Network Engineer Senior
Resume:
Sidditha Terala
Senior Network Engineer (Cloud, AWS, SDWAN, Security, Palo Alto, F5)
Phone: 737-***-****
E-mail: *********@*****.***
LinkedIn: linkedin.com/in/sidditha-terala
PROFESSIONAL SUMMARY:
Designed, implemented, and secured SCADA network architectures to ensure high availability, real-time monitoring, and secure communication between industrial control systems (ICS).
Designed, deployed, and supported complex network infrastructures using Cisco and Juniper technologies, including installation and analysis of LAN/WAN protocols.
Managed structured cabling in IDF and MDF environments, ensuring optimal network performance with patch panels, fiber optics, and copper cabling.
Hands-on experience with Cisco Catalyst (9200, 9300, 9400, 9600), Cisco Nexus (9K), Cisco Routers (ASR 1000, ISR 4000, ASR 9000), and ASA Firewall (5550-X), including configuration and management of network hardware.
Deployed and managed F5 Application Security Manager (ASM) as a web application firewall (WAF) on BIG-IP platforms for enhanced web security.
Created and maintained network design documentation and presentations using VISIO, and implemented comprehensive network monitoring systems.
Administered Layer 2 switching, Layer 3 routing, and network security with firewalls and VPNs, and managed load balancing and access policies with NetScaler.
Automated Azure environments using Terraform, Ansible, and Python to streamline deployment and management processes.
Led the design and implementation of ZPA to secure application access across data centers, ensuring seamless connectivity for remote users.
Implemented Juniper Mist and Extreme Switches (SLX 9000 series), and hands-on with F5 load balancers, including methods, implementation, and troubleshooting on LTMs.
Conducted query performance analysis in Snowflake, identifying and resolving bottlenecks to optimize execution times.
Developed test cases and scripts using IxVeriWave API and automated configurations for Ciena 39xx series and Juniper ACX routers.
Designed and implemented Palo Alto Networks PA-5k, 3k, 7k Series NGFWs, configuring advanced security policies and application control features to protect against cyber threats.
Utilized Ansible, Terraform, Tuffin, and Python for network automation and configuration processes.
Enhanced network visibility by integrating Cisco ISE with Splunk for detailed analysis and reporting on network activity.
Experienced with Spine-Leaf architectures, Cisco ACI, Arista CloudVision, and Nexus switches for VPC and VDC implementations.
Developed and standardized network SOPs to ensure consistent implementation of configurations, troubleshooting, and security best practices across enterprise environments.
Proficient in advanced signal modulation techniques including OFDM, ATDMA, and TDMA, optimizing data throughput and ensuring high-quality service delivery across diverse network architectures.
Configured and managed VoIP systems include call managers, wireless (802.11ax/Wi-Fi), and wired IP phones, and proficient in VoIP protocols such as SIP and RTP, with expertise in designing systems for scalability and QoS.
Manipulated BGP attributes such as Local Preference, MED, and Route-Reflector clusters for optimized routing.
Managed Palo Alto firewalls with expertise in security policies, NAT, URL filtering, SSL decryption, and monitoring.
Addressed multicast routing issues using PIM and IGMP, optimizing multicast traffic distribution and group membership.
Configured and managed Infoblox DNS, DHCP, and IP Address Management (DDI) services to enhance network reliability, security, and performance across multiple data centers and remote offices.
Engineered spine-leaf architectures with VXLAN tunnels terminating on VTEPs across data center fabrics, optimizing east-west traffic flow and enabling seamless workload mobility.
EDUCATION:
Bachelor of Information Technology from Osmania University, India.
Master of Information Systems and Technologies from the University of North Texas, United States.
CERTIFICATION:
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)
Palo Alto Networks-Certified Network Security Administrator (PCNSA)
TECHNICAL SKILLS:
Network Protocols
MPLS, VRF, VRRP, Policy Based Routing, Route Redistribution, Static Routing, VDC, STP, RSTP, VLANs, 802.1q/ISL, CDP, LACP, OSPF, BGPv4, EIGRP, HSRP, VPC, VDC.
Cisco Router platforms
ASR 1000 Series, ASR 9000, ASR 1013, ASR 901 Series Router Series; Catalyst 8300 Series, 8200 Series, ISR 4000 Series, ISR 800, ISR 1000 series, Catalyst 8300 Series Edge Platforms; Juniper MX304, MX10004 and MX10008, SDN-enabled MX10003, SDN-enabled MX2020.
Cisco Switch Platforms
Catalyst 9200 series, 9300 series, 9500 series, Nexus 9300, 5k, Arista Cloud Switches 7800R3, 7504R3, 7508R, 7388X5, 7170B-64C.
Firewalls
FortiGate 90F Series, FortiGate 7121F Series, Palo Alto-5410, 5420, PA-7080, PA-3440, Juniper SRX (5400, 3600, 1500, 320), Cisco ASA 5506-X, ASA 5508-X, Checkpoint Quantum Security Gateway (16k, 26k 56k) series.
LAN Technologies
Ethernet, Gigabit Ethernet, Port Channel, TCP/IP, Ether channel, VLSM, Cisco/Catalyst L2/L3 Switches, Juniper/Net screen/Cisco Firewalls
WAN Equipment
Cisco ACI, SDWAN, Cisco/Juniper Routers, Silver Peak NX-7xxx WAN Accelerators, PPP, T1/E1, HDLC, MPLS, DS3,
Network Management Tools
Infoblox, Snow (ServiceNow), SolarWinds, Wireshark, Cisco Prime, Splunk, SolarWinds Net Flow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM), SAM, IP Address Manager, SignalFx, LogicMonitor,
Security Access Control
AAA, TACACS+, Radius, IPsec, GRE, NAT/PAT, ACLs, w/DUO, SSLVPN
Operating Systems
LINUX, UNIX, Windows Server 2012
Network Operating Systems
Cisco IOS, NX-OS, CAToS, Cumulus, Aruba, JUNOS, PAN-OS, F5OS-A and F5OS-C
Wireless
Aruba wireless and APs, Cisco Meraki, Prime Infrastructure, Ekahau, Air Magnet, AirWatch Cisco ISE, Aruba 3000 controller & Airwave, ISE, Aruba Clear Pass 6.10
Automation Scripts
Python, Ansible, Shell Scripting and Terraform
Load Balancing
F5 LTM, Citrix NetScaler, Cisco ADC
PROFESSIONAL EXPERIENCE:
Client: AT&T Inc, Plano, Texas October 2024- Till Date
Role: Senior Network Engineer
Responsibilities:
Design experience for SD-WAN (Versa and Viptela), SD-LAN, and WAN optimization technologies to provide optimal application data transport across LAN and WAN.
Implemented zero-touch provisioning for SD-WAN devices, streamlining deployment and reducing operational complexity across multiple locations.
Designed and implemented GCP VPC architectures, leveraging subnets, firewall rules, and peering for secure cloud networking.
Integrating Cisco ACI with cloud environments, allowing for hybrid cloud connection and smooth workload mobility between on-premises and cloud platforms.
Configured Juniper MX304 routers as high-performance edge and core routers, optimizing BGP, OSPF and RSVP-TE/MPLS LSPs for carrier-grade routing and low-latency performance.
Configured EIGRP over VRF (Virtual Routing and Forwarding) on ASR 9000 to support multi-tenant environments and enhance network segmentation.
Utilized Meraki Dashboard for centralized management, real-time monitoring, and proactive troubleshooting, ensuring network health and performance across multiple sites with CW9176/CW9176D1 APs.
Working with a successful Cisco Partner to migrate Palo Alto 5050 firewalls to Cisco Fire Power 9300 firewalls with throughput up to 1.2Tbps crushing the current slow Palo Alto 5050s.
Engineered EPON network configurations to support high-speed fiber-to-the-home (FTTH) services, integrating with existing DOCSIS-based networks for seamless connectivity.
Proactively detect and fix problems to provide the best possible user experience by utilizing the AI-driven insights provided by Cisco (DNAC) DNA Center to enhance network performance.
Configuring Palo Alto firewalls from PAN-OS 8.1 to PAN-OS 11.0.X for comprehensive security, including application and URL filtering, SSL decryption, and VPNs.
Configure modern security appliances, such as Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and Cisco Umbrella, to improve web traffic security and application performance.
Configured and managed F5 BIG-IP's Global Load Balancing (GSLB) for optimized traffic routing across geographically distributed data centers, improving application availability and performance during peak load times.
Developed extensive network maps and visualizations in SolarWinds to depict OSPF routing topologies, which aided in network design and troubleshooting.
Configured Citrix NetScaler Gateway for secure remote access, implementing multi-factor authentication (MFA) and VPN services to protect remote connections.
Configuring Juniper SRX Series firewalls with Junos OS 20.1, implementing advanced security policies, intrusion prevention, and VPN services for secure network access.
Troubleshot complex MPLS VPN issues, using tools such as Traceroute MPLS and MPLS ping across PE-CE connections, ensuring minimal downtime.
Implemented ACLs on Palo Alto Networks firewalls to enforce security policies based on user identity and application, enhancing context-aware security and reducing attack surfaces.
Configured VLANs on Cisco Catalyst 9500 Series switches to segment network traffic and enhance security by isolating different network segments based on function or department.
Working with cloud-based WLAN technologies like 802.11ac/b/n/g Cisco WLAN, Cisco Meraki, and Aruba Wireless.
Utilizing IPsec VPN on Fortinet FortiGate firewalls to secure communication between distributed sites, integrating with Forti Manager for centralized management.
Utilized Aruba Mobility Master for centralized management and orchestration of multiple controllers, ensuring consistent policy enforcement and simplified network administration.
Working with virtual routers on Palo Alto firewalls, added NAT rules with source and destination address translations and security rules with various applications and services.
Designing a Terraform and deploying it in the cloud deployment manager to spin up resources like cloud virtual networks and compute Engines in public and private subnets along with Auto scaler in Google Cloud Platform.
Developed Python scripts to collect and analyze network performance data, generating detailed reports and visualizations to identify and address issues.
Configuring Cisco ACI 6.7 and Arista 7250qx-64 Cloud Vision switches to enable advanced network segmentation and streamline management.
Leveraged Infoblox API integration to automate IP address allocation and DNS record management, reducing manual efforts and minimizing configuration errors.
Optimized Wireless network performance using Cisco WLC, performing RF spectrum analysis and channel optimization to reduce interference and maximize throughput in high-density environments.
Using Ansible and Ansible Tower as Configuration management tool, to automate repetitive tasks, quickly deploy critical applications and proactively manage change.
Architected and implemented network segmentation within VMware NSX to isolate critical workloads, ensuring both on-prem and Azure-based environments adhered to best practices in security, compliance, and performance.
Implemented AWS PrivateLink for secure private connectivity to AWS services, enabling services such as S3, EC2, and Lambda to be accessed privately, without traversing the public internet.
Proficient in using Cisco ISE’s troubleshooting tools for analyzing authentication failures, misconfigurations, and network performance issues, as well as monitoring endpoint behavior through the ISE admin interface.
Conducting comprehensive network monitoring and analysis using advanced tools such as Wireshark, SolarWinds Network Performance Monitor (NPM), and NetFlow Traffic Analyzer (NTA), providing detailed network topologies, performance metrics, and troubleshooting insights.
Ensured application-level redundancy and high availability by deploying and administering F5 LTM load balancers while optimizing traffic flow and security through IDS/IPS and Bluecoat proxy servers.
Client: Federal Home Loan Mortgage Corporation, Plano, Texas October 2023- August 2024
Role: Senior SDN Network Engineer
Responsibilities:
Managed daily delivery tasks including code upgrades and access management via Python scripting on Linux, improving system functionality based on customer tickets.
Using Cisco Prime Infrastructure to monitor, manage and integrate DMVPN performance, allowing for proactive identification and resolution of any network issues.
Using Cisco ACI's health score and monitoring tools to track network performance and health, proactively identifying and fixing issues.
Administering Viptela SDWAN enterprise deployments, configuring network devices to connect remote sites over the Internet.
Designing and implementing Viptela SD-WAN security policies that used segmentation and encryption to protect sensitive data across the WAN.
Integrated Cisco ISE with DNA Center’s AI-driven analytics, automating user authentication, access control, and anomaly detection for improved network security.
Utilizing DHCP relay on Cisco ISR 4000 Series routers to forward DHCP requests between different subnets, ensuring seamless IP address assignment across the network.
Optimizing Spine-and-Leaf architecture with VXLAN to support multi-tenancy and ensure high performance for cloud-native applications.
Implementing upgraded telemetry features on Nexus 9300-EX Series switches to provide real-time network monitoring.
Configuring SSL offloading on F5 BIG-IP LTM to reduce application server load by terminating SSL/TLS connections at the load balancer.
Engineered and maintained WLAN security protocols, including WPA3, 802.1X authentication, and RADIUS servers, ensuring secure wireless network access and compliance with corporate security policies.
Configuring ZPA version 4.2 and ZIA 7.2 to provide seamless and secure access to internal applications for remote users, ensuring compliance with organizational security standards.
Implementing sophisticated features of Cisco Catalyst 9800-CL cloud-based controllers, allowing seamless integration with public cloud platforms and lowering operational expenses.
Configuring Cisco switches, including Catalyst and Nexus 9k series, to support LAN and WAN connectivity, VLAN segmentation, and inter-VLAN routing.
Implemented advanced security policies on SRX320, including stateful firewall rules, application-layer filtering, and unified threat management (UTM) to enhance network security.
Monitored and optimized network traffic to Snowflake using packet capture, flow logs, and performance analysis tools, reducing latency and data transfer costs.
Integrated SD-WAN solutions with existing MPLS networks to optimize hybrid WAN architecture, improving cost efficiency and performance for enterprise applications.
Set up and maintained F5 LTM and Citrix NetScaler sophisticated load balancing for mission-critical applications, guaranteeing availability and smooth user experiences.
Diagnosing and resolving complex network issues involving Cisco switches, utilizing advanced troubleshooting tools and techniques to minimize downtime and ensure continuous operation of IT-OT services.
Working with Aruba and Cisco Wireless LAN controllers (WLC), Configuring and Provisioning APs, Virtual APs, RTLSs, Wireless SSIDs, remote and campus APs, upgrading WLC, worked in Active/Active local Controllers and Master controller.
Using the ASR 9903 Series with automated provisioning tools and network management systems to improve network visibility and expedite operations.
Integrating Snowflake into CI/CD pipelines using Jenkins to automate deployment and testing processes.
Using Cisco ACI Fabric which is based on Cisco Nexus 9000 series switches and Cisco Application Virtual Switch (AVS).
Managing the firewalls, proxy servers, site-to-site and B2B VPNs, client SSL and IPsec VPN gateways for 50 networks with 9000+ users and hundreds of public web apps.
Integrating IKEv2 with (MFA) solutions to strengthen remote access security for users and devices.
Configuring QoS on Juniper MX Series routers to prioritize voice, video, and data traffic, ensuring high-quality performance for latency-sensitive applications.
Working on Palo Alto Firewalls, implemented Security Policies using ACL, Firewall, IPSEC, SSL VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
Experienced at integrating AWS (Transit Gateway, Direct Connect) and Azure (Traffic Manager, DDoS Protection) for secure, high-performance cloud networking.
Installing and configuring Firepower Management Center 6.0 on VMware and added ASA Sourcefire Agents as well as Firepower NGIPS for monitoring and management.
Client: Huntington Bank, Columbus, OH March 2023 – October 2023
Role: Network Security Engineer / NOC Engineer
Responsibilities:
Configured STP on Fortinet FortiSwitches to eliminate loops and provide dependable Layer 2 connection in business network settings. Configured WAN connections with Meraki and FortiGate SD-WAN.
Worked on the installation and configuration of Cisco ISR 800, 1000 series and ASR 1000 series routers.
Worked with configuring, monitoring, and troubleshooting Arista 7010X Series Cloud Switches.
Manage and maintain Fortinet Firewalls through IPv4 policies, traffic shaping, IPS, web filtering, interfaces, and routing.
Configured AWS networks including virtual networks, direct connect, regions and zones, network interfaces, VPC, IPSEC, SSL and EC2.
Implemented F5 BIG-IP APM version 13. x to provide secure remote access and single sign-on (SSO) solutions for enterprise applications.
Used Keysight's IxVeriWave purpose-built solution for testing Wi-Fi 6E products.
Configured and performed software upgrades on Cisco Wireless LAN Controllers (WLC) 2504, 4404,5508 for Wireless Network Access Control integration with Cisco ISE.
Experience with Zscaler Cloud Proxy Architecture with ZIA, traffic forwarding using GRE tunnels to Zcloud, Azure AD Authentication, Access policies, and ZCC 2.0 tunnel.
Integrated Splunk with cloud-based services (AWS, Azure) to monitor and secure hybrid network environments, providing end-to-end visibility and control.
Configured Citrix NetScaler for load balancing and assigned virtual server IP address to virtual servers.
Configuration and Administration of Alight Network Firewall to manage large-scale firewall deployments, Palo Alto, Cisco ASA-X Firepower, Juniper SRX, and Open-source BSD Firewalls.
Configured NSX-T Distributed Switch Policies for NSX support and Load Distribution.
Configured Fortinet Firewall administration of FortiGate 500D,3000,3815 series as per network diagram.
Maintained network performance by using SNMP monitoring tools such as SolarWinds and Omni Center to perform network monitoring, analysis as well as troubleshooting network problems.
Troubleshooting complex networks layer 1, 2 to layer 3 (routing with MPLS, BGP, EIGRP, OSPF protocols) technical issues.
Generated detailed incident reports using ServiceNow and JIRA after every major network event, providing insights and recommendations for future prevention.
Provided support for virtualized network environments using VMware vSphere and Microsoft Hyper-V, ensuring network stability and performance in virtual settings.
Installed and configured Cisco Meraki (MR66, MR18) wireless Access points in the warehouses from scratch.
Configure and Maintain Authentication Services such as Alight Cisco ACS and Aruba ClearPass around the environment with troubleshooting AAA (TACACS+ & RADIS) services for users.
Virtusa October 2019 – December 2022
Role: Network Support Engineer
Responsibilities:
Installed, set up, and supported wireless access points, switches, routers, firewalls, and other network gear and software.
Integrated LAN and WAN monitoring tools give full visibility into network performance and health, allowing for proactive management and trouble.
Performed rigorous testing on Wi-Fi routers, access points, and network cards to identify and address any issues.
Demonstrated unparalleled expertise in 802.11 standards, including a/b/g/n/ac/ax, Wi-Fi security modes, Wi-Fi Mesh network, Wi-Fi 6e, and Wi-Fi performance parameters.
Configured Ether channels, Trunks, VLANs, and HSRP in a LAN environment.
Implemented route redistribution between OSPF and EIGRP.
Provided end-user technical support for LAN and remote users in a 24/7 environment.
Configure Google Cloud Storage for effective data storage and retrieval, including the implementation of lifecycle policies and access controls to maintain data security and compliance.
Used SolarWinds and Nagios to monitor network performance, proactively identifying and resolving issues to maintain optimal operation.
Provided technical support to end-users through Remote Desktop and TeamViewer, resolving network-related issues and ensuring smooth operation of IT systems.
Configured and maintained site-to-site and remote-access VPNs using Cisco AnyConnect and Fortinet FortiGate to ensure secure remote access for users.
Provided support for wireless networks using Aruba AirWave and Cisco Wireless LAN Controller (WLC) to manage and troubleshoot Wi-Fi connectivity issues.
Managed IP address allocation and DNS/DHCP configurations using Infoblox to ensure efficient use of network resources and resolve IP conflicts.
Contact this candidate