Network Engineer Palo Alto
Resume:
Rajavardhan Reddy Singireddy
Senior Network Engineer
************@*****.***
Summary
Network Engineer having 5 years’ experience in Networking and security products and firewalls.
Configured, installed with Arista switches, including Arista 7000 series (7050SX3, Arista 7504, 7508) device series.
Configured all Palo Alto firewall models (PA-2k, PA-3k, PA-k, PA-7k) as well as centralized management system (Panorama) to manage large scale firewall deployments.
Migrated legacy firewalls to FortiGate firewalls, enhancing security posture and streamlining management and monitoring capabilities.
Worked on Cisco Nexus data centre infrastructure with 5000, 6000, 7000 and 9000 series switches. includes (5548, 7010) including Cisco Nexus Fabric Extender (2223, 2248).
Worked on Cisco 2300, 4000, 6500 series Router and Cisco 1600, 2900, 6500 series switches.
Deployed Cisco ACI across multiple data centre environments, enabling centralized management and improved network agility.
Experienced in working with design and deploy Viptela SD-WAN & Network migration from legacy WAN, also optimize and troubleshoot the SD-WAN networks.
Experienced in Creating several AWS services, such as leveraging AWS S3 bucket in a secured manner data encrypted in transit and at rest.
Worked on routing protocols such as OSPF, BGP and EIGRP to ensure efficient and secure routing of network traffic.
Technical Skills:
Firewalls
Palo Alto Firewalls, Fortinet Firewalls, Cisco Firepower, Cisco ASA, Checkpoint Firewalls
Data Center
Nexus (9300, 7000, 5000 series), Arista 7050SX3 and Juniper EX2200, EX2500, and EX3200 series
Cloud
AWS EC2, VPC, IAM, Lambda, S3, CloudFront, RDS, DynamoDB, Elastic Cache, Route53, CloudWatch, Cloud Formation, Amazon Elastic Map Reduce (EMR).
Load Balancers
F5 BIG-IP 5000, 6000 series and VIPRION 2400 Chassis A113 and Citrix load balancers.
SD WAN Technology
Cisco Viptela (vEdge, vManage, vSmart & vBond) Aruba S2500, 3800 and Meraki MR30H technology.
Security
IPsec, VPN Configuration, VPN Concentrator, Authentication AAA TACACS RADIUS Ethereal, Encryption technologies like DES, 3DES, IPS.
Professional Experience
Fiserv, TX Jan 2023 - Present
Senior Network Engineer
Responsibilities:
Configured and managed Palo Alto firewalls (PA-5450, PA-3260, PA-7080), optimizing firewall performance and aligning configurations with security policies to protect against threats.
Implemented Palo Alto features such as Application & URL Filtering, Threat Prevention, and Data Filtering to enhance network security and compliance.
Utilized Palo Alto Panorama for centralized management and deployed VM-300 series firewalls, streamlining policy control and monitoring across network environments.
Troubleshot and resolved complex network issues involving LAN, WAN, firewalls, and F5 LTM load balancers, ensuring minimal downtime and high availability.
Managed firewall rules on Palo Alto VM-300 and Juniper SRX-240 devices, facilitating secure and efficient network traffic control.
Deployed Palo Alto Wildfire to defend against sophisticated attacks and zero-day vulnerabilities, integrating it into the overall security framework.
Implemented and configured FortiGate firewalls (3700F, 4200F, 4700F) to monitor internet traffic, manage user access, and enhance network security through web blocking and software oversight.
Configured and managed Cisco Catalyst Center (formerly DNA Center) for centralized automation, assurance, and monitoring of wired and wireless infrastructure.
Utilized Cisco Catalyst Center to automate switch configurations, manage software image upgrades, and monitor device health across campus and branch networks.
Configured F5 BIG-IP LTM, GTM, APM for load balancing, high availability, and optimized application performance.
Deployed and managed Cisco Wireless LAN Controllers (WLC) and Access Points (APs), including configuration of SSIDs, VLANs, RF profiles, and integration with Cisco ISE for secure wireless access.
Implemented wireless security policies using WPA2/WPA3, 802.1X authentication, and seamless roaming features in enterprise environments.
Involved in deploying and configuring Infoblox appliances, effectively managing DNS, DHCP, and IPAM services resulting in improved network security and performance.
Designed and deployed SD-WAN Viptela architectures, implementing advanced traffic management and path selection policies to optimize bandwidth usage and application performance.
Integrated Cisco ACI with legacy Nexus switches, creating a scalable and efficient data center network while reducing operational complexity.
Implemented advanced encryption techniques such as IPsec and TLS to secure data in transit across the SD-WAN network.
Automated network device compliance checks using Netmiko, significantly reducing audit preparation time by 50% and ensuring adherence to security configurations.
Worked with Cisco TAC to diagnose and resolve complex issues with Nexus switches, enhancing network reliability and performance.
Implemented CDN security features, such as DDoS protection and WAF, enhancing the security and resilience of the network infrastructure.
Deployed Illumio's Adaptive Security Platform for network segmentation and application visibility, bolstering security across the organization.
Implemented Zscaler Internet Access (ZIA) and Private Access (ZPA) to secure internet access and internal applications, reducing the attack surface and improving user experience.
Managed AWS networking components such as VPC frameworks, Transit Gateway, and Direct Connect to ensure secure and reliable cloud communications.
Configured advanced DHCP options in Infoblox to optimize network performance and reduce IP conflicts, leading to a 30% reduction in network downtime.
Enhanced perimeter security with Cisco Secure Firewalls (3105, 3110, 3120), reducing unauthorized access attempts by 50%.
Supported a massive DDI (DNS, DHCP, and IPAM) network environment using Cisco Firepower, ensuring reliable network operations and reducing downtime
Configured IPsec and SSL VPN on Fortinet firewalls, enhancing secure remote access and improving network security
Developed Python scripts for data analysis, identifying network usage trends and enabling proactive measures to maintain high availability and performance.
Worked on bluecoat web application firewall to improve application performance and to perform health checks on HTTP, HTTPS, TCP, ICAP and ICMP to monitor Web content servers.
Rady Children Hospital, CA April 2021 – Nov 2022
Network Engineer
Responsibilities:
Developed and implemented dashboards in Palo Alto’s Panorama to monitor real-time network traffic, threat activity, and device health, providing comprehensive visibility and enabling efficient identification and response to security incidents.
Configured and managed Palo Alto firewalls (PA-7050, PA-5430, PA-5220) with IPsec VPN settings to ensure secure communication, performing updates, password resets, and optimizing firewall policies to reduce unnecessary traffic and improve network performance by 30%.
Ensured FortiGate firewalls operated at peak efficiency by applying the latest security patches and firmware updates, and integrated FortiSandbox and FortiAnalyzer to enhance threat detection, reporting, and response capabilities.
Designed and implemented LAN and WLAN solutions, including Technical Design Reviews (TDR) and Low-Level Designs (LLD), optimizing network infrastructure through IP address planning, configuration, testing, and maintenance.
Administered Cisco SD-WAN Manager (vManage) to provision and monitor overlays, configure templates, and enforce application-aware routing and path redundancy.
Monitored real-time performance metrics and traffic engineering policies using vManage analytics dashboard to optimize WAN usage.
Configured and installed Arista 7160 series switches, as well as managed FortiGate firewalls (6500F, 4800F, 3200F, 3500F) with advanced features such as NAT rules and security policies, ensuring enhanced protection and application performance.
Configured and optimized router security features such as Access Control Lists (ACLs), VPNs (Virtual Private Networks), and IPsec tunnels to safeguard data transmission and prevent unauthorized access.
Executed IOS upgrades on Cisco Catalyst switches (1900, 2900, 3500 series) and routers (2500, 2600, 3600 series), and configured various Cisco Routers and L2/L3 Switches to implement OSPF and BGP, supporting robust and scalable network routing.
Deployed SD-WAN Viptela for Direct Internet Access (DIA) at branch locations, reducing MPLS dependency and WAN costs by 50%, while maintaining secure and reliable connectivity. Additionally, configured MPLS communication and WAN connections using Cisco ASR routers (9922, 9912, 9910).
Developed automation tools for Nexus 9k, 3k, and Juniper QFX5100 using Netconf, PyEZ, and Ansible, alongside Netmiko scripts for automated log retrieval and network metrics analysis, improving network provisioning, management, and troubleshooting.
Configured IPv6 routing within BGP incorporating address-family to effectively route both IPv6 and IPv4 networks.
Managed Cisco ASA, F5 LTM, ACE, and Nexus devices in data center environments, implementing changes to align with customer needs, and enhanced network performance using F5 VIPRION load balancing (2000, 2400, 2200 series).
Led implementation engineer for the enterprise DHCP/DNS migration to the Infoblox solution.
Automated network deployments using Git-integrated CI/CD pipelines, optimizing Terraform-based Infrastructure as Code (IaC) for reusable modules and standardized Ansible playbooks to ensure consistent network configurations across sites.
Improved OpenStack underlay network scalability by migrating from standalone Nexus to Cisco ACI, managing security domains, AAA services, and implementing Zero Trust models with Viptela SD-WAN to enforce strict access controls and encryption.
Enhanced DNS infrastructure security using Infoblox, ensuring reliable domain resolution and mitigating risks such as DNS hijacking.
Utilized AWS Elastic Load Balancing for efficient data distribution, monitored AWS resources using CloudWatch, and automated routine Active Directory tasks with PowerShell scripts to enhance productivity and reduce human error.
Installed Meraki SD-WAN solution Confidential remote branches to better utilize carrier circuits and mitigate packet loss and latency.
Integrated monitoring tools such as SolarWinds, LiveAction, and Cisco DNA Assurance to gain visibility into network performance, identify anomalies, and proactively remediate issues.
Leveraged ServiceNow CMDB and Incident Management modules for device lifecycle tracking and automated incident routing.
Developed Python modules to extend network management systems' functionality, improving granular control and automation, and leveraged Git for version control of network configurations and IaC, ensuring collaborative and traceable infrastructure management.
Managed Information Security Enforcement Console (ISEC) and Illumio for real-time policy enforcement and micro-segmentation, enhancing data center security.
Configured Cisco ISE for deployment on wireless LAN devices and Catalyst switches, ensuring robust network access control.
Developed and enforced security policies and procedures aligned with HIPAA requirements, enhancing the organization's ability to safeguard protected health information (PHI).
Enhanced the organization's security posture by reviewing and updating the Information Security Program to comply with HITRUST CSF and applicable standards such as NIST and ISO.
Configured and upgraded Cisco Secure Firewalls (4245, 3120, 3130) and Firepower systems (4125, 1150, 4100), aligning them with current security standards to strengthen network defenses against diverse threats.
Accenture, India May 2020 – March 2021
Jr. Network Engineer
Responsibilities:
Implemented and managed Checkpoint firewalls (R77.30, R76, R75.10), leveraging advanced security features such as IPS, URL filtering, Anti-Bot, and performance monitoring to enhance overall security and visibility.
Integrated automation tools with ACI to enhance operational efficiency by streamlining VLAN provisioning and management processes.
Adopted NIST 800-88 guidelines to enforce proper disposal of sensitive information contained on media.
Performed regular security assessments and audits of WAF configurations, ensuring they align with industry best practices and compliance requirements.
Implemented Cisco routers (1900, 2900, and 3900 series) for optimized routing, improving performance for online communication and multimedia applications by leveraging routing protocols like RIP, OSPF, BGP, and EIGRP, with advanced route manipulation (route-map, distribute list, administrative distance).
Configured and managed wireless infrastructure using Aruba and HP controllers, including SSID, VLAN binding, and security management for seamless wireless connectivity.
Experienced with HP Aruba 2920 series, 2930 F series, and 5400R series switches, ensuring network stability and performance in enterprise environments.
Created and updated public DNS records, network topologies, and VPN inventory to improve network documentation and enhance troubleshooting efficiency.
Designed and deployed highly available network devices with F5 BIG-IP (5000i, 7000i, 10000i iSeries) for load balancing, ensuring high availability and prompt failure recovery to maintain operational continuity.
Deployed Cisco Tetration for enhanced visibility and analytics across data center environments, improving security by monitoring traffic patterns and application dependencies.
Implemented Cisco TrustSec policies to enforce identity-based access control (IBAC), ensuring only authorized users and devices access sensitive resources across the network.
Developed and maintained Terraform scripts to automate network infrastructure provisioning and configuration in cloud and on-premises environments, significantly reducing deployment times by 70%.
Installed and tested Ethernet, Fiber optic, and coaxial cabling across multiple sites, adhering to industry standards and minimizing network downtime during upgrades.
Optimized WAN traffic using Silver Peak’s application acceleration and path conditioning features, reducing latency and improving application performance by 40%.
Integrated SolarWinds with ITSM tools to streamline incident management workflows, significantly reducing response times and improving service delivery.
Deployed and managed Citrix NetScaler appliances for load balancing web applications, ensuring high availability and improved application performance.
Utilized Wireshark to capture and analyse network packets in real-time, diagnosing complex network issues and providing insights into network protocols for performance tuning.
Collaborated with teams to analyse traffic data using advanced Excel functions to streamline troubleshooting processes and minimize network downtime.
Implemented advanced routing and firewall policies to segment and secure networks, ensuring controlled access to resources and protection against unauthorized data access.
Managed and optimized virtualized environments using VMware vCenter and deployed VMware vSphere clusters for improved resource allocation and performance management.
Designed and deployed AWS VPC architectures, including configuring secure VPN connections and AWS Transit Gateway integrations for seamless cloud infrastructure management.
Tested and deployed Wireless LAN (WLAN) switching and access point products to ensure robust wireless connectivity in enterprise environments.
Configured secure email gateways (SEGs) to prevent inbound and outbound email threats, enhancing email security and safeguarding against cyberattacks.
Managed vulnerability scanning and assessment programs using ISEC to identify and mitigate network and system vulnerabilities, ensuring compliance with security standards.
Education:
Master of Science in Artificial Intelligence January 2023-May 2024
University of Texas at Dallas
Contact this candidate