Post Job Free
Sign in

Network Security Engineer

Location:
Garland, TX
Posted:
June 14, 2024

Contact this candidate

Resume:

Sai Sunkara

***********@*****.*** 469-***-**** linkedin.com/in/ssunk4

WORK EXPERIENCE

SDAD Technology Feb. 2020 – Jan. 2022

Network Security Engineer Noida, India

Optimized Cisco ASR and ISR routers for inter-domain routing with OSPF, EIGRP, and BGP, achieving a reduction in BGP route table size and faster network convergence through route summarization, filtering, and redistribution.

Deployed and managed Cisco Nexus & Catalyst switches in VMware-supported environments, supporting over 5,500 VMs in data centers and 3,800 devices across campuses.

Deployed VSS, VDC, and VPC configurations to fortify network resilience and streamline connectivity within the data center infrastructure.

Migrated 20+ firewalls from Cisco ASA to Palo Alto PA-5000 and PA-7000 series across campuses & data centers, including NAT rules, ACLs, security policies, route tables, and user authentication.

Fortified enterprise network with Palo Alto NGFWs, leveraging URL Filtering, App-ID, User-ID, and Content-ID for threat prevention, reducing security incidents by 20%.

Migrated existing on-premises identities to Azure AD and assigned appropriate IAM permissions.

Implemented conditional access policies for MFA on sensitive resources and integrated SSO for streamlined user access.

Developed and enforced security policies for GlobalProtect VPN portal and gateway (IPsec & SSL), enabling secure remote access for 400+ users, achieving 99.7% uptime.

Integrated Palo Alto with Panorama, resulting in a 33% reduction in configuration time and enhanced security posture by implementing device groups, templates, Threat ID, and Wildfire.

Implemented MPLS WAN, ensuring secure and reliable connectivity across geographically dispersed locations.

Implemented F5 load balancing features, including HTTP and TCP profiles, persistence, iRules, monitors, VIPs, pools, nodes, SNAT, virtual servers, and iApps.

Deployed F5 GTM for GSLB, wide IPs, DNS listeners, and zones, achieving 99.9% availability for critical services.

Configured Endpoint Groups (EPGs) and Contracts within ACI, tailoring ACI network policies for specific applications.

Managed ACI networks for 20+ business units in a multi-tenant environment, addressing diverse needs.

Integrated Versa SDWAN into diverse projects, aligning network strategies with organizational goals.

Configured Cisco ISE policies for NAC and AAA protocols, employing TACACS+ and RADIUS.

Executed RBAC policies in Cisco ISE, securing onboarding for 1,200+ monthly guests.

Implemented Python and Bash scripting to automate network device configurations, streamlining tasks and enhancing operational efficiency.

Maintained comprehensive network documentation, including network diagrams (Visio), configuration files, and change management records.

Configured 10+ VPCs, including ELBs, ASGs, network ACLs, security groups, NAT gateways, and route tables for secure connectivity and performance.

Deployed AWS networking services, including VPC peering, Site-to-Site VPN, Transit Gateway, and Route 53.

Maintained Infoblox operations, maintaining a DNS uptime of 99.99% and ensuring 100% IPAM accuracy for a multi-site network, supporting 6,000+ devices.

Managed the WAN/LAN network's IP Address Management (IPAM), overseeing DHCP scopes, IP reservations, DNS host entries, pointers, delegations, zones, and DHCP failover.

Exposure to tools such as CrowdStrike Falcon (EDR), Splunk (SIEM), Barracuda Email Security, Nessus (Vulnerability Scanner), and Snort (IDS/IPS).

EDUCATION

University of New Haven June, 2023

Masters, Data Science New Haven, CT

GPA: 3.7/4.0

Gudlavalleru Engineering College May, 2020

Bachelors, Computer Science Vijaywada, India

CERTIFICATIONS

CCNA

Azure 900

AWS Cloud Quest

TECHNICAL SKILLS

Networking Technologies & Protocols: OSPF, EIGRP, BGP, IS-IS, RIP, Static Routing, ICMP, SNMP, OSI Model, TCP/IP, UDP, IPv4/v6, ARP, Subnetting, STP, RSTP, VTP, DTP, VLAN, 802.1q, EtherChannel, AGP, PAGP, DHCP, DNS, NTP, HSRP, GLBP, VRRP

Network Security & Authentication: VPN (IPsec, SSL), Cisco ISE, AAA (TACACS+ & RADIUS), SSH, MFA, SSO, Azure AD/Entra ID, and IAM

Firewalls & Security Tools: Palo Alto NGFWs, Cisco ASA, GlobalProtect VPN, Panorama, ACLs, NAT rules, Security policies.

Network Management & Monitoring: Cisco ACI, Cisco DNA Center, SNMP, Wireshark, SolarWinds, Infoblox, Cisco Meraki

Cloud & Virtualization Technologies: AWS, Azure, VSS, VDC, VPC, Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), Zscaler's Zero Trust Network Access (ZTNA)

Compliance & Security Frameworks: NIST 800-171, ISO 27001/27002, PCI DSS, GDPR, HIPAA, MITRE ATT&CK Framework, CIS Controls

Identity & Access Management: Azure AD, OAuth, OIDC, OpenID, SAML, LDAP, MFA, SSO, RBAC, PAM

Operating Systems & Languages: Windows, Linux, Unix, Mac OS, Python, JavaScript, XML, C#, WordPress, .NET

Databases: MySQL, Oracle, MSSQL



Contact this candidate