx. 300 virtual Linux (Mainly Red Hat 5.6, with some Ubuntu) and Windows servers using vSphere, across 6 international data centres
  • Responsible for internal security compliance and monitoring of database and networking access controls
  • Managed two factor authentication service (SSL VPN with SecurID two factor authentication)
  • Managed multi site PBX (both SIP and IAX2 trunking) with FreePBX

Non IT Roles

  • 2010 Truffles café , Sydney: Owner
  • 2006 - 2010 Greenwich Corporate Finance, Sydney: Project Manager
  • 2004 – 2005 Helaba International, Dublin : Credit Administration Officer
  • 2002 – 2004 Commsec Margin Lending, Sydney: Redemptions Officer

Contact Me

My name is John-Paul Lumsdaine. I'm a Splunk Architect and Data Engineer living in Ireland. I speak English and hold Australian citizenship and Irish permanent residency. Click on any of the tiles above for more details about my areas of expertise.

I'm available for consulting, contract and fulltime roles. If you think I might be a good fit for your project or team then let's connect!

My Dog and I

Email

jp@60woodvale.com

Phone

+353 87 185 4649

Address

Cork, Ireland