Jacob Evans

Fort Wayne, IN  · (260) 437‑1501 · jacob . [middle initial] . evans [at] gmail . com

Splunk Administrator with a passion for DevOps and automating all the things


Sr DevOps Engineer

TriMedx, LLC
Indianapolis, IN

  • Utilized Puppet to automate the configuration management of Splunk environments including Splunk upgrades (reducing upgrade time from hours to less than 15 minutes)
  • Automated deployments using API/ACS to eliminate human error and decrease deployment times by over 90%
  • Moved all Splunk configurations into GitHub to ensure ISO compliance and enforced proper Splunk source control management and SDLC
  • Standardized SDLC documentation using Confluence templates and Jira automation to automatically create subtasks and documentation
  • Initiated and created Azure DevOps pipeline to increase Splunk development automation
  • Created Splunk automated testing using Python and the Splunk API to automate unit tests and quality assurance
  • Created monitoring searches to proactively alert the team on issues in the system, and display the current status of any potential issues in real-time dashboards

October 2022 - Current

Splunk Administrator [Sr Software Engineer]

TriMedx, LLC
Indianapolis, IN

  • Primary contact for all Splunk development, testing, and operations
  • Created, configured, and maintained two Splunk Enterprise instances for development and testing
  • Migrated all Splunk servers from Windows to Linux
  • Eliminated over 95% of custom data processing scripts to reduce overhead and potential failure points
  • Created Confluence documentation for Splunk configuration, testing, and high-level code explanations
  • Created monitoring searches to proactively alert the team on issues in the system, and display the current status of any potential issues in real-time dashboards
  • Mentoring seven team members in Splunk development and best practices

May 2021 - Current

Splunk Administrator

Pernix Consulting, LLC
Arlington, VA

  • Created interactive dashboard to display security compliance for Oracle 12c databases based on client’s standard operating procedures. Components include: data inputs (custom logs, SQL, PowerShell scripts, file security auditing), advanced searches, and dashboards to visualize security compliance
  • Created fully-documented custom JavaScript/CSS-based Splunk executive dashboard used throughout the bureau to monitor all 20+ critical applications using the Splunk Web Framework
    • Built dynamically to allow new features (KPIs) to be implemented in minutes
    • Includes the entire pipeline from Splunk architecture, data ingestion, normalization (CIM), transformation, field extraction, and analysis to user-facing reports, alerts, and dashboards with <1 second load times
    • Includes multiple dashboards granting privileged users limited abilities to make changes normally reserved for Splunk administrators (e.g. temporarily disabling alerts or updating lookups)
    • Implemented automatic resolution for common issues freeing 10% of system administrators’ time to focus on non-repetitive tasks
  • Created dynamic, templated Splunk apps giving system owners a holistic view of their entire application with the ability to customize individual dashboards to each owners’ needs
  • Rebuilt environment including system architecture, data ingestion, data normalization, search optimization, reusable macros, automated forwarder updaters, deployment restructuring, and UI modifications with best practices and the Common Information Model (CIM) in mind to enhance functionality, readability, and simplicity
    • Significantly enhanced production monitoring for quicker issue identification and resolution
    • Decreased internal production Splunk error counts by 80% (down from millions per day)
    • Added dynamic recipients to alerts based on conditions in the results to optimize alert distribution
    • Installed, upgraded, and configured Splunk Enterprise and splunkbase apps
  • Built and configured a brand new development Splunk environment on Azure
  • Wrote technical documentation in Confluence for most work especially architectural and best practice updates

April 2019 - July 2020

Senior Consultant

CGI Federal
Arlington, VA

  • Built Splunk up from a fresh install to actively monitoring hundreds of VMs from architecture to GUI components
  • Architected indexes, indexers, cluster master, and deployment server according to Splunk best practices
  • On-boarded and normalized hundreds of log types into Splunk such as: OS data, Active Directory, IIS, Oracle database (DB Connect), Tuxedo, Control-M, WebLogic, and webMethods data including many DoS external integrations
  • Created numerous Splunk reports, alerts, and interactive dashboards to track: successful and failed transactions (in to, out of, and/or through the system), system errors, timeouts, interactive log analysis, security, etc.
  • Automated the maintenance and monitoring of three production systems and 25 non-prod environments with Splunk, Control-M, webMethods, batch, and PowerShell to reduce resolution time and automatically resolve issues
  • Acted as the main point of contact to identify and resolve production issues involving the full application stack containing: Oracle database, webMethods, Tuxedo, WebLogic, IIS, and ext. integrations (SOAP, HTTP, JMS, API)
  • Automated code deployments using Control-M, SQL, Windows cmd, and PowerShell to reduce development and production upgrade time by up to 80% and eliminate human error
  • Optimized slowest multi-day database SQL statements saving over 80 hours of production downtime for a major upgrade, and reduced execution time of sensitive data scrub SQL scripts by 70% while improving data integrity
  • Provided day-to-day technical support as the primary point of contact supporting 15 functional analysts for issues, enhancements, script reviews, and other technical inquiries especially related to advanced SQL data analysis
  • Mentored four new hires on business processes, development, system monitoring, and issue resolution
  • Wrote technical documentation in Confluence for all work performed (code deliveries, production issues, etc.)

September 2016 - April 2019

Consultant (PeopleSoft Developer)

Arlington, VA

  • Improved performance on five paramount data conversion applications by up to 30%
  • Created three end-to-end custom conversion programs to populate application with legacy data
  • Wrote and updated SQL for Oracle database optimization, customization, maintenance, and reporting
  • Identified, documented, tested, and reapplied all conflicting customizations to upgraded environments
  • Mentored college hire to fulfill client’s expectations and deadlines

June 2014 - September 2016

Consultant (Business Analyst)

Durham, OR

  • Tested and verified functionality of Agile development; tracked with Jira
  • Created design documents on evolving Siebel, OPA, and Oracle database logic, infrastructure, and integration

September 2013 - June 2014

Technical Intern

Fort Wayne, IN

  • Automated C++ code creation directly from requirements documentation
  • Resolved issues and enhanced functionality of custom bug-tracking Java app involving dynamic SQL generation
  • Developed Perl scripts to dynamically generate SQL scripts to upgrade a local database to a multi-site implementation maintaining ACID properties

(summers) May 2009 - August 2012


Indiana University - Bloomington

Bachelor of Science
Computer Science

GPA: 3.10

August 2009 - May 2013

Homestead High School

Fort Wayne, IN

GPA: 3.88

August 2005 - May 2009


Skills, Programming Languages, & Tools
  • Automation
  • Scripting
  • Regular Expressions
  • Windows
  • PowerShell
  • cmd
  • Oracle / Databases
  • SQL & PL/SQL
  • Jira
  • Confluence
  • Technical Documentation
  • System Integration
  • JSON
  • YAML
  • XML
  • Linux
  • Bash
  • AWS & Azure
  • Visual Studio Code
  • Python
  • Perl
  • HTML, CSS, & JavaScript
  • Git
  • Terraform
  • Ansible
  • Puppet
  • Eclipse
  • Active Directory
  • C, C++, and Java
  • APIs & Web Services

  • Certified: Splunk Cloud Admin, Splunk Admin and Splunk Enterprise Security Admin
  • Versions 6.x to current (8.2.3)
  • CIM (Common Information Model) Compliance
  • Advanced SPL (Splunk Processing Language)
  • Data on-boarding & normalization
  • Data models
  • Qmulos
  • Interactive Dashboarding
  • Splunk Web Framework
  • Splunk Enterprise, Forwarder, and app/add-on Upgrades
  • Searches, Reports, and Alerts
  • Search & Dashboard Optimization
  • Environment Troubleshooting & Tuning


  • 2018 (CGI) - Company-wide recognition from C-suite executives for extraordinary efforts during a low-staffed and demanding period of the project
  • 2018 (CGI) - "Spotlight Award" for continually accepting additional responsibilities while both exceeding existing duties and training multiple new hires
  • 2015 (Oracle) - "Self-Initiative Spotlight" for quickly training college hire while exceeding own expectations


  • English - Native
  • Spanish - Intermediate
  • Albanian - Beginner



My latest passion is scuba diving. I have the advanced open water and enhanced air (Nitrox) PADI certifications. My favorite diving spot so far is the reef just off of San Pedro, Belize. I've swam with reef sharks and whale sharks and have speared lionfish to feed to nurse sharks. I've swam with wild dolphins, hand-fed sting rays and tarpon, and hand-caught spiny lobsters. I love the ocean and spend as much time as possible in and around it.

I enjoy being outdoors whenever I can whether it be yard work, mountain hiking, or running. I'm currently training to complete my first half marathon.

As the weather chills, I spend my weekends snowboarding in Michigan with at least one Colorado trip each winter.

I am also interested in finance and investing and do my best to stay up to date with America's S&P 500 companies and the latest finance news. This includes cryptocurrency - I bought my first bitcoin back in mid 2013 for a cool cost of $93. Bitcoin recently soared to nearly $70,000 (if only I had held the whole time!) but has gone all the way back down to under $20k. I have a home-built PC (AMD all the way) and mined Ethereum and Electroneum back when it was profitable.


  • Working on the Azure Developer certification in order to move on to the DevOps certification
  • Subscribing to way too many Terraform, Ansible, Splunk, and other automation and cloud GitHub repositories
  • Listening to podcasts (e.g. This Week In Tech & Daily Tech News Show) and tech YouTube channels
  • Attended Splunk .conf2019 in Vegas, and I participated in the virtual Splunk, AWS:ReInvent, GitHub Universe, Puppet, Atlassian, and Hashicorp virtual conferences in 2020. I attended Splunk .conf again in 2021 and then again in-person in 2022.
  • Attend any Cloud, automation, or Splunk live events that come my way to stay up to date with the latest and greatest best practices. A great example of this is the weekly Cloud Posse office hours where this forward-thinking organization touches on the latest and greatest and other related Cloud + DevOps concepts
  • Independent Splunk consulting via Fiverr.com
  • Playing with the latest and greatest automation tools
    • This website is automated with Terraform and hosted entirely on AWS
    • I am working on a 100% automated distributed Splunk instance using Terraform, Ansible, and SmartStore on AWS with configurations stored in private (for now) Git repositories. I currently have the Terraform and Ansible working to set up the environment and install Splunk
    • I am highly curious about containerization software but have yet to explore using it