Post Job Free
Sign in

Network Engineer Palo Alto

Location:
Irving, TX
Posted:
August 06, 2025

Contact this candidate

Resume:

Abhishek Reddy

Sr. Network Engineer

***************@*****.*** +1-214-***-**** LinkedIn

Sr.Network Engineer with over 8 years of experience in network design, security, and infrastructure management. I specialize in firewalls, load balancers, SD-WAN, cloud networking, and Cisco routing & switching. My work focuses on keeping networks secure, improving performance, and making sure systems run smoothly.

Firewall & Network Security: Strong expertise in Palo Alto (PA-2K/3K/5K), Cisco ASA (5505/5510), Juniper SRX, and Check Point firewalls. Designed and enforced advanced firewall policies using APP-ID, NAT, SSL Decryption, GlobalProtect, User-ID, and Security Profiles. Implemented Zero Trust Network Access using Palo Alto NGFWs to enable secure, granular access for remote users. Deployed and managed Zscaler Internet Access (ZIA) and ZPA to protect hybrid environments and reduce the attack surface. Configured web filtering, DLP, and threat protection policies aligned with industry compliance standards. Set up DMZ environments, configure RADIUS/TACACS+ for secure access control.

Cisco DNA Center & Network Automation: Used Cisco DNA Center to automate network operations, policy enforcement, and assurance. Developed Python scripts to automate VLAN configuration, device connectivity, and network validation. Proficient in Ansible, Terraform, and Palo Alto APIs for Infrastructure as Code (IaC) and security automation. Reduced manual errors and configuration time by 40% through scripting and policy automation.

Cisco Catalyst & Nexus Platforms: Hands-on experience with Cisco Catalyst (3550, 3750, 4500, 6500) and Nexus (2K, 5K, 7K, 9K) series. Configured advanced features such as STP, RSTP, MST, EtherChannel, HSRP, VLANs, and VTP. Deployed VDC, VPC, and OTV to support scalable, multi-tenant data center environments. Worked extensively with Nexus 5K aggregation switches and 2K fabric extenders.

SD-WAN & WAN Efficiency: Deployed Cisco Viptela and Riverbed Steel Connect SD-WAN for multi-site hybrid WAN connectivity. Configured traffic engineering, application-aware routing, QoS, and secure overlays. Integrated SD-WAN with Zscaler for secure direct-to-cloud access and policy enforcement. Reduced latency and improved uptime across MPLS and broadband circuits.

Network Design & Deployment: Led the planning, validation, and deployment of secure, high-performance enterprise networks. Created comprehensive High-Level and Low-Level Design documents for scalable architectures. Designed and extended VLANs for inter-DC connectivity, and optimized resource allocation using VLSM and subnetting. Implemented routing policies using RIP, EIGRP, OSPF, BGP, and MP-BGP.

Cloud Networking & Protection: Designed secure cloud networks using AWS (VPC, Direct Connect, Shield, Route 53) and Azure (VNets, ExpressRoute). Implemented site-to-cloud VPN tunnels and hybrid interconnects for seamless cloud integration. Built firewall, routing, and segmentation policies for workloads in AWS and Azure environments. Automated cloud deployments using Terraform and Python.

Wireless Infrastructure & Security: Deployed Aruba (2530–8400 series) and Meraki MX/MS/MR switches and access points across large enterprise sites. Implemented 802.1x with Cisco ISE and Aruba ClearPass for wired/wireless access control. Conducted wireless RF planning, ClientMatch tuning, and site surveys to enhance coverage and performance. Configured guest portals and secure SSIDs for BYOD environments.

Project Execution & Change Management: Executed multi-site migrations, firewall transitions, and wireless upgrades with minimal downtime. Skilled in risk assessment, impact analysis, and stakeholder communication for seamless cutovers. Developed SOPs, Visio diagrams, and RCA reports to standardize network changes and documentation.

Client Engagement & Collaboration: Collaborated with cross-functional teams (security, cloud, infrastructure) for successful network rollouts. Provided operational handovers, technical documentation, and user training on new platforms (SD-WAN, Zscaler, Meraki). Delivered support during critical incident bridges, working with ISPs, RF, and cloud teams to restore services. Consistently met SLA targets and maintained >99.5% uptime across environments. Collaborated with OT teams for secure integration of SCADA networks into the enterprise firewall architecture. Applied microsegmentation policies and VLAN separation in compliance with ICS security frameworks.

Certifications:

CCNP - Cisco Certified Network Professional – CSCO14869024

CCNA - Cisco Certified Network Associate – CSCO13758913

Technical Skills:

Router platforms

Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series), Nexus 9K, 7K, 5K, 2K & 1K.

Switch platforms

Cisco 2900XL, 2950, 2960, 3560, 3750, 4500 and 6500, Nexus (2K, 5K, 7K and 9K) Aruba 2530, 2540, 2930F, 6300M, and 8400 series switches

Juniper Platforms

SRX, Series Routers and Switches

Networking Concepts

Access-lists, Routing, Switching, Subnetting, Designing,, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall

Palo Alto Networks, Juniper Netscreen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, CheckPoint ( NGX 60, NGX R65, R70, R75, R76, R77.10, R77.30 ), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Firewall (PA-2K, PA-3K and PA-5K)

Network Management/Monitoring

Solar winds, HP NNMi 8xi (Network Node Manager), Net flow and Ethereal / Wireshark, Cisco DCNM, ServiceNow

Load Balancers

F-5 BIG-IP LiTM 2000, 3900, 5000, 6400, 6800 and 8900, Bluecoat SG8100, AV 510.

WAN technologies

MPLS, leased lines & exposure to PPP

LAN technologies

Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port-channel, VLANs, VTP, STP, RSTP, 802.1Q

Security Protocols

IPsec, SSL, SSL-VPN

Networking Protocols

RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System

Windows 7/XP, MAC OS X, Windows Server 2008/2003

Cloud

Azure, AWS

Education:

Master’s in information technology - Indiana Wesleyan University

Bachelor’s in computer science – Guru Nanak Institute of Technology.

Professional Experience:

Cerner Health, Overland Park KS January 2024 – Till Date

Sr. Network Engineer

Responsibilities:

Firewall & Security

Designed, configured, and managed Palo Alto firewalls (PA-3200, PA-5220) for enterprise, cloud (AWS, Azure, Snowflake), and data pipeline security.

Deployed advanced Palo Alto NGFW features including App-ID, URL filtering, intrusion prevention, and NAT rules for comprehensive threat prevention.

Automated firewall configurations using Palo Alto APIs, Terraform, and Ansible, reducing manual errors and improving operational efficiency.

Enforced Zero Trust architecture using Palo Alto NGFWs to secure data pipelines and reduce attack surface across hybrid environments.

Implemented and maintained Zscaler Internet Access (ZIA) and Private Access (ZPA) to secure remote connectivity and enforce real-time threat protection.

Configured Zscaler policies for web filtering, DLP, and compliance enforcement across internet-facing traffic.

Led secure remote access initiatives through ZPA and optimized policy management for dynamic enterprise needs.

Switching & Routing:

Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 9K, 7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600 and Cisco catalyst 6500, 4500 series switches.

Configured and managed Cisco ISE for network access control (NAC), ensuring secure and seamless user authentication, authorization, and accounting (AAA) for wired and wireless networks.

Integrated Cisco ISE with Active Directory and LDAP for centralized authentication and authorization, streamlining user management across the enterprise.

Integrated Cisco ISE with network devices (routers, switches, wireless controllers) for dynamic VLAN assignment and per-port security to enforce corporate security policies.

Worked on Cisco 6509 and 4507 series switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.

Responsible for Windows 2000/2003 server, DNS, and TCP/IP support.

Installation, Configuration and troubleshooting of DNS and DHCP.

SD-WAN & WAN Optimization:

Designed and implemented scalable SONET-based networks and optimized DWDM systems to enhance bandwidth, signal integrity, and long-distance fiber performance.

Led seamless SONET-DWDM integration by coordinating wavelength management, clock synchronization, and bandwidth allocation.

Engineered integrated WAN/SD-WAN solutions using Cisco Viptela and Riverbed SteelConnect, enabling hybrid WAN migration with minimal disruption.

Configured and supported IS-IS routing in conjunction with BGP/OSPF during SD-WAN and datacenter interconnect deployments.

Defined and enforced SD-WAN traffic engineering, routing policies, and QoS for critical applications (voice/video), ensuring performance and reliability.

Leveraged SD-WAN analytics to monitor network health, proactively troubleshoot, and optimize traffic paths.

Managed vendor relationships, conducted assessments, and led SD-WAN upgrade strategies in alignment with business goals.

Delivered end-user training and best practices documentation to maximize SD-WAN adoption and operational efficiency.

Cisco DNA Center

Led the implementation and configuration of Cisco DNA Center (DNAc) to automate and simplify network management, enabling end-to-end visibility and control over network infrastructure.

Deployed Cisco DNA Center for centralized network management, facilitating seamless integration with Cisco Catalyst and Nexus switches, routers, and access points for enhanced network operations.

Built custom dashboards in Cisco DNA Center for visualizing key performance indicators (KPIs) and network traffic patterns to facilitate troubleshooting and improve operational efficiency.

Utilized Cisco DNA Center’s Security Group Tagging (SGT) feature for network segmentation, ensuring security compliance across dynamic and scalable network environments.

Automation & Virtualization

Wrote Python scripts to automate VLAN assignments, IP address configurations, and interface settings on network switches and routers, streamlining network provisioning tasks.

Developed Python scripts to automate the execution of network tests such as ping tests, traceroutes, and connectivity checks, validating the health and performance of network links.

Proficient in implementing Infrastructure-as-Code (IaC) principles using tools like Terraform and Ansible to automate the provisioning and configuration of network infrastructure, ensuring consistency and efficiency.

Possess excellent Windows server skills in the areas of Active Directory, Domain architecture, TCP/IP, DNS, Wins system, availability, scheduling, server capacity and performance.

Supported VMware environments and Windows Server 2000/2003 for DNS and TCP/IP support.

Worked on configuring and troubleshooting Nodes, Pools, Profiles, Virtual Servers, SSL Certificates, iRules, and SNATs on the F5 Big IPs using the Web GUI and CLI.

Cloud Networking & Security

Designed and deployed scalable cloud solutions on Microsoft Azure, resulting in a reduction in infrastructure costs and improved system performance.

Managed Azure virtual machines, storage accounts, and networking resources to ensure high availability and disaster recovery capabilities for critical applications.

Implemented Azure Active Directory for user authentication and access management, enhancing security and enabling single sign-on across multiple cloud services.

Integrated Zscaler and Palo Alto solutions with Azure for secure connectivity.

Supported hybrid cloud infrastructures with VPNs, disaster recovery plans, and cloud-based firewall implementations.

Wireless Security & Management

Successfully deployed and managed Aruba WLAN infrastructure to provide wireless connectivity across the organization.

Deployed and managed Meraki MX and MS series devices to optimize network performance and ensure seamless connectivity for a multinational organization.

Implemented Aruba ClearPass and Cisco ISE for network access control, authentication, and policy enforcement.

Installed, configured, and optimized Aruba Access Points (APs) to ensure seamless coverage and high-performance wireless connectivity.

Demonstrated expertise in RF planning and conducted site surveys for wireless optimization.

Implemented Meraki wireless solutions, including access points and wireless LAN controllers, resulting in an improvement in network reliability and coverage.

Network Monitoring & Observability

Utilized Optical Performance Monitoring (OPM) tools to ensure signal integrity and reliability across fiber links.

Utilized SolarWinds, Cisco Prime, DNA Center, and DCNM for centralized monitoring.

Integrated GTM with LTM for seamless application delivery and disaster recovery scenarios across global nodes.

Configured dashboards for real-time visibility into KPIs and network health.

Produced detailed network test reports highlighting methodologies, results, and recommendations for optimization.

Provided SD-WAN operational training and documentation to ensure smooth adoption.

Troubleshot transport and routing issues and ensured SLA adherence during outages and major incidents.

State Street Corporation, Boston, MA November 2022 – December 2023

Sr. Network Engineer

Responsibilities:

Elevated Security Posture & Optimized Network Infrastructure:

Configured static and dynamic routing protocols (IGRP, EIGRP, OSPF) on Cisco 1600–7300 series routers; deployed ACLs and QoS on Nexus 9K for traffic prioritization and enforcement.

Designed DMZ zones in primary/redundant data centers using ASA firewalls, IPS/IDS, and advanced switching/routing to support secure perimeter architectures.

Implemented Check Point firewalls (NG to R77.30) and site-to-site VPN tunnels using Cisco ASA and Juniper SRX, customizing Phase 1/2 configurations and performing BGP route filtering.

Integrated and maintained Cisco ISE for posture checks, centralized AAA, HA, and third-party integration with AMP, Firepower, and AnyConnect for Zero Trust enforcement.

Conducted log analysis via Palo Alto Panorama, optimized firewall rules, and ensured protocol-level policy enforcement across Palo Alto firewalls.

Implemented ZTNA and Zero Trust with Palo Alto and Cisco ISE.

Led ZTNA policy deployment, enabling secure remote access for distributed workforces without traditional VPN reliance.

Created Cisco ISE documentation and troubleshooting guides, reducing MTTR and improving security compliance.

Secured Virtualized Environments & Cloud Infrastructure:

Architected and deployed secure cloud infrastructures on AWS, Azure, and GCP, including VPCs, subnets, Direct Connect, and multi-tier isolation for high availability (99.99% uptime).

Designed fault-tolerant AWS environments using Auto Scaling, ELB, and Route 53; optimized connectivity via AWS Direct Connect for low-latency, high-speed access.

Deployed Palo Alto Strata across multi-cloud platforms, integrating Cortex XDR with SIEM tools (Splunk, QRadar, ELK) for threat detection and automated response.

Implemented advanced security controls including DNS Security, SSL decryption, and URL filtering to prevent malware, phishing, and unauthorized API access.

Ensured cybersecurity compliance through penetration testing (Nmap), monitoring, and integration with orchestration tools.

Supported cloud-native application architectures and collaborated with dev teams to secure web infrastructures.

Administered Linux-based servers (CentOS, Ubuntu, Red Hat), performing kernel-level troubleshooting and system optimization.

Optimized WAN Connectivity & Application Performance:

Designed and deployed Cisco Viptela SD-WAN architecture (vBond, vSmart, vManage) for secure, resilient WAN routing across hybrid and multi-cloud environments.

Configured Viptela edge routers, security policies (encryption, firewall, Zero Trust), and centralized vManage for end-to-end visibility and performance optimization.

Configured dual WAN uplinks with automated failover and link quality measurement for business-critical VoIP and video services.

Integrated SD-WAN with cloud platforms (AWS, Azure) for direct cloud access, reducing latency and eliminating data backhaul.

Deployed and managed Riverbed SteelConnect SD-WAN for distributed enterprise networks, improving application performance and reducing operational overhead.

Delivered SD-WAN solution upgrades and vendor coordination; provided user training and documentation to ensure operational efficiency.

Wireless & Network Management:

Designed and managed Cisco, Meraki, and Aruba WLAN/Wi-Fi infrastructures across enterprise environments.

Deployed and configured Aruba access points, switches (2530–8400 series), and implemented high availability using STP, VSF, and EtherChannel.

Configured F5 GTM for DNS-based global traffic distribution, improving application availability and response times across multiple data centers.

Deployed Cisco ACI fabric using APIC controllers, configuring tenants, bridge domains, and contracts for secure application segmentation.

Administered Meraki and Aruba Central dashboards for real-time wireless network monitoring, diagnostics, and performance optimization.

Implemented advanced wireless security with WPA3, 802.1X, role-based access, and guest networks via Aruba ClearPass and captive portals.

Client: Biogen, Cambridge, MA Duration: May 2021 – August 2022

NetworkEngineer

Responsibilities:

Network Infrastructure & Operations:

Proficient in configuring virtual LANs (VLANs), VPC, and fabric extender (FEX) technologies to create resilient and high-performance data center network architectures.

Designed and maintained leaf-and-spine topologies for data center networks, ensuring low-latency, high-throughput connectivity between servers and storage.

Created detailed network architecture diagrams using tools like Microsoft Visio, Lucidchart, and draw.io, representing complex network infrastructures and ensuring clear communication of network design to cross-functional teams.

Leveraged network diagramming tools to visualize IP address schemes, routing protocols, firewall policies, and network device placement, helping to plan and execute network expansions and optimizations.

Designed and deployed spine-and-leaf architectures using Arista switches for scalable, low-latency data center networks.

Expertise in deploying and managing Meraki cloud-managed networking solutions, including Meraki access points, switches, and security appliances.

Routing, Switching & WAN Technologies:

Configuration, operation and troubleshooting of BGP, OSPF, EIGRP, RIP, VPN routing protocol in Cisco Routers & L3 Switches.

Expertise in BGP and OSPF routing protocols on Arista switches to optimize network traffic and ensure redundancy.

Skilled in utilizing Amazon Route 53 for domain registration, DNS management, and global traffic routing to improve application availability and reliability.

Proficient in setting up VPC peering connections and Transit Gateways to establish secure and scalable communication between AWS environments.

Proficient in configuring and managing Network Address Translation (NAT) policies on various firewall platforms, including Cisco ASA, Palo Alto, and Check Point.

Implemented dynamic NAT and PAT (Port Address Translation) to enable multiple internal network devices to share a single public IP address, optimizing resource utilization.

Firewall & Security Management:

Designed and implemented firewall policies, NAT rules, and VPNs (site-to-site, remote, SSL) across Palo Alto, Juniper SRX, and NetScreen SSG platforms.

Designed and implemented FortiGate firewall policies to segment internal and external traffic, reducing the attack surface across cloud and on-prem environments.

Administered Juniper firewalls using Junos OS (CLI & Security Director) and NSM for centralized policy management and troubleshooting.

Handled daily firewall provisioning, log analysis, and user issue resolution using Smart Utilities and CLI.

Configured and maintained secure IPsec tunnels for communication between distributed sites and data centers.

Monitoring & Change Management:

Designed and implemented Aruba Wireless LAN (WLAN) infrastructure, including the integration of Aruba AirWave and Aruba ClearPass for centralized network management and security policy enforcement.

Implemented Aruba ClearPass for network access control, authentication, and policy enforcement, enhancing network security and compliance.

Deployed and managed Aruba Mobility Controllers and Aruba Access Points (APs) to provide reliable and scalable wireless solutions for organizations with high-density environments.

Conducted site surveys and RF (Radio Frequency) planning to optimize Aruba wireless network coverage, signal strength, and capacity, improving user experience and reducing network interference.

Implemented Aruba ClientMatch technology to intelligently manage client devices and ensure optimal wireless performance by directing clients to the best AP.

Proficient in deploying and managing Aruba wireless solutions, including Aruba Instant On and Aruba OS-based access Points and Controllers.

Deloitte, NYC NY March 2019 – April 2021

Network Engineer

Responsibilities:

Data Center & Network Infrastructure:

Configured and troubleshooted Cisco routers and switches (7200, 6500, 4500, 1700, 2600, and 3500 series), including bridging, switching, routing, Ethernet, NAT, and DHCP.

Successfully deployed VLANs to isolate broadcast domains, optimize network performance, and enhance security.

Proficient in configuring and optimizing Spanning Tree Protocol (STP), including RSTP and MSTP.

Managed VLAN assignments for thousands of network devices, ensuring efficient resource utilization and traffic segregation.

Configuring HSRP between VLANs, configuring EtherChannels and Port-Channels on Cisco 6500 Catalyst switches.

Managed HSRP configurations for core network devices, guaranteeing uninterrupted service for end-users.

Network Security & Firewall Management:

Implemented robust security practices, including access control lists (ACLs), intrusion detection systems (IDS), and intrusion prevention systems (IPS).

Implemented OSPF authentication and access control lists (ACLs) to enhance network security and protect against unauthorized access.

SD-WAN & Routing Technologies:

Configured and monitored routing protocols such as BGP, EIGRP, and OSPF.

Optimized OSPF configurations for fast convergence and reduced routing overhead.

Proficient in configuring BGP to manage internet routing and establish peering relationships with ISPs.

Deployed Versa Secure SD-WAN across 50+ branch offices, enabling intelligent traffic steering and application-aware routing.

Expertise in configuring and maintaining EIGRP routing protocols to facilitate efficient communication within enterprise networks.

Designed EIGRP-based network architectures, optimizing routing tables and minimizing routing updates.

Network Automation & Monitoring:

Packet Trace Analysis: Skilled in capturing and analyzing network packets using tools like Wireshark.

Proficient in leveraging Splunk for log analysis, real-time monitoring, and creating custom dashboards.

Worked with SolarWinds for network performance monitoring and visibility.

DNS, DHCP, & IPAM Management:

Monitored DHCP server performance and utilization, ensuring efficient resource allocation and timely lease renewals.

Managed DNS records and zone files efficiently using GUIs and CLIs provided by various DNS software.

Governance, Compliance & Operations:

Designed and implemented QoS policies to prioritize network traffic, ensuring consistent and reliable performance for critical applications.

Successfully managed large-scale network environments by designing and maintaining STP-based topologies to prevent broadcast storms and ensure network availability.

Ericsson, Bengaluru, India June 2017 – February 2019

Network Engineer

Responsibilities:

Designed and Implemented Network Solutions for Global Clients:

Configured Client VPN technologies, including Cisco’s VPN client via IPSEC.

Implemented VLANs between different departments and connected them using a trunk by keeping one VLAN under server mode and the rest under client mode.

Switching related tasks included implementing VLANs and configuring ISL trunk on Fast-Ethernet channel between switches.

Administered and supported Cisco-based Routing and Switching environments. VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.

Worked in a dynamic routing enterprise network environment - OSPF & BGP for external connectivity. Physical cabling, IP addressing, and Wide Area Network configurations (Frame Relay).

Developed Expertise in Network Support and Troubleshooting:

IOS Upgrades from 7.x to 8.x, as well as backup and recovery of configurations.

Deployed a Syslog server to allow proactive network monitoring.

Installed Windows Server 2003, configured IP addresses, network printers and Client Access for PCs.

Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, and Overlapping Address Translation.

Strengthened Network Security and Gained Hands-On Experience:

Configured Firewall logging, DMZs, and related security policies and monitoring.

Responsible for PIX 7.x/8.x & ASA 8.x Firewall migration, in-place hardware upgrades, troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, and DMZ Implementation and Troubleshooting.

Collaborated, Learned, and Contributed:

Actively contributed to enterprise-level configuration and monitoring of secure infrastructure.

Applied theoretical and practical skills across multiple platforms (Cisco, Windows Server, Syslog) to ensure production-ready deployments and ongoing support.



Contact this candidate