Post Job Free
Sign in

Network Engineer Senior

Location:
Hartford, CT, 06132
Posted:
January 28, 2025

Contact this candidate

Resume:

Narayana

Senior Network Engineer

C: 516-***-**** E: ********.***********@*****.***

LinkedIn: https://www.linkedin.com/in/sirigiri-venkata-narayana-89b74a2a9/

PROFESSIONAL SUMMARY:

Around 8 years of professional experience in Network Planning, testing, troubleshooting, implementing, optimizing, and maintaining enterprise data network and service provider systems.

Strong hands-on experience on Cisco Catalyst (3550, 3750, 6500,9200,9300) series switches, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers,

Implementation, working analysis, troubleshooting and documentation of LAN, WAN& WLAN architecture with excellent work experience on IP series.

Experience in Layer 2 routing Protocol Configurations ARP, RARP, ATM/FRAME RELAY,VPN technologies IPSec & SSL.

Worked on various network projects involving Cisco Routers-ASR 1000/9300/9500, Switches-Nexus 9k/7K/5K/2K.

Experience in configuring Virtual Local Area Network (VLAN), spanning tree protocol (STP), VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Per VLAN spanning Tree (PVST) and 802.1x authentications in access layer switches.

Experience managing and maintaining Infoblox IP Address Management Appliances.

Handling various trouble tickets, firewall rule changes, assisting other teams to bring the device to production, making DNS changes in Infoblox and routing changes.

Partnered with Project Manager & SMEs to develop support guides for software such as Venafi, McAfee, Cylance, AirWatch, BYOD and FireEye NX, EX, AX, FX, and CMS.

Firewall technologies include general configuration, security policy, rules creation and modification on Cisco ASA and Palo Alto, Checkpoint Firewall.

Configured Solar Winds Orion NPM and used it to monitor traffic on a network and to generate reports on WAN utilization.

Configuring ASM policies for external applications and administrating on F5 LTM, GTM, ASM, APM on series 5050, 10000 8900.

Designed & Implemented DMZ solutions for data center environment, build checkpoint firewall policies for the same.

Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.

worked on Amazon AWS and MS Azure Virtual private cloud services.

Technical skills:

●Network Configuration: Advanced switch/router configuration (Cisco IOS access list, Route redistribution/propagation).

●Routing Protocols: IGRP, EIGRP, OSPF, BGP, MPLS, MP-BGP, IS-IS

●WAN Protocols: HDLC, PPP, MLPPP

●Circuit switched WAN: T1/E1 – T3/E3/OCX (Channelized, Fractional & full).

●Packet Switched WAN: ATM, FRAME RELAY, MPLS VPNs

●Security Technologies: Cisco FWSM/PIX/ASDM, Palo Alto, Fortinet, Sonic wall, Nokia Checkpoint NG, Juniper SRX

●Cisco Routers: Cisco GSR 12416, 12418, Cisco 7200vxr, Cisco 3640, Cisco 3600

●Redundancy and management: HSRP, RPR, NSF/NSR

●Systems Management: Altiris, Microsoft System Center Configuration Manager (SCCM)

●Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonnet (POS)

●Layer 2 technology: VLAN, VTP, VMPS, ISL, dot1q, DTP, Spanning-tree, PVST

Certifications:

Cisco Certified Network Professional (CCNP)

Cisco Certified Network Associate (CCNA)

Education:

Master’s degree in computer science from Sacred Heart University, Connecticut, USA.

PROFESSIONAL EXPERIENCE

Cepheid, Bay Area, CA Aug 2023 - Present

Senior Network Engineer

Responsibilities:

Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 9k,7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 1800 series and Cisco catalyst 9200,9300,6500, 4500, 3750, 3500, 2900 series switches.

Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.

Experience with Interior and Exterior routing protocols that includes RIP, OSPF, EIGRP, IS-IS and BGP. Worked on Cisco, Juniper, and Arista routers.

Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.

Configured Cisco 2800, 3800 routers and 3750, 4500, 6500, 9300, 9500 switches as part of the implementation plan.

Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.

Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.

Heavily involved with data center migration from Cisco to primarily Arista with minimal downtime utilizing VxLAN.

Performed Installation of Cisco ASA 5585, 5545 & 5525 series firewalls.

Extensive Knowledge on implementation of Cisco ASA 5500, 5585, 5505, 5510, 5512-X firewalls with Firepower module.

Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewall 5555.

Configure and troubleshoot the Cisco FTD 9300, FTD 2110 using FXOS, LINA, Cisco FMC on a day-to-day basis, deploy the firewalls 9300 in HA and 2110 in stand-alone based on the site type.

Responsible for upgrading the Cisco FMCs in the environment.

Cisco ASA security appliances include Sourcefire, Firepower services and Foresight Management Console.

Worked on Upgrade ASAs from 8.x to 9.x, Install Firepower and Fire AMP for Endpoints, Sourcefire.

Worked on setup the SD-WAN deployment, optimizing WAN performance.

Integrated DNA Center, SD-WAN with Cisco ISE to support mobility, Segmentation and Programmability at the access layer.

Established secure hybrid cloud architecture using AWS Site-to-Site VPN and Direct Connect for seamless communication between on-premises networks and AWS.

Working on customer incidents related to wireless and working on CISCO WLC.

Worked on managing and troubleshooting the issues on multi–POD Cisco ACI architecture.

Used Cisco ACI SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment. Expert in troubleshooting production issues and resolving incidents and change tickets related to ACI.

Used Cisco ACI Fabric which is based on Cisco Nexus 9000 series switches and Cisco Application Virtual Switch (AVS).

Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture.

Expertise in migrating Cisco ASA to Palo Alto’s Next-Generation Firewalls using PAN migration tool/ Expedition Tool.

Worked on Wildfire, malware protection and creating various policies on Palo Alto (PA 5050, PA 500).

Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.

Worked on PAN OS upgrade for multiple Palo Alto Firewalls.

Design and Implementation of 802.1x Wired/Wireless User Authentication with SGT using Cisco ISE Radius Server.

Working for NAC project Cisco ISE 802.1x NAC must be applied on ports of all UAL network switches where access to the organization’s network is available.

Managing all the Aruba controllers and access points using Aruba mobility master.

Designed & installed Aruba Wi-Fi network to supply wireless connectivity to employees and guests using segregated VLANs.

Experience with CSM, F5 (LTM) Load balancers to provide efficient switching and routing for local and global traffic. Maintained BIG IP F5 APM VPN and provided solutions for intricate issues.

Implemented and managed Zscaler to Web security where allow the access to User based web policies.

Developed and maintained comprehensive security policies within Zscaler to enforce web content filtering, application control, and data loss prevention (DLP) rules.

Implemented Zero Trust Network Access (ZTNA) architecture to enhance network security by verifying all users and devices before granting access, regardless of location.

Integrated ZTNA solutions with existing network access control (NAC) policies, ensuring continuous verification of users, devices, and network activities

Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.

Proficient with F5 LTM and Cisco CSM load balancer in-between the servers inside the server farm and DMZ.

Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.

Deployed BIG-IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.

Hands on experience in implementation and management of Wireless networks, which includes Cisco Meraki Access Points.

Yamaha Motors, Kennesaw, GA Aug 2022 – Aug 2023

Network Security Engineer

Responsibilities:

Troubleshot network issues related to IPSEC, NAT, UTM, ALG, and authentication.

Configured IPSEC VPN on SRX series firewalls and worked with network management software like NSM.

Configured Azure VPN Gateway and ExpressRoute for secure, high-speed, and low-latency connections between on-premises infrastructure and Azure cloud resources.

Led the integration of a new POS system to streamline sales transactions and inventory management for the client.

Configured POS software to align with business requirements, enhancing transaction speed and improving user experience.

Worked with FortiGate UTM, Forti Switches, Forti Voice, Forti AP, Forti Authenticator, Forti Analyzer, and Forti Manager.

Implemented web-filtering and intrusion prevention solutions on Fortinet firewalls, meeting company standards.

Hands-on experience with Fortinet UTM features: web filter, content filter, application control, intrusion prevention, DDoS, IPSec, and SSL VPN.

Configured remote authentication servers (TACACS+, RADIUS, FSSO, LDAP) in Access Control Networks.

Experience with Cisco Meraki wireless products and firewall technologies.

Supported external user access via IPSec VPN and SSL.

Migrated Cisco environments to Fortinet.

Configured failover DMZ zoning, VLANs, routing, and NAT with firewalls.

Performed Installation of Cisco ASA 5585, 5545 & 5525 series firewalls.

Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5585 Security appliance.

Extensive Knowledge of the implementation of Cisco ASA 5500, 5585,5505, 5510, 5512-X firewalls with Firepower module.

Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewall 5555.

Configured Protocol Handling, Object Grouping, NAT, PAT on ASA Firewalls.

Cisco ASA security appliances include Sourcefire, Firepower services and Foresight Management Console.

Designed, built, upgraded, and operated multiple cloud environments. Hands-on installation & configuration within the AWS/Azure Clouds & DoD Data Centers.

Proficient in installing and configuring Windows Server operating systems (Windows Server 2012, 2016, 2019) including roles and features such as Active Directory, DNS, DHCP, and Group Policy.

I worked as an administrator for Cisco IronPort cloud solution.

Installed, Configured and currently maintaining Check Point Firewalls (R76 Gaia, R75.40, R75 and R70) in a Distributed Deployment and High Availability Redundancy Scenario.

Configuring VPN, clustering and ISP redundancy in Checkpoint firewall.

Worked on Checkpoint Platform including Provider Smart Domain Manager

Experience in Checkpoint IP Appliances R65, R70, R75, R77 &Cisco ASA Firewalls.

Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.

Deployment and administration of Fortinet FortiGate 3000, 1500D, 200D Firewalls

Deployment, Administration with Of Firewalls with tools such as Forti Analyzer, Forti Manager

Configured and deployed the NGFW Firewall Features in Fortinet, like App control, Web Filter, FSSO, Proxy, DNS, IPS/IDS.

Deployed Cisco ISE 2.1/2.4 for Enterprise RADIUS Authentication with Active Directory, RSA Secure ID, Proxy Radius Services to Cisco ACS.

Configure and Administer SSL Inspection rules on Zscaler through Policies (Web and Firewall Insights) for external source to critical applications, also SSL-Bypass for pre-defined Sites.

Manage wireless security (Aruba & ClearPass) & Email security (Proofpoint & FireEye ETP).

Used Infoblox to create and manage newly created DHCP scopes.

Created Server-less Architecture for on-premises Application Migration to AWS cloud.

Wells Fargo, Dallas, TX Feb 2021 – Jul 2022

Network Implementation Engineer

Responsibilities:

Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.

Administering and evaluating firewall access control requests to ensure that these requests are compliant with client's security standards and policies.

Configured Cisco 2800, 3800 routers and 3750, 4500, 6500, 9300, 9500 switches as part of the implementation plan.

Gap analysis to determine Hunterdon PCI/DSS standards to the current environment.

Deployment Cisco ACI fabric to ensure each tenant is secured and has separation from other tenants. Use L3/L2 outs via common tenant.

Maintain the day to day activates on APIC for Cisco ACI fabric.

Configure new ports and EPG and contracts on Cisco ACI leaf fabric for user request.

Experience with CSM, F5 (LTM) Load balancers to provide efficient switching and routing for local and global traffic.

Proficient with F5 LTM and Cisco CSM load balancer in-between the servers inside the server farm and DMZ.

Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.

Deployed BIG-IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.

Implemented DIA (Direct internet access) on SD-WAN as a move towards ZTNA network.

Create multiple custom templates on SD-WAN according to the needs of the network.

Configured, management of and monitored Silver Peak SD-WAN product.

Deployment, configuration, and management of 802.1x solutions to include Cisco Identity Services Engine (ISE), ACS, and Cisco Prime. Multisite distributed ISE 2.0, Design, Implement, Configure, Planned and migrated ACS existing configured devices like WLC, Radius, Tacacs+,802.1x, Guest portal, posture policies and VPN authentication.

Familiarity with WAAS, VoIP, wireless, security, next-gen datacenter networking (SDN, Cisco SD).

Collaborating with Application owners, Network Team, DNS Team, and Firewall Team, to migrate applications from Legacy NetScaler Load Balancer to New F5 BIG-IP Local Traffic Manager.

Design/Installation of Cisco Sourcefire and Firepower Management Center for large service providers on ASA and 9300s.

Installing and configuring various series Palo Alto Firewalls such as Pa-500, PA-850, PA-3050, PA-3220, PA-5020, PA-5060 series and Pa-2000 series firewalls using Panorama.

Configuration and installation of Palo Alto Networks 5050 application firewalls (NGFW).

Expertise in Palo Alto design and installation for Application, URL filtering, Threat Prevention and Data Filtering.

Extensive Packet level debugging and troubleshooting on Palo Alto Firewalls to resolve numerous network issues.

Used FireEye to detect attacks through common attack vectors such as emails and webs.

Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.

Deployed Cisco ISE 2.1 with 8 nodes in deployment, initially in learning mode increasing methodically to 802.1x on wireless and wired.

Configure and administer Cisco ASA Firewalls (5585, 5550 and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.

Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515.

Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.

Managed firewall using FortiGate to allow or block IPs, created policies added different interfaces and VLANs. installations, design, and implementation of Cisco solutions, VPN, Fortinet.

Configuring and deploying the FortiGate firewall and managed by Forti Manager,

Deployed Forti authenticator and Analyzer.

Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.

Worked with Cisco ISE to identify threats in the network for rapid containment and remediation.

Experience on dealing with Cisco ISE Secure Network Server 3515 and other network security products.

Designing, implementing, configuring with best practices on NextGen IDS/IPS Firewalls such as Palo Alto, Cisco Firepower.

Implemented caching and bandwidth management strategies within Zscaler to reduce data usage, optimize internet access.

Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls through CSM.

AWS data backup (snapshot, AMI creation) techniques, along with data-at-rest security within AWS.

Developed an executable application that securely transfers files and creates folders in AWS S3.

Extensive use of NSM (Network and Security Manager) and CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.

Mapped, Network Diagrams and physical identification in MS Visio.

IBM, Hyderabad, India Jan 2018 – Jan 2021

Network Engineer

Responsibilities:

Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.

Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.

Measure the application performances across the MPLS cloud through various routing and switching methods.

Involved in upgrades to the WAN network from existing 7200vxr with ASR1004 and 3845/3945 routers.

Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access, Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.

Worked on Checkpoint Firewalls to monitor traffic drops, implemented NAT rules and monitored logs for traffic.

Configuration and Maintenance of Check Point R75, R75.40 Gaia Firewalls.

Adding and removing checkpoint firewall policies based on the requirements.

Working with Checkpoint Support for resolving escalated issues.

Configuring Juniper Net Screen Firewall Policies between secure zones using Network Security Manager (NSM).

Working experience with Cisco Unified Communication Manager (CUCM) for more secure communication using voice, data, video, and Cisco Call Session Control Platform (CSCP).

Hands on Experience testing iRules using Browser (IE), HTTP watch on f5 load balancers.

Configuration and troubleshooting F5 LTM, GTM series like 6600, 6800 for different applications and monitoring the availability.

Worked on Nexus platform 7k series, 5K series (5548, 5020 and 5010), 2248 and successfully implemented VSS on the Cisco catalyst switches.

Extensively used Infoblox for IP address management. Created and added IPv4 Network, Reserved IP addresses for various devices, Defined DHCP Scope as per the requirements, Created DHCP scope options for setting up Voice VLANs.

Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration

Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.

Work with Relay Engineers to provide IT support for server-based software, firewall request, Citrix access, and software configurations.

Deployed over 450 Palo Alto VM Series 1, VM Series 2 and Palo Alto Networks VM-300Bundle 2, Palo Alto Prisma Access, Prisma Cloud, Cortex and Panorama to have a centralized management in AWS, Microsoft Azure, and on-premises VM environments.

Deployed Active/Standby modes of High Availability (HA) with Session and Configuration synchronization on multiple Palo Alto firewall pairs. Knowledge on the application of Active/Active Ham ode.

Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.

Designed and Implemented Firewalls, F5Viprion deployments to Frontend and DMZ customers.

Hand on experience the configuration and implementation of various Cisco Routers and L2 Switches.

Experience in configuring of Layer 2 / 3 networking features such as HSRP, NAT, VLAN, STP, VTP, 802.1X, Port Security.

Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls.

Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ.

Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.

Configured Site to Site IPsec VPN tunnels to peer with different clients and each client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.

Capgemini, Hyderabad, India. Nov 2016 – Nov 2018

Network Administrator

Responsibilities:

Administered switching technologies, including VLANs, inter-VLAN routing, trucking, STP, RSTP, port aggregation, and link negotiation.

Responsible for creating technical documentation for all upgrades.

Participated in meetings and technical discussions related to NOC changes.

Implemented RTP for delivering audio and video over IP networks, ensuring high-quality streaming and minimal latency.

Deployed and managed Unified Communications applications on Linux servers, ensuring system reliability and security.

Managed network cabling, dressing, labeling, and troubleshooting onsite network drops.

Handled network operations using the SIFY TAC ticketing system.

Designed, installed, and configured VPN/IVPN, LAN/WAN networks based on organizational requirements.

Monitored and troubleshot LAN segments and related issues.

Conducted periodic backups of router and switch configurations.

Planned and implemented new infrastructure in the data center.

Analyzed bandwidth utilization for links.

Provided timely escalations within SIFY and to service providers.

Troubleshot devices via remote login to determine RFO (Reason for Outage) and RCA (Root Cause Analysis), minimizing service disruptions.

Maintained and monitored base station infrastructure.

Commissioned new links in coordination with BSO.

Ensured standard router and switch configurations were maintained.

Managed capacity planning, contingency planning, and disaster recovery.

Monitored NMS systems for network alerts.

Deployed data center LAN using Cisco Nexus 7k, 5k, and 2k switches.

Troubleshot leased lines, include STM4, DS3, E1, Metro, NLD ILD services, and RF links.



Contact this candidate