Network Security Engineer
Resume:
Manideep Reddy Aenugu
Senior Network Security Engineer
**********@*****.*** 518-***-****
https://www.linkedin.com/in/manideep-r-09a862225/
Summary:
Over 8.2 years of experience in networking industry for handling various switches and routed data networks, and broad range of related technologies.
Configured, installed, and maintained Palo Alto firewall devices, including PA-5000, and PA-3000 series.
Deployed and configured Fortinet firewalls to meet specific network security requirements, implementing firewall policies, access controls, NAT, VPN configurations, and high-availability setups.
Extensive experience working with Cisco Nexus platforms, including 5K, 7K, and 9K series switches, as well as Cisco Meraki MS250 and MS350 series switches.
Worked with Juniper networking solutions, including Secure Access (SA), MX80, MX104, MX240, and MX480 routers, EX2200, EX4200, EX4300 series switches, and SRX series firewalls.
Assisted in migrating from traditional network infrastructure to Cisco ACI, leveraging software-defined networking (SDN) for enhanced security and agility.
Hands-on experience configuring Viptela SD-WAN devices, including creating device and feature templates for streamlined deployment.
Proficient in routing protocols such as EIGRP, OSPF, and BGP, along with configuration and management of Meraki switches.
Configured network architecture on AWS, including VPCs, subnets, internet gateways, NAT gateways, and route tables.
Experienced in load balancing using F5 LTM and GTM, implementing iRules, and ensuring high availability for optimized traffic management.
Monitored network traffic and analyzed security logs using SIEM tools to detect and respond to security incidents and potential threats.
TECHNICAL SKILLS
Firewalls
Palo Alto (PA-5000, PA-3000, PA-1000 series), Fortinet firewalls (FortiGate1000, FortiGate60E, FortiGate200E, FortiGate1000F, FortiManager, FortiAnalyzer), Cisco Firepower (4115, 4125, 4145 series), Cisco ASA 5506-X, 5508-X series, Checkpoint R77.30 and R80.0
Data Center
Nexus (9300, 7000, 5000 series), Arista 7050SX3 and Juniper EX2200, EX2500, and EX3200 series
Cloud
AWS EC2, VPC, IAM, S3, CloudFront, RDS, Elastic Cache, Route53, CloudWatch, Cloud Formation, Amazon Elastic Map Reduce (EMR), and Azure Network Security Groups NSGs, VPC, Azure Firewall, Express Route.
Network Monitoring Tools
Solarwinds, Nagios, Wireshark.
Load Balancers
F5 BIG-IP i5000, r4000, r2000 series LTM, GTM and Load Balancers
SD WAN Technology
Cisco Viptela (vEdge, vManage, vSmart & vBond) Aruba S2500, 3800 and Meraki MR30H technology. PRISMA SD-WAN
Security
IPsec, VPN Configuration, VPN Concentrator, Authentication AAA TACACS RADIUS Ethereal, Encryption technologies like DES, 3DES, IPS.
PROFESSIONAL EXPERIENCE:
Verizon, Dallas, TX April 2024 - Present
Senior Network Security Engineer
Responsibilities:
Managed dynamic routing protocols, including BGP and OSPF, on PA-7000 series firewalls to optimize network routing and ensure failover capabilities.
Configured Panorama’s template and template stack features on VM-500 to standardize firewall configurations and streamline policy management across multiple devices.
Conducted threat simulations and tabletop exercises with WildFire to test incident response procedures and evaluate organizational readiness for cybersecurity incidents.
Customized Palo Alto dashboards and implemented custom widgets to display relevant security and network insights for different teams or departments.
Optimized Cloudflare firewall performance by enabling Rate Limiting rules, Bot Management, and API access.
Managed Layer 2 and Layer 3 services on Nexus 9K switches, including VLAN creation, routing, and inter-VLAN communication, to support real-time data transmission and network segmentation.
Configured and maintained Cisco ACI fabric components, including Spine and Leaf switches, to establish a highly automated and policy-driven network environment.
Used Prisma SD-WAN’s Zero Touch Provisioning (ZTP) capabilities to streamline deployment and minimize manual configuration tasks.
Implemented various AWS cloud storage services like S3 and Glacier to achieve scalable and secure data storage and retrieval.
Collaborated with third-party vendors and managed service providers to integrate Prisma SD-WAN with existing network infrastructure.
Maintaining security vulnerabilities by patching ESXi, vCenter and VMware application to latest patch level, using Auto deploy rule and VMware manager
Implemented Python Bash scripts for configuration management, automating the deployment of security updates and patches across network assets.
Monitored firewall analytics using Cloudflare Security Insights to proactively identify and mitigate threats targeting public-facing web services.
Worked on Wireshark to capture and inspect packets, facilitating the identification of suspicious activities, unauthorized attempts, and potential breaches.
Operated and maintained (O&M) the Meraki Clear Pass Policy Server and the Meraki Airwave Wireless Intrusion Detection System.
Deployed F5 BIG-IP Distributed Cloud Wen Application Firewall (WAF) on rSeries, preventing SQL injection, cross-site scripting (XSS), and API abuse.
Monitored network and system activities in real-time using SIEM platforms, such as Splunk, to identify and respond to security threats promptly.
Continuously monitored processes using Cisco Tetration, ensuring ongoing visibility into application behaviors and network traffic for swift threat mitigation.
Configured and maintained Cisco ISE profiling and endpoint identity services using Cisco Catalyst 9300 series switches for precise device identification and access control.
Developed custom scripts and automation workflows to enhance INFOBLOX capabilities in AWS, automating routine tasks and improving operational efficiency.
Evaluated and selected security vendors and technologies in the ISEC environment based on organizational security requirements and goals.
Implemented AWS Amazon GuardDuty for continuous threat detection, monitoring AWS accounts for suspicious activity and potential security threats.
Worked on implementing automated deployment scripts using Ansible to streamline the patching process and ensure consistency across the network infrastructure.
Working with F5 LTM sessions and manipulating session using iRule and configuring and maintaining WebTop’s and Portal Access
Configuring Bot Defense on F5 BIG-IP i4800, blocking malicious bot traffic while allowing legitimate users through behavioral analysis.
Developed compliance reports using Python scripting and Ansible to demonstrate adherence to security standards and regulations, facilitating audit and compliance efforts.
Fannie Mae, Chicago, IL Sep 2022 – March 2024
Senior Network Security Engineer
Responsibilities:
Successfully blocked malicious DNS queries by redirecting them to a controlled environment within PA-5000, preventing access to harmful domains and IP addresses.
Configured and monitored Palo Alto Networks firewalls using the Panorama central management platform to streamline security policy enforcement across multiple PA-5000 series firewalls.
Integrated Palo Alto PA-5000 series firewalls with AWS Virtual Private Clouds (VPCs) to extend on-premises security policies to the cloud, ensuring a unified security posture.
Leveraged AWS Configuration for real-time monitoring of Palo Alto Firewalls and auditing AWS resources, enhancing visibility into cloud security events.
Assisted in designing and configuring Fortinet FortiGate 60 series firewalls, implementing security policies, and setting up VPN configurations.
Collaborated with the team to optimize FortiGate firewall rules and policies for improved performance and security efficiency.
Conducted in-depth traffic analysis and performance monitoring within the Cisco ACI fabric using tools like Cisco Nexus Dashboard to proactively identify and mitigate performance bottlenecks and security threats.
Implemented security policies and micro-segmentation within Cisco ACI using Contracts and Filters to regulate traffic flows and prevent unauthorized access.
Collaborated with Cisco Viptela technical support and engineering teams to escalate and resolve complex technical challenges, ensuring smooth SD-WAN operations.
Conducted regular audits and assessments of Cisco ISE 3000 configurations and policies to identify potential security vulnerabilities and ensure compliance.
Provided support for VPN connectivity, content filtering, and Intrusion Detection System (IDS) configurations within Cisco Meraki MX appliances to enhance branch office security.
Implemented VRRP and HSRP on Arista 7000 switches in the secondary data center to ensure high availability (HA) and fault tolerance for gateway services.
Used real-time DNS data from Infoblox to investigate security incidents and rapidly mitigate potential threats.
Coordinated with the security team on SIEM platforms to monitor, correlate, and analyze security events within the ISEC environment.
Worked on Illumio’s application dependency mapping features to create accurate and up-to-date visualizations of application communication patterns, aiding in security policy definition.
Worked in analysed the Policy rules, monitor logs and documented the Network/Traffic flow diagram of the SRX firewalls placed in the Data Centre with MS Visio.
Worked with Aruba AirWave for network monitoring and management, ensuring real-time visibility into wireless network performance, usage, and security.
Installed and upgraded VMware ESXi 5.5 to ESXi 6.0 using VUM and managed VMware ESXi hosts using vSphere client and web client
Configuring and deploying of Juniper MX series routers (1600, 2600, 2800, 3600 and 7300) and Juniper EX series switches (2900, 3550, 4500 and 6509).
Working as a team member of Network operations WAN team. Handling incidents, VPN tunnel configuration, SD-WAN Viptela issues.
Worked on Splunk to collect, parse and analyse large volumes of log data from various data from various sources, enabling quick detection of anomalies and potential security incidents.
Assisted in configuring and fine-tuning security groups and Network Access Control Lists (NACLs) to regulate inbound and outbound traffic to EC2 instances, reinforcing cloud network security.
Integrated EC2 instances with Elastic Load Balancers (ELBs) using network adapters to distribute traffic efficiently and enhance system availability.
Worked with the team to integrate F5 Web Application Firewall (WAF) services with F5 BIG-IP 2000 series LTM devices to protect web applications against security threats and vulnerabilities.
Implemented content compression techniques on F5 BIG-IP 1600S Series LTM devices to minimize bandwidth usage and accelerate content delivery.
AbbVie Pharmaceuticals, Chicago, IL Nov 2019 – July 2022
Network Security Engineer
Responsibilities:
Configuring and administration of Checkpoint firewall and creating access rules for network traffic.
Working on checkpoint Level3 operations support with hardware operations fixed all problems RMA’s taking any escalations that dealt with the equipment and its connection.
Maintain and Provide support for LAN/WAN infrastructure as needed, including working on specific hardware such as switches, routers, PIX, ASA firewalls, wireless Aps, VPN Concentrators, frame relay, IPSEC VPN and other entities.
Assisted with installing Juniper firewalls to replace existing Firewalls which increased network uptime.
Working understanding of Linux systems administration and monitoring of RedHat enterprise Linux systems 4 and 7
Working responsible for management of all the WAN using the monitoring tools ITSM.
Worked on install and deploy of Juniper MX300, MX900, MX1600 and MX2900 series routers and Juniper EX500, EX1200, EX1800 and EX2800 series switches.
Ability to create and utilize AWS cloud formation/Terraform templates to automate creation of AWS images
Experienced on IOS up-gradation, backup of network devices on Nexus 5k and 3k switching devices.
Worked on Juniper ACS server (AAA Server) management, User database management, configuration privilege level, and command authorizations using TACACS+.
Experience in configuring and troubleshooting IPSEC site to site VPN solutions.
Experience with F5 Load Balancing and creating VIP pools, node, pool members, Monitoring in F5-LTM.
Created a backup and recovery policy for software application and verified peripherals are working properly.
Genpact, India Dec 2016 – Oct 2019
Network Support Engineer
Responsibilities:
Configuring and troubleshooting Switching and Routing protocols OSPF, BGP including traffic filtering at ABRs and ASBRs.
Installing and configuring wireless AP’s to provide network connectivity to various buildings.
Migrating cisco 3350 switches to 3750 PoE switches to provide support to Wireless Aps.
Assisted, Installing and configuring remote sites to be able to connect to the core network.
Configured and verified redundancy protocols HSRP on Cisco Layer 3 devices for load balancing and fail over.
Providing Load balancing to clients for using F5 Load balancers.
Experience in configuring the Netscaler Appliance for Audit Logging, Installing and Configuring the NSLOG Server.
Education: - Masters of Science in Cyber Security, Sacred Heart University, CT, 2023
Bachelors in Electronics and Communication Engineering, CVSR College of Engineering, Hyderabad, 2018
Certifications: CCNA - Cisco Certified Network Associate
CCNP - Cisco Certified Network Professional
Contact this candidate