Network Engineer Data Center

Raja Annamalai

Cisco Certified Network Professional

Azure Network Engineer Associate

Email: *********@*****.***

Mobile: +1-612-***-****

Career Objective:

I am seeking a position with a company that will allow me to apply and enhance my skills of being a Senior Network Security & Cloud Engineer. I am eager to contribute my creativity and hard work towards the success of the company and to the growth of the fast developing field.

Experience Highlights:

Designing and Implementing Microsoft Azure Networking Solutions, Optimizing performance, resiliency, scale, and security of Azure Cloud networking solutions and IaC with Terraform.

Migrated Cisco Classic three-tier architecture (Access, Aggregation & Distribution) to two tier Fabric Architecture (Spine & Leaf) on Cisco APIC - ACI.

Designing Cisco ACI - adding and modifying Tenants, Applications Profiles, Endpoint Profiles, AEP, VxLAN and Cisco ACI Contracts

Designing and Implemented Cisco ACI – Multipod, dual L3-Out, inter vrf contract leaking and microsegmentation.

Automating ACI/APIC policies with scripting using Postman Platform.

Migrated traditional Cisco ASA to Next Generation Firewall Cisco FTD with Cisco FMC.

Involved in Data Center Refresh Migrating Cisco Nexus 5k to 9k and make sure business is not affected maintaining device and link level failover/redundancy.

Design and Migrated Classic Retail MPLS WAN to SD-WAN-Viptela

Completed project on migrating Network/Security devices at Best Buy from Cisco ACE to Cisco ISE and integrated MFA with ISE for securing enterprise access. Configured required TACACS/Radius configlets at all network groups and created AAA policy maps on ISE as per access polices for IT teams.

Completed project migrating Cisco Prime to Cisco DNA for Backup/Config depository and IOS management.

Exclusive troubleshooting experience is identifying real-time network issues by breaking application’s problem statement and isolating the root cause on Layers 1 to 7 hence minimized business impacts.

POC for Cisco IPSEC VPN migration and DC routing issues.

Professional Certifications:

Microsoft ID – 996095511

AZ-700-Designing/Implementing Microsoft Azure Networking Solutions - 2024

Cisco ID - CSCO13352012

CCNP Data Center (Data Center ACI Implementation) – 2020

Cisco Cloud (CCNA-Cloud Fundamentals) – 2018

ITIL v3 Foundation - 2016

Cisco Certified Network Professional (CCNP – R&S) – 2010

Cisco Certified Network Associate (CCNA- R&S) - 2008

TECHNICAL SKILLS:

Firewalls - Cisco FTD, Cisco ASA, Palo Alto, Checkpoint

DC Fabric - Cisco ACI with Multi-Pod & Multi-site

Cisco DC Switches - Cisco Nexus 9k, 7K, 5K, 2K, 2296, 6500 Cisco IOS

LAN Technology - VxLAN, Vlan L2/ L3, HSRP, Spanning-tree and VPC.

Routing Protocols - BGP, MP-BGP, OSPF, EIGRP

Cisco Routers - 3700, 2600, 2800, 3600,7200,7600 series

Cisco Switches - Catalyst 9300, 6500, 4500, 3700, & 2900 series

Load Balancer - F5 GTM/LTM,Netscalar VPX,SDX & MDX,Cisco ACE

Wireless - Aruba, Cisco

SDN - Cisco ACI Fabric, Cisco VIPTELA

AZURE Cloud - Subscription, Resource group, VNETs, Subnets, Public IP, Application Gateway with WAF, VNET peering, Express Route & Virtual WAN

AWS Cloud - VPC, Subnets, Availability Zones, ACLs, Gateways, EC2

Proxy/SSL - A10, BlueCoat Proxy/SSL & Cisco Ironport

IP Management - Infoblox (DNS & DHCP), Windows DNS/DHCP

AAA - Cisco ISE, Cisco ACS, 801.x

API - Postman

Others - Cisco Prime, Cisco Meraki, & Nortel Passport.

Professional Experience:

Sleep Number Corporation Dec 2021 to till date

Role/Responsibilities: Senior Network/Cloud Engineer

Currently working for Sleep Number Corporation located in Minneapolis, Minnesota, US. Involved in Managing Sleep Number Azure Cloud Infra, Data Center, Retail/ADC, Trustsec, LAN/WLAN & WAN Infra.

Job Responsibilities

Designing and Management of Cisco ACI - SDN with Multi-Pod, operating intra-Pod/IPN traffic between Data Centers extending Fabric.

Implementation of seamless Inter DC redundancy via Cisco ACI Fabric

Managing AZURE Cloud networking Subscription, Resource group, VNETs, Subnets, Public IP, Application Gateway with WAF, VNET peering, Express Route & Virtual WAN

Working Experience with virtualization technologies (KVM, HyperV, VMWARE, OpenStack, Kubernetes).

Terraform IAC coding for new deployment of AZURE networking resources on Visual Studio integrating through GITHUB.

Cisco Viptela SD-WAN Deployment, design and implement industry leading SD-WAN infrastructure to provide secure, carrier-independent WAN connectivity across the enterprise. Integrated with existing BGP environment to redistribute routes seamlessly from Viptela into traditional MPLS WAN

Experience in implementing APIC profile/polices with API Postman Runner script and automated integration with APIC control plane

Experience in integration of ESXi hypervisor/NSX, VMware, VMM Integration with APIC for ACI Fabric

Configuring and deploying enterprise-class networks including the following products: Cisco Nexus 9k,7k, 5k switches and Cisco ASR/ISR routers

Managing Cisco Routers (1841,2811,2851,3745,3845,3925,7206) and Cisco Catalyst switches (9300,6509,3750,2960)

Advanced working on BGP, MP-BGP, OSPF, EIGRP, VDC, vPC, VXLAN, and ECMP

Managing Next Generation Firewalls, Cisco Firepower, Fortigate & Palo Alto Firewalls.

Managing Citrix Netscalar and F5 Load balancer VPX, SDX & MDX

Management of Cisco Trustsec solution with radius using Cisco ISE

Managing AZURE WAF, Bluecoat SSL, Fortiweb SSL and A10 SSL

In depth expertise in routing protocols (BGP, OSPF, EIGRP, RIPv1&2), Switching architecture and protocols (VLAN’s, Trunking and Spanning Tree)

Troubleshooting DNS/DHCP in Infoblox and Windows DNS/DHCP

Troubleshooting Proxy in Ironport and Bluecoat Proxy

Hand-on Experience Packet analyzer – Extrahop & Medigate, and Packet Sniffing Tools- Infinistream, Wire-shark

Working with monitoring tools Graphana, Solarwinds Netflow, Statseeker, Logic Monitor

Automated administration using Python scripting

Troubleshooting of network related issues, reachability issues, routing issue etc and implementing changes in network so as to improve the network uptime

Stanford Children's Health May 2021 to Dec 2021

Role/Responsibilities: Senior Network/Security Engineer

Worked for Stanford Children's Health Lucile Packard Children Health located in Palo Alto, California, US. Involved in Managing Stanford Children’s Health Hospitals/Clinics, Data Center, Trustsec, LAN/WLAN & WAN Infra.

Job Responsibilities

Designing and Management of Cisco ACI - SDN with Multi-Pod, operating intra-Pod/IPN traffic between Data Centers extending Fabric

Experience in implementing APIC profile/polices with API Postman Runner script and automated integration with APIC control plane

Experience in integration of ESXi hypervisor/NSX, VMware, VMM Integration with APIC for ACI Fabric

Deploying and Managing Cisco ISE (Enterprise Network Solutions) in wired/wireless environment to perform Dot1x port based authentication configure the Posture polices perform Change Of Authorization CoA for users connecting to the corporate network

Configuring and deploying enterprise-class networks including the following products: Cisco Nexus 9k,7k, 5k switches and Cisco ASR/ISR routers

Managing Cisco Routers (1841,2811,2851,3745,3845,3925,7206) and Cisco Catalyst switches (9300,6509,3750,2960)

Advanced working on BGP, MP-BGP, OSPF, EIGRP, VDC, vPC, VXLAN, and ECMP

Managing Cisco next generation Firewalls, Cisco ASA & Fortigate Firewalls.

Managing Citrix Netscalar Load balancer VPX, SDX & MDX

Management of Cisco Trustsec solution with radius using Cisco ISE

Managing Bluecoat SSL, Fortiweb SSL and A10 SSL

In depth expertise in routing protocols (BGP, OSPF, EIGRP, RIPv1&2), Switching architecture and protocols (VLAN’s, Trunking and Spanning Tree)

Troubleshooting DNS/DHCP in Infoblox and Windows DNS/DHCP

Troubleshooting Proxy in Ironport and Bluecoat Proxy

Hand-on Experience Packet analyzer – Extrahop & Medigate, and Packet Sniffing Tools- Infinistream, Wire-shark

Working with monitoring tools Solarwinds Netflow, Statseeker

Automated administration using Python scripting

Troubleshooting of network related Issues, reachability issues, routing issue etc and implementing changes in network so as to improve the network uptime

Implementing changes as per design recommendations and implementing new links / new branches connectivity

Tribola Tech Inc, USA Aug 2019 to Apr 2021

Client: Stanford Children's Health

Role/Responsibilities: Senior Network Engineer

Worked providing Infra services to client Stanford Children's Health Lucile Packard Children Health located in Palo Alto, California, US. Involved in Managing Stanford Children’s Health Hospitals/Clinics, Data Center, LAN/WLAN & WAN Infra.

Job Responsibilities

Designing and Management of Cisco ACI - SDN with Multi-Pod, operating intra-Pod/IPN traffic between Data Centers extending Fabric

Experience in implementing APIC profile/polices with API Postman Runner script and automated integration with APIC control plane

Experience in integration of ESXi hypervisor/NSX, VMware, VMM Integration with APIC for ACI Fabric

Deploying and Managing Cisco ISE (Enterprise Network Solutions) in wired/wireless environment to perform Dot1x port based authentication configure the Posture polices perform Change Of Authorization CoA for users connecting to the corporate network

Configuring and deploying enterprise-class networks including the following products: Cisco Nexus 9k,7k, 5k switches and Cisco ASR/ISR routers

Managing Cisco Routers (1841,2811,2851,3745,3845,3925,7206) and Cisco Catalyst switches (9300,6509,3750,2960)

Advanced working on BGP, MP-BGP, OSPF, EIGRP, VDC, vPC, VXLAN, and ECMP

Managing Cisco next generation Firewalls, Cisco ASA & Fortigate Firewalls.

Managing Citrix Netscalar Load balancer VPX, SDX & MDX

Management of Cisco Trustsec solution with radius using Cisco ISE

Managing Bluecoat SSL, Fortiweb SSL and A10 SSL

In depth expertise in routing protocols (BGP, OSPF, EIGRP, RIPv1&2), Switching architecture and protocols (VLAN’s, Trunking and Spanning Tree)

Troubleshooting DNS/DHCP in Infoblox and Windows DNS/DHCP

Troubleshooting Proxy in Ironport and Bluecoat Proxy

Hand-on Experience Packet analyzer - Extrahop, and Packet Sniffing Tools- Infinistream & Wire-shark

Working with monitoring tools Solarwinds Netflow, Statseeker

Automated administration using Python scripting

Troubleshooting of network related Issues, reachability issues, routing issue etc and implementing changes in network so as to improve the network uptime

Implementing changes as per design recommendations and implementing new links / new branches connectivity

TATA Consultancy Services, USA Jan 2015 to Aug 2019

Client: Best Buy

Role/Responsibilities: Senior Network Security Engineer

Involved in designing, maintaining and configuring client Best Buy LAN/WAN & Data Center from Onsite Best Buy Corporate Office, Richfield, Minnesota, US.

Job Responsibilities

Design and Managing the BestBuy Stores, Data Center, LAN and WAN Links.

Migrating and Managing Cisco APIC-ACI - Cloud Computing.

Troubleshooting Cisco ACI Multi-Pod Configuration, IS-IS and COOP protocols, operate intra-Pod traffic between Data Centers

Analyzing and modifying Cisco APIC Inter VRF/Tenant Route Leaking using contracts

Evaluating ACI fabric to ensure each tenant is secured and has separation from other tenants. Use L3/L2 outs via common tenant to reduce TCAM and RAM utilizations

Managing Cisco next generation Firewall FTD/FMC & Cisco ASA.

Troubleshooting of network related Issues, reachability issues, routing issue etc and implementing changes in network so as to improve the network uptime.

Implementing changes as per design recommendations and implementing new links / new branches connectivity.

Troubleshooting and configuration of Cisco Nexus (9k,7k,5k,2k), Cisco Router (1841,2811,2851,3745,3845,3925,7206) and switches (2960,3750,6509)

Troubleshooting DNS and DHCP in Infoblox/Windows.

Troubleshooting Proxy in Ironport and Bluecoat Proxy.

Troubleshooting Load balancer for Service optimization.

Managing F5 LTM & GTM.

Configuring/Adding and managing site-to-site VPN with Meraki MX devices - VPN Concentrator

Managing ACI and integration with ESXi hypervisor.

Managing Fortigate WAF SSL appliance

Maintenance of Network, Day to day troubleshooting, protocols used are OSPF, EIGRP & BGP.

Hand-on Experience Packet analyzer - Extrahop, and Packet Sniffing Tools- Infinistream & Wire-shark

Experience in operating and maintaining Cisco Prime, Cisco ISE/ACS, and Cisco Wireless.

Automated administration using Python scripting.

TATA Consultancy Services, India Jan 2013 to Dec 2014

Role/Responsibilities: Network Security Engineer

Involved in maintaining and configuring client Best Buy LAN/WAN & Data Center form Offshore, India. The network consists of a Data & online WAN network spread across the globe, which is monitored and managed on a 24x7x365 basis to provide minimal MTTR and optimal service.

Job Responsibilities

Troubleshooting of network related Issues, reachability issues, routing issue etc and implementing changes in network so as to improve the network uptime.

Implementing changes as per design recommendations and implementing new links / new branches connectivity.

Troubleshooting and configuration of Cisco Nexus (9k,7k,5k,2k), Cisco Router (1841,2811,2851,3745,3845,3925,7206) and switches (2960,3750,6509)

Troubleshooting DNS and DHCP in Infoblox.

Troubleshooting Proxy in Ironport and Bluecoat Proxy.

Troubleshooting Load balancer for Service optimization.

Managing Cisco APIC - ACI and integration with ESXi hypervisor.

Managing F5 LTM & GTM, Troubleshooting LB and iRule for Service optimization

Interacting with Vendors for quick and efficient resolution of problem.

Network & Bandwidth planning, Hardware sizing, new link commissioning, designing & deployment using LL, T1, E1, & MPLS links.

Maintenance of Network, Day to day troubleshooting, protocols used are OSPF, EIGRP & BGP.

Experience in operating and maintaining Cisco Prime, Cisco ISE/ACS, and Cisco Wireless.

Strong hands on experience on PIX, Firewalls, ASA (5540/5550). Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, DMVPN IPS/IDS, AAA (TACACS+ &RADIUS).

Automated administration using Python scripting.

Traffic diversion on backup or alternate connectivity.

Up gradation of IOS and kept on up to date vulnerability and suggest standard IOS versions.

Working with Cisco TAC engineer for level 3 supports when SLA reaches

Preparation and updating of Network Diagram.

HCL Technologies – IOMC May 2010 to Dec 2012

Role/Responsibilities: Senior Specialist (Global Telecom Data Management)

Was part of HCL Technologies Wherein HCL Comnet is providing Infra services to its global customer through OMC’s [Offshore Management Center’s] which is located in India.

Job Responsibilities

Working as a part of Telecom team in HCL as Senior Specialist – Network

Providing connectivity design for HCL Global offshore centers for the transition customers.

Implementing the network design which is proposed to customer after understanding client’s requirement/network setup.

Configuring voice gateways (Cisco 2821 Routers) for internal and external call routing.

Configuring Cisco ASA firewalls.

Troubleshooting of network related Issues, reachability issues, routing issue while implementing changes in network.

Network & Bandwidth planning, Hardware sizing, new link commissioning, designing & deployment using LL, T1, E1, PRI & MPLS links.

Configuring IPVPN as per customer security policies either in ASA firewall/Router.

Implementation of Network, for which protocols used are EIGRP, OSPF & BGP.

Post implementation of each project have responsible for handover all necessary information to Telecom Management Team.

Wipro InfoTech, GSMC- NOC Oct 2007 to April 2010

Role/Responsibilities: Network Engineer/Implementation Executive

WI GSMC is an Remote Application and Infrastructure support model for Monitoring & Management Services.

Was a part of network management team and giving support to Domestic/abroad customers. Involved in maintaining and configuring of WAN & Data Center management of Clients all over the globe. The network consists of a Data & online WAN network spread across the globe, which is monitored on a 24x7 basis to provide minimal MTTR and optimal service

Job Responsibilities

Troubleshooting of network related Issues, reachability issues, routing issue etc and implementing changes in network so as to improve the network uptime.

Following Process and different procedures as per the customer and maintaining different logs like change log, change request forms etc.

Implementing changes as per design recommendations and implementing new links / new branches connectivity.

Troubleshooting and configuration of routers (Cisco 1841,1812,2811,2851,3661,3662,3640,3825,3845,7206,7513) and switches (2950,3750,4500)

Network & Bandwidth planning, Hardware sizing, new link commissioning, designing & deployment using LL, ISDN, E1, PRI & MPLS links.

Troubleshooting and support to third party devices like Peribit (Wan Accelerator)

Maintenance of Network, Day to day troubleshooting, protocols used are EIGRP, OSPF & BGP.

Traffic diversion on backup or alternate connectivity.

Upgradation of IOS.

Educational Qualifications:

Professional: Bachelor of Computer Application. (Fulltime)

University of Madras,

The New College, Chennai. India,

First class, 2007

I hereby declare that the details furnished above are true to the best of my knowledge and belief

Station: Minneapolis, Minnesota, US

Date: Raja Annamalai

Contact this candidate