Network Security Engineer
Resume:
KOUSHIK KUMAR THALLAPELLI
+1-919-***-**** ***********************@*****.*** Linkedin
SUMMARY
• Network Security Engineer Professional with over 3 years of experience specializing in network infrastructure security, routing and switching (BGP, OSPF, MPLS), troubleshooting complex network issues, and security operations, committed to providing excellent network security solutions at different levels.
• Network Infrastructure & Security: Expertise in architecting and deploying secure network infrastructures—including firewalls, routers, switches, and VPN solutions—to ensure robust protection and high availability. Proficient in configuring, optimizing, and troubleshooting complex network topologies, leveraging advanced security policies and SIEM tools (e.g., QRadar) to mitigate threats and maintain compliance.
• Routing, Switching & Protocols: Skilled in implementing and managing advanced routing protocols (BGP, OSPF, MPLS) and Layer 2/3 switching technologies, ensuring seamless connectivity and optimal network performance. Demonstrated ability to design and troubleshoot intricate network setups, including VLANs, VPNs, and MPLS VPNs, to support scalable enterprise environments.
• Technical Troubleshooting & Automation: Proven track record in performing detailed network diagnostics, analyzing firewall logs, and employing automation (Python, centralized management systems like Panorama) to streamline operations. Adept at managing cross-vendor platforms (Cisco, Juniper, etc.) and utilizing monitoring tools to ensure proactive maintenance and rapid issue resolution.
• Cross-Functional Collaboration & Documentation: Strong communication and collaboration skills with a history of working effectively with cross-functional teams and external stakeholders to achieve project success.Maintained comprehensive documentation and change management records, contributing to streamlined incident and problem management processes EDUCATION
University of Alabama at Birmingham, MS in Cybersecurity Birmingham, USA GPA: 3.9 / 4.0 Apr 2024 EXPERIENCE
Network Engineer, client Easy Group Jul 2024 – Present
• Configured, optimized, and troubleshot TCP/IP networks, ensuring efficient routing, IP addressing, and seamless communication across enterprise infrastructure. Managed Panorama for policy enforcement, log management, and security updates across distributed Palo Alto deployments, boosting network uptime by 15%.
• Developed automation scripts using Python and Salt stack to streamline network configurations, testing processes, and operational tasks. Designed and deployed end-to-end lab testbeds, integrating Designed and implemented CWDM/DWDM optical transport networks to support high-capacity Layer 2/3 services, including 10GE/100GE Ethernet and IP transit solutions-based systems and API-driven tools to validate network protocols and performance
• Implemented traffic engineering, monitoring, and troubleshooting over MPLS networks using Frame Relay and OSPF. Configured network devices with redundancy protocols like STP, VTP, and RSTP on Nexus and Cisco switches and utilized SolarWinds for application monitoring and network management.
• Managed and optimized AWS/cloud infrastructures, reducing operational costs while ensuring high availability and scalable service delivery. Administered MPLS deployments using Cisco IOS-XR on ASR9000 devices within data center environments
• Performed in-depth analysis of TCP/IP traffic using network monitoring tools to diagnose latency issues, packet loss, and performance bottlenecks, improving overall network efficiency.
• Managed firewall configurations and network data storage using the Panorama management tool across global networks. Troubleshot traffic issues through managed firewalls using detailed logs and packet capture analysis reducing incident response time by 25%
• Implemented DOS mitigation strategies, Multifactor Authentication, and Zone Protection to safeguard against intrusions. Enhanced network security by applying knowledge of DOS, DDOS, Kill Chain, and Zero-Day attacks.
• Collaborated on hardware audits (racking, stacking, auditing using Algosec), ensuring compliance with industry standards.
• Executed various OSPF scenarios on networks equipped with Cisco 7600 routers and managed OSPF link-state advertisements. Integrated virtualization solutions with traditional networks to support dual-stack and IPv6-only architectures in security-sensitive environments.
Network engineer, Tata Consultancy Services Feb 2021 - Nov 2022
• Engineered and optimized routing protocols including BGP, OSPF, IS-IS, MPLS, and EIGRP to support high-availability network designs. Automated network security tasks and vulnerability scans using Python scripts, improving operational efficiency by 30%.
• Implemented dynamic routing and inter-AS connectivity (e.g., eBGP) to enhance network performance and reliability across multi- site environments. Implemented Monitoring, Troubleshooting, traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and OSPF.
• Monitored and analyzed cloud proxy logs to identify and mitigate suspicious activities, ensuring compliance with organizational security policies. Designed and implemented CWDM/DWDM optical transport networks to support high-capacity Layer 2/3 services, including 10GE/100GE Ethernet and IP transit solutions, increasing data throughput by 15%.
• Automated network configurations and deployments using Ansible, streamlining large-scale infrastructure changes and ensuring consistency across multi-vendor environments. Administered Linux servers for DNS, DHCP, and NTP services, optimizing network reliability and reducing resolution latency by 20%.
• Configured the devices with redundancy protocols like STP, VTP, PVST, MVST, RSTP and implemented on Nexus and Cisco Switches. Managed Layer 2 and Layer 3 switching operations, integrating technologies such as VxLAN and BGP EVPN to support modern data center virtualization.
• Designed and maintained data center fabrics and network architectures that improved traffic management and overall system scalability. Administered PoP infrastructure and fiber-optic systems, including cross connects, patch panels, and ODF, ensuring seamless network connectivity.
• Supported multi-vendor network environments by deploying and troubleshooting equipment from Cisco, Juniper, Arista, Fortinet, Aruba, Ruckus, Meraki, and F5. Led hardware replacement and upgrade projects, utilizing structured cabling and installation best practices to ensure optimal network performance.
Junior Network engineer, client Kioson App Apr 2020 - Jan 2021
• Configured and troubleshot WAN (ATM/Frame Relay), TCP/IP networks, and routing protocols (BGP, OSPF, EIGRP), contributing to a stable network environment..
• Utilized Microsoft Visio for accurate network design and documentation, enhancing communication among technical teams
• Assisted with FTP server configuration for internal and external users and vendors, using tools like Wireshark for network diagnostics. Troubleshot traffic passing managed firewalls via logs and packet captures.
• Installed and managed network devices including Cisco Nexus and Catalyst Layer 2 switches (29XX, 3750X series) and routers, supporting efficient network operations.
• Supported Layer 2 switching architecture and resolved multi-area OSPF issues, improving network stability. Configured and resolved various OSPF issues in an OSPF multi area environment
• Configured authentication methods (Plain Text, MD5) and implemented Cisco Secure ACS for TACACS+ and RADIUS, strengthening network security compliance.
SKILLS
• Firewalls : Cisco ASA (5506-X, 5516-X), Palo Alto Networks (PA-3000 Series), Fortinet (FortiGate 600E)
• Network Security : ACLs, IPsec, VPN (SSL VPN, DirectAccess), Port Security, Multi-Factor Authentication (MFA)
• Router Platforms : Cisco ISR (4000 Series), Cisco ASR (1000 Series), Juniper MX Series, Juniper PTX Series
• Switch Platforms : Cisco Catalyst 9000 Series, Nexus 9000 Series, Arista 720XP Series
• Routing Protocols : EIGRP, OSPF, BGP, PBR, IS-IS
• L2 Protocols : VTP, STP, RSTP, MSTP, PVST+, 802.1Q, Multi-Layer Switching, Multicast operations
• L3 Protocols : IPv4, IPv6, OSPF, EIGRP, BGP, IS-IS, ICMP, MPLS, VRF
• Redundancy Protocols : HSRP, VRRP, GLBP, QoS, Cisco StackWise, MLAG
• Authentication Services : SAML, OAuth, OpenID Connect
• Network Management : NetFlow, SolarWinds Network Performance Monitor, Nagios, Wireshark
• WAN Technologies : MPLS, Metro Ethernet, SD-WAN (Cisco Viptela, Silver Peak), LTE/5G
• LAN Technologies : 10/100/1000 Ethernet, 10Gb Ethernet, PoE
• Application Layer Protocols : DNS, DHCP, NTP, HTTP, HTTPS, SSH, FTP, SNMP, LDAP, SMTP, RADIUS
• Virtualization & Cloud : Cisco ACI, AWS VPC, Azure Virtual Network, Google Cloud Virtual Network,
• Programming/Scripting Languages: Python, Java, Shell CERTIFICATES
CompTIA Security +, CCNP, AWS Certified Cloud Practitioner.
Contact this candidate