Home

Rohith Jaya - senior Network Engineer

[email protected]

Location: Remote, Remote, USA

Relocation:

Visa:

Resume file: Rohith_Jaya_Sr.NetworkEngineer_1746542764876.docx Please check the file(s) for viruses. Files are checked manually and then made available for download.

PROFESSIONAL SUMMARY: With approximately 9 years of direct experience in the networking domain, I am a CCNA-certified engineer specializing in routing and switching technologies. My expertise includes system design, implementation, and troubleshooting of complex network infrastructures. I have worked extensively with high-end routers such as Cisco ISR series (1921, 1941, 2900, ISR 4461, NCS 520) and switches including Catalyst 2960, 3560, 3650, 3750, 3850, 4500, 9200, 9300, and 6500. Configured, deployed, and maintained Palo Alto next-generation firewalls (PA-Series and VM-Series) across on-premise data centers and cloud environments (Azure, AWS), ensuring scalable and secure network perimeter defenses. Extensive hands-on experience with a wide range of networking and cloud technologies, including Cisco IOS/NX-OS, VMware NSX-T and VeloCloud, AWS (VPC, Direct Connect), Azure (VNets, ExpressRoute, Bicep, DNS), Google Cloud (Interconnect, Cloud DNS), Infrastructure as Code tools such as Terraform, CloudFormation, and Ansible, as well as CI/CD pipelines using GitHub Actions and Azure DevOps. Expertise in Networking, Security, Wireless, Cloud, and Automation: Proficient in BGP, OSPF, EIGRP, MPLS, VRF, VSS/VPC for advanced routing and network segmentation; skilled in Palo Alto NGFW, IPS/IDS, SSL Decryption, and URL Filtering for enterprise security; experienced with Cisco ISE and Wireless LAN Controllers for NAC and wireless optimization; adept in AWS VPCs, Direct Connect, and Multi-Cloud (Azure, GCP) for hybrid cloud networking; automation-driven with Python and PowerShell to streamline network operations; and well-versed in HSRP, VRRP, GLBP, and F5 Load Balancing for high availability and redundancy. Designed Cisco ACI fabric for multi-tenant data centers using EPGs, contracts, and VXLAN, enabling automated security policies and 40% faster application deployment. Strong proficiency in network security and performance tools, including Palo Alto, Fortinet, Wireshark, SolarWinds, Splunk, NetFlow analyzers, and cloud monitoring platforms like CloudWatch, Azure Monitor, and GCP Operations Suite. Designed SD-WAN solutions (VMware VeloCloud, Cisco Viptela) for 100+ sites, optimizing application performance with dynamic path selection and reducing MPLS costs by 40%. Designed and deployed Cisco Meraki SD-WAN, wireless (MR), and switching (MS) solutions for 100+ sites, leveraging cloud-managed dashboards for zero-touch provisioning and centralized policy enforcement. Expertise in F5 BIG-IP LTM/GTM for global application delivery, including advanced iRules scripting, SSL offloading, and DNS load balancing to ensure 99.99% uptime for critical services. Proficient in Juniper MX/EX/QFX series for high-performance routing/switching, including Junos OS automation and EVPN-VXLAN fabric design Designed SDN solutions (Cisco ACI, VMware NSX-T) for policy-driven automation, enabling micro-segmentation and cloud-like agility in on-prem data centers. Designed and deployed Arista 7000/7200/7500 series switches with VXLAN/EVPN for scalable data center fabrics, achieving 10 s latency for high-frequency trading environments. Expertise in designing and troubleshooting IPSec VPN tunnels (Site-to-Site, DMVPN) for secure hybrid cloud connectivity, ensuring AES-256 encryption and compliance with HIPAA/PCI DSS standards. Configured GlobalProtect VPN with multi-factor authentication (MFA) for secure remote user access, ensuring encrypted tunnels, posture checks, and role-based access aligned with Zero Trust Network Access (ZTNA) principles. Architected Cisco DNA Center deployments for intent-based networking (IBN), automating device provisioning, segmentation, and policy enforcement across 500+ switches/routers. Designed and deployed Aruba Mobility Master, Controllers, and APs across enterprise environments, optimizing high-density wireless networks for 10,000+ users. Implemented Aruba ClearPass for AAA (RADIUS/TACACS+), device profiling, and dynamic segmentation, ensuring compliance with HIPAA and PCI DSS standards. Mapped firewall rules to compliance requirements such as HIPAA, PCI DSS, and NIST 800-53. Extensive experience with Check Point firewalls (R80+, Gaia OS), including Security Gateway clusters, Threat Prevention, and SmartEvent correlation for enterprise threat detection. Performed root cause analysis on security incidents involving C2 traffic, malware, and suspicious logins. Used Panorama log correlation and ACC (Application Command Center) to investigate threat vectors and bandwidth anomalies. Troubleshot GlobalProtect VPN connectivity issues, certificate errors, and DNS resolution failures. Direct experience of data center environment and implementation of VPC, VDC and Fabric path on Nexus 7K, 5K, & 2K Switches. Monitored cloud network performance using CloudWatch, Azure Monitor, GCP Operations Suite, and NetFlow analyzers. Expertise in Citrix NetScaler ADC (MPX/VPX) for load balancing (LB), GSLB, and SSL offloading, optimizing application performance with 99.99% uptime for mission-critical services Conducted knowledge transfer sessions with internal SOC/NOC teams for firewall policy interpretation. Collaborated with DevSecOps, cloud, and endpoint teams to align security enforcement across all surfaces. Extensive experience with Fortinet FortiGate, FortiAnalyzer, FortiManager, FortiAutheznticator, and Security Fabric, as well as Cisco ASA, Firepower (FTD/FMC), IPS/IDS, DMVPN, and Zone-Based Firewall configurations. Working experience on various firewalls of different vendors which include Palo Alto PA-5220, PA220 &Panorama and Cisco ASA 5585-X. Expertise in Riverbed SteelHead WAN optimization, accelerating application performance by 50%+ through TCP optimization, data deduplication, and QoS policies for global enterprises. Zero Trust & Secure Access (Zscaler ZIA/ZPA, Cisco ISE): Deployed Zscaler Internet Access (ZIA) for SWG policies (URL filtering, DLP) and Zscaler Private Access (ZPA) for VPN-less app segmentation. Implemented Cisco ISE for NAC, dynamic segmentation, and posture checks. Designed and troubleshot enterprise DHCP (ISC, Microsoft, Infoblox) scopes and relay agents, ensuring seamless IP address management for 10,000+ endpoints Proficient in SolarWinds NPM (Network Performance Monitor) and NCM (Network Configuration Manager) for proactive network health monitoring, automated backups, and SLA compliance reporting. Conducted in-depth firewall policy audits, NAT rule validation, and decryption policy tuning to ensure compliance with HIPAA, PCI DSS, and ISO 27001 standards in regulated industries. Integrated packet inspection tools (Wireshark, ExtraHop) and cloud-native logging (VPC Flow Logs, NSG Flow Logs) for end-to-end network visibility. CERTIFICATIONS: Cisco Certified Network Associate (CCNA) Cisco Certified Network Professional (CCNP) Palo Alto Networks Certified Network Security Engineer (PCNSE) EDUCATION DETAILS: Bachelor s in Computer Science Engineering. PROFESSIONAL EXPERIENCE: Client: UnitedHealth Group Sep 2023 Present Location: Nashville, TN Role: Senior Network Engineer Responsibilities: Implemented multi-region, multi-zone architectures to ensure high availability and disaster recovery in AWS and Azure. Developed network segmentation and micro-segmentation strategies using NSGs (Azure), Security Groups/NACLs (AWS), and VPC Service Controls (GCP). Set up DNS zones and conditional forwarding using Route 53, Azure DNS, and Cloud DNS, ensuring hybrid name resolution between cloud and on-prem. Designed, deployed, and maintained enterprise-grade Palo Alto NGFWs across datacenter and cloud environments to enforce zero trust principles. Supported SD-WAN rollout across 50+ healthcare sites using VMware VeloCloud, ensuring HIPAA-compliant WAN optimization. Implemented Palo Alto Prisma Access and SASE for secure access and zero-trust architecture across distributed users. Migrated legacy Cisco ASA to FortiGate 600E clusters with HA active/active failover, reducing firewall rule complexity by 40% while meeting HIPAA encryption standards. Deployed and managed Palo Alto firewalls in both enterprise data centers and cloud environments (Azure, AWS). Designed and managed high-availability data center network architectures using Cisco, Aruba, and Juniper devices. Designed and maintained enterprise-wide Palo Alto firewall security policies, access control lists (ACLs), and NAT rules in alignment with business and compliance requirements (HIPAA, PCI). Leveraged Prisma Access ADEM (Autonomous Digital Experience Management) for real-time user experience monitoring. Implemented Cisco ACI SDN fabric with application-centric policies, reducing provisioning time for HIPAA-compliant workloads Deployed Cisco ACI with Nexus 9000 switches, automating network segmentation for HIPAA-compliant workloads across hybrid cloud (AWS/on-prem). Integrated ACI with VMware NSX-T for consistent micro-segmentation between on-prem and Azure environments. Led Meraki MX firewall/SD-WAN rollout across 50+ clinics, enabling HIPAA-compliant VPNs and application-aware traffic steering (30% WAN cost savings). Deployed Meraki MR access points with AI-driven RF optimization, improving wireless coverage by 40% in high-density medical facilities. Designed F5 LTM pools/virtual servers for HIPAA-compliant healthcare applications, reducing latency by 35% through intelligent traffic steering. Automated F5 GTM (DNS) failover for multi-region AWS deployments, achieving RTO < 5 minutes during outages. Designed and deployed Zscaler ZIA (Internet Access) to enforce secure web gateway (SWG) policies, including URL filtering, SSL inspection, and advanced threat protection (ATP) for cloud and on-prem traffic. Implemented Zscaler ZPA (Private Access) to enable zero-trust application access, replacing legacy VPN solutions with granular, identity-based segmentation for hybrid workforces. Migrated from traditional VPN to Zscaler ZPA, reducing attack surface by enforcing application-specific access and micro-tunneling for 10,000+ remote users. Integrated Palo Alto appliances with third-party SIEM platforms (e.g., Splunk, QRadar) to enhance threat detection, log correlation, and security incident response workflows. Automated NAT rule creation and validation across multi-tenant environments using Python and Palo Alto s REST API. Deployed DNA Center Assurance to monitor network health in real-time, reducing mean-time-to-resolution (MTTR) by 45% for critical healthcare applications. Automated SD-Access workflows with DNA Center, segmenting IoT medical devices into trust zones to meet HIPAA requirements. Deployed Prisma Access for remote user ZTNA and secure cloud edge, scaling to thousands of distributed users. Designed and implemented hybrid cloud network architectures integrating AWS Direct Connect, Azure ExpressRoute, and GCP Interconnect for high-availability and low-latency connectivity. Configured and optimized Cisco ISR/ASR routers and Catalyst/Nexus switches, enhancing network stability and efficiency. Deployed Arista CloudVision for centralized management of HIPAA-compliant workloads, enabling real-time telemetry and policy enforcement. Optimized Arista DANZ for network visibility, reducing packet capture costs by 50% for SOC monitoring. Led the deployment of Aruba wireless infrastructure across 50+ healthcare sites, ensuring seamless roaming and 99.99% uptime for critical medical applications. Deployed NetScaler VPX in Azure for HA pair failover, ensuring seamless EHR access during regional outages. Integrated Aruba ClearPass with Cisco ISE and Palo Alto NGFWs to enforce role-based access control (RBAC) and posture assessments for BYOD and IoT devices. Automated Zscaler policy management via APIs and Terraform, enabling dynamic updates for 500+ locations based on threat intelligence feeds. Deployed and monitored enterprise NAC solutions (Cisco ISE) to control device access and enforce compliance policies. Configured IPSec Site-to-Site VPNs between Palo Alto firewalls and AWS/Azure, enabling secure EHR data exchange with IKEv2 and perfect forward secrecy (PFS). Designed resilient network topologies with dual-path redundancy using BGP route reflectors and IP SLA tracking. Tuned firewall rules for optimal performance, reducing latency and false positives. Developed Ansible playbooks to enforce consistent firewall rules across 100+ Palo Alto NGFWs, eliminating configuration drift and ensuring HIPAA compliance Led Silver Peak SD-WAN deployment for 50+ clinics, enabling application-aware routing for Epic EHR systems and meeting HIPAA latency SLAs. Integrated RADIUS with Palo Alto GlobalProtect VPN to enforce MFA (Duo/Microsoft Authenticator) for remote healthcare workers, aligning with HIPAA access requirements. Automated VPC/VNet deployment and route table configurations using Terraform, Ansible, and Azure Bicep across AWS, Azure, and GCP. Configured granular security policies and application-aware rules using App-ID, User-ID, and Content-ID to minimize lateral movement. Environment: Cisco ISE, EIGRP, BGP, LAN, WAN, DM-VPN, Site to Site VPN, Cisco ASR, ISR, Nexus 2K,5K,7K, Foresight, Wireless Lan Controllers 5508,5520, Solar Winds, Cisco Prime, Net Brian, Cabling, Visio, Client: Citizens Bank Jul 2021 - Aug 2023 Location: Providence, RI Role: Senior Network Engineer Responsibilities: Configured Cisco Nexus, Aruba CX, and Juniper QFX switches for optimized data center performance. Led network infrastructure projects, including migrations, security enhancements, and upgrades across bank branches and data centers. Designed direct cloud connect architectures using AWS Direct Connect, Azure ExpressRoute, and GCP Dedicated Interconnect with redundant paths and SLAs. Built policy frameworks aligning to zero trust principles across NGFW and cloud edge environments. Designed cloud-native security architecture integrating Palo Alto NGFW with Azure and GCP VPCs/subnets. Led the design and deployment of Cisco-based core banking networks, with focus on resiliency and uptime. Diagnosed and resolved issues in BGP, OSPF, and MPLS WAN environments, ensuring seamless connectivity between corporate offices and remote locations. Optimized ACI fabric performance using Spine-Leaf architecture, reducing east-west traffic latency by 30% for high-frequency trading systems. Architected Meraki MS350/MS425 switching stacks with Layer 3 redundancy, replacing legacy Catalyst 6500s and reducing switch management time by 60%. Configured Meraki Auto VPN for 200+ branch offices, ensuring seamless failover with cellular backup (99.99% uptime SLA). Architected Cisco SD-WAN (Viptela) overlay with Azure Virtual WAN, prioritizing voice/video traffic via QoS policies, achieving 99.9% uptime for financial transactions. Implemented F5 ASM (Application Security Manager) to protect online banking portals from DDoS and OWASP Top 10 threats, blocking 500+ malicious requests daily. Optimized F5 iRules for HTTP/HTTPS traffic redirection, streamlining PCI DSS-compliant payment processing. Configured Zscaler Cloud Firewall and CASB integrations to inspect SaaS traffic (e.g., Office 365, Salesforce) for data loss prevention (DLP) and compliance (HIPAA, PCI DSS). Integrated Zscaler with SIEM (Splunk, QRadar) for centralized logging and real-time threat correlation across cloud and on-prem environments. Deployed Zscaler Branch Connector to secure SD-WAN traffic (VMware VeloCloud) with direct-to-cloud breakout, reducing latency by 40% for branch offices. Deployed HA active/passive firewall pairs across multiple data centers, ensuring sub-second failover and session synchronization using HA2 links. Deployed Juniper QFX5100 spine-leaf fabric with EVPN-VXLAN, reducing data center latency by 25% for low-latency trading systems. Automated Junos OS upgrades via Python/Ansible, ensuring zero downtime for critical banking applications Deployed first-hop redundancy protocols (HSRP, VRRP, GLBP) to maintain high availability and failover protection. Supported the rollout of intelligent load balancers and TSP-style routing to reduce transaction latency. Designed and implemented Layer 2 network architectures, including VLAN segmentation, trunking, and spanning tree optimization. Deployed Palo Alto VM-Series firewalls in Azure for East-West traffic inspection and segmentation. Maintained security zone segmentation to isolate traffic across DMZ, OT, IoT, and cloud-facing segments. Implemented NAT rules (static, dynamic, destination) to enable secure access for internal and cloud-hosted services. Designed FortiGate Security Fabric for PCI DSS compliance, integrating IPS, SSL inspection, and web filtering to protect online banking transactions. Automated FortiGate policy backups via Python scripts, enabling rapid recovery during audits. Migrated legacy Cisco ASA firewalls to Cisco FTD (Firepower Threat Defense), centralizing management with FMC (Firepower Management Console) and enhancing threat detection with IPS/IDS and SSL inspection for PCI DSS compliance. Migrated legacy Check Point R77 to R81.10 with Maestro hyperscale clustering, achieving 50% throughput boost for PCI DSS-compliant transaction processing. Configured Check Point SmartLog and SmartEvent to reduce false positives by 40% via custom correlation rules. Leveraged DNA Center s SDA Fabric to enforce micro-segmentation for PCI DSS compliance, isolating payment processing systems from branch traffic. Integrated DNA Center with ISE for dynamic policy enforcement based on user/device identity, reducing manual ACL updates by 70%. Leveraged SolarWinds NPM to detect and resolve BGP flapping issues across core routers, reducing unplanned outages by 25% through real-time alerting and historical trend analysis. Configured Prisma Access mobile user and remote network portals to ensure optimal performance and compliance for hybrid and remote workforces. Managed enterprise-wide Fortinet FortiGate and Cisco ASA Firewalls, securing financial data and transaction processing environments. Architected Aruba SD-WAN solutions for branch locations, reducing WAN costs by 40% while improving application performance. Architected Arista Spine-Leaf topology with MLAG and BGP EVPN, replacing legacy Cisco 6500s and improving East-West traffic throughput by 40%. Automated Arista EOS configurations via Python and Ansible, reducing manual provisioning time by 75% for 100+ switches. Configured Aruba ClearPass Policy Manager to automate guest access workflows and enforce multi-factor authentication (MFA) for remote employees. Implemented Cisco Webex CCE for financial services contact centers, handling 10,000+ concurrent calls with strict security compliance. Configured NetScaler GSLB for global traffic distribution across A and on-prem data centers, reducing DNS resolution time by 50% for online banking platforms. Optimized DHCP failover clustering across 200+ branches, eliminating IP conflicts and reducing helpdesk tickets by 35%. Implemented NetScaler SSL offloading for PCI DSS compliance, reducing backend server CPU usage by 40%. Engineered SDN-based micro-segmentation to isolate financial services traffic. Designed and deployed banking data center networks with high security and compliance standards. Maintained high availability using GLBP and HSRP for key transaction systems. Automated Cisco ISE policy enforcement via Python scripts, reducing manual provisioning time by 50% for 200+ branch networks. Deployed Riverbed SteelHead CX appliances across 100+ branches, reducing MPLS bandwidth costs by 40% while improving SaaS application response times. Troubleshot Riverbed QoS policies to prioritize VoIP traffic, ensuring 99.9% call quality for customer service centers. Optimized DMVPN Phase 3 with IPSec/GRE for 200+ bank branches, reducing latency by 30% for real-time transaction processing. Troubleshot IPSec tunnel failures using packet captures (Wireshark) and IKE debug logs, resolving 95% of issues within SLA windows. Managed and enforced firewall security policies on Palo Alto firewalls, aligning with NIST cybersecurity standards. Orchestrated Ansible Tower workflows to automate F5 BIG-IP load balancer updates during maintenance windows, minimizing downtime for critical banking applications. Migrated legacy TACACS+ to Cisco ISE with TACACS+ proxy, streamlining administrator access audits for PCI DSS compliance. Upgraded CUCM from v11.5 to v14 with zero downtime, enabling SIP trunking for 200+ branch offices and reducing PSTN costs by 25%. Troubleshot CUCM call routing issues using RTMT and CUBE logs, resolving 90% of voice quality complaints within 2 hours. Conducted vulnerability scans with Nessus for PCI DSS audits, identifying and patching 50+ critical risks. Implemented VRF segmentation and VSS/VPC technologies, enhancing network redundancy and isolation. Utilized BlueCat, SolarWinds, and Splunk for DNS, monitoring, and alerting in a hybrid network. Designed Webex Calling integrations with Azure Virtual WAN & Microsoft Teams, enabling a seamless multi-cloud UCaaS model. Used OpsRamp and Extrahop to identify bottlenecks in application traffic flow. Environment: Nexus 9k, 7k, 5k, 2k, Cisco 6800, 6500, 4500, 3800 and 3600 switches, Checkpoint, Cisco ASA, F5 BIG-IP, HSRP, BGP, OSPF, EIGRP, DMVPN, MPLS WAN, QoS, Route Maps, VTP, NT environment and 802.11 a/b/g/n Ethernet standards. Client: Microsoft Apr 2019 Jun 2021 Location: Redmond, WA Role: Senior Network Engineer Responsibilities: Implemented and managed MPLS WAN infrastructure, enabling seamless connectivity across Microsoft s global offices. Enabled MFA for all GlobalProtect users using DUO or Microsoft Authenticator integration. Designed and maintained global network infrastructure, ensuring optimal performance for cloud services and enterprise applications. Enforced device-based access control via integration with endpoint posture tools (CrowdStrike, Microsoft Intune). Experience working with data center deployment where we converted from Cisco 6500 to Nexus.Z Configured and optimized Cisco ISR/ASR routers and Nexus switches, improving network reliability and efficiency. Experience working with Nexus 5020, 2148, 2248 devices. Conducted real-time evaluation of SDN architectures and cloud transit routing for Azure hybrid networks. Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000. Integrated Palo Alto firewalls with GCP Cloud Armor and Azure Firewall Manager for layered perimeter defense. Deployed Check Point CloudGuard IaaS in Azure, automating NSG-like micro-segmentation with Identity Awareness policies. Tuned Check Point Threat Prevention blades (IPS/AV) to block C2 traffic, reducing malware incidents by 35%. Used Keysight and R&S test equipment to simulate high-throughput and noise-heavy environments. Managed Meraki Systems Manager (MDM) for 10K+ corporate devices, enforcing security policies (encryption, remote wipe) via cloud dashboard. Integrated Meraki APIs with Azure Logic Apps to automate alert responses (e.g., rogue AP containment). Integrated and managed network monitoring tools, leveraging packet captures and SNMP-based systems for proactive troubleshooting. Optimized Zscaler Internet Access policies using AI-driven analytics (Zscaler Insights) to reduce false positives and improve threat detection rates by 30% Upgraded legacy wireless infrastructure to Aruba 802.11ax (Wi-Fi 6), achieving 2x throughput gains in high-density office environments. Leveraged ClearPass OnGuard for endpoint compliance checks, ensuring only secure devices could access corporate resources. Created automated pipelines for NGFW configuration backups and change tracking in CI/CD workflows. Used DNA Center APIs to automate switch configurations (VLANs, QoS) across 100+ Azure-connected offices, ensuring consistent policies. Designed DNA Center-based network templates for rapid branch deployments, cutting provisioning time from 8 hours to 30 minutes. Configured Juniper MX204 routers for Azure ExpressRoute peering, achieving 10Gbps throughput with BGP traffic engineering. Deployed Cisco ASA IPSec VPNs with certificate-based authentication, replacing PSK for 10K+ remote users to align with Zero Trust principles. Connected Prisma Access to cloud-based SaaS/IaaS workloads through service connectors and security policies. Led MER and S-parameter-based signal analysis for high-speed interconnects. Designed and maintained enterprise-grade Fortinet firewalls in Azure and on-premises data centers. Designed and deployed SD-WAN solutions, improving performance and redundancy for branch connectivity. Deployed Cisco Webex CCE for global enterprise and government clients, supporting 100,000+ agents. Performed RFC-based interoperability testing between legacy routers and SD-WAN appliances. Configured and supported VPN solutions (IPSec, GlobalProtect), ensuring secure remote access for distributed teams. Implemented Arista FlexRoute to handle 1M+ BGP routes in Azure ExpressRoute peering, ensuring sub-100ms failover during outages. Troubleshot Arista VXLAN flooding issues using TCPdump and sFlow, resolving multicast bottlenecks for video conferencing traffic. Integrated Silver Peak with Azure Virtual WAN, automating failover between ISP links to maintain <1% jitter for Teams VoIP traffic. Automated log analysis and alert correlation with SOAR platforms (Cortex XSOAR, Splunk Phantom). Designed test harness for Cisco ISR/ASR platform validation in SD-WAN environments. Integrated CUCM with Webex Calling for hybrid cloud voice, enabling seamless mobility for 5,000+ remote employees. Integrated FortiSIEM with Splunk for real-time threat intelligence correlation and forensic analysis. Basic configuration of Cisco Meraki Layer 2 and Layer 3 switches like MS 220, MS 320, and MS 420. Acquired knowledge in working with Meraki p access points MR 12, MR 16, MR 24, and MR 34 etc. Environment: Cisco 3500,4500,5500 switches, Cisco 3800/3600/7200 routers, VPN, BGP, OSPF, RIP, EIGRP, CML, Nexus Switches 2K/5K/7K, VLAN, VTP, Client: GAVS Technologies Sep 2017 Mar 2019 Location: NYC, NY Role: Network Engineer Responsibilities: Responsible in the Configuration of EIGRP, OSPF and BGP Involving in the configuration & troubleshooting of routing protocols on Cisco 2900, 3900, ASR 9010, ASR 1002 devices across locations and datacenters. Direct experience with Catalyst L3 switches and Cisco Nexus switches: 2232, 2248, 5548, 6001 and 7018(Sup 2E). Operated with Sup 2E for 7018 Switch. And F cards for L2 switching and a few M cards for L3 proxy routing purposes for F cards. Designed logging and alerting pipelines using Panorama and forwarding logs to SIEMs like Splunk or Sentinel. Managed Check Point MDSM (Multi-Domain Security Management) for 50+ clients, centralizing policy enforcement across 500+ security gateways. Troubleshot Site-to-Site VPNs between Check Point and Cisco ASA, resolving interoperability issues with custom encryption domains. Installed, configured, and supported Fortinet, Palo Alto, and Cisco ASA Firewalls for multiple enterprise clients. Designed Site-to-Site VPNs, DMVPN tunnels, and GRE encapsulation for remote connectivity. Developed Python scripts using Palo Alto s XML/REST API to automate rule pushes, object creation, and audits. Deployed FortiGate VM in Azure for East-West traffic segmentation, reducing lateral movement risks by 60%. Assisted in firewall migration projects from Check Point and SonicWall to Fortinet BG. Managed Cisco Catalyst & Nexus switching environments, including VLANs, Spanning Tree, and EtherChannel. Deployed Access Control Lists (ACLs) and firewall rules to filter malicious traffic. Troubleshot DNA Center Assurance anomalies using flow telemetry, resolving intermittent VoIP latency issues for 10K+ users. Troubleshot Meraki client health metrics to resolve VoIP jitter issues for enterprise clients, reducing support tickets by 50%. Troubleshot Juniper EX4300 VLAN/STP issues, resolving broadcast storms impacting VoIP call quality. Designed Meraki Z3 teleworker gateways for secure remote access during COVID-19, scaling to 5K+ users. Configured Webex CCE and UCCE solutions for clients in healthcare and telecom, ensuring 99.99% uptime. Functioned in upgrading system images on 5k and 7k Nexus switches using kick start and FTP server. Experience with configuring FCOE using Cisco Nexus 5548. Troubleshot NetScaler persistence issues using AppFlow logs, restoring session continuity for 10K+ healthcare portal users. Configured Arista QoS for VoIP prioritization, achieving 99.99% call quality for enterprise clients. Deployed Aruba switches (CX 6000/8000 series) with VSX for redundant data center connectivity. Created Jenkins pipelines to deploy changes to Panorama-managed firewalls in staging and production. Integrated Cisco Webex Contact Center with Salesforce, enabling real-time customer data synchronization. Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices. Integrated Apache Kafka with various applications and data sources, enabling real-time data synchronization. Environment: Cisco 2900, 3560 and 6509 switches, Cisco 2600,3600 routers, VPN, BGP, OSPF, RIP, EIGRP, VLAN, VTP, HSRP, GLBP Client: Zensar Technologies May 2015 Aug 2017 Location: NYC, NY Role: Network Engineer Responsibilities: Responsibilities included taking care of the IP Addressing in the organization which includes designing based on the requirements. Involved in implementing & designing the switched network. Configuring STP, VTP and dot.1q in switching network. Created VLAN & Inter-VLAN Routing with Multilayer Switching. Use to Configure and Maintain TACACS for AAA. Experience configuring and testing F5 iRules using Browser (IE), HTTP watch. Experience in configuring and troubleshooting BIG-IP F5 load balancer LTM creating virtual servers, nodes, pools and iRulesBG. Troubleshot F5 LTM performance issues using TCPDUMP and QoS policies, resolving 95% of SLA breaches within 2 hours. Assisted in Troubleshooting LAN connectivity and hardware issues in the network of 100+ hosts. Maintained Redundancy on Cisco 2600, 2800 and 3600 routers with HSRP. Audited Check Point firewall rules using SmartConsole, eliminating 200+ redundant rules to optimize performance. Performed RIP, OSPF, EIGRP routing protocol administration and Palo Alto design and installation, which includes Application and URL filtering Threat Prevention and Data Filtering. Keywords: continuous integration continuous deployment artificial intelligence access management rlang ffive trade national microsoft Idaho New York Pennsylvania Rhode Island South Dakota Tennessee Washington Wisconsin