Network Engineer Palo Alto
Resume:
Sandeep Nomula
Network Engineer Cloud Networking Security & Automation Specialist
Albany, NY, 12204 · ***************@*****.*** · 203-***-**** · http://www.linkedin.com/in/snomulas
Summary
Experienced Network Engineer with around 5 years of expertise in designing, optimizing, and securing enterprise and cloud-based network infrastructures. Skilled in Cisco ACI, SD-WAN, Palo Alto Firewalls, and Fortinet solutions. Led global deployments, firewall migrations, and automation initiatives across hybrid data centers and public cloud platforms (AWS, Azure). Proven ability to enhance uptime, streamline operations, and ensure compliance with PCI-DSS, HIPAA, and NIST standards.
Technical Skills
Networking: Cisco (Catalyst, Nexus, ACI), Cisco Wireless LAN Controllers (WLC), Cisco ISE, Aruba APs
Routing & Switching: BGP, OSPF, EIGRP, MPLS, VXLAN, EVPN, VLAN, STP, VTP, HSRP, vPC, Spine-Leaf
SD-WAN & WAN Optimization: Cisco Viptela, SilverPeak, Prisma
Firewalls & Security: Palo Alto (PA-VM, Panorama), Cisco ASA, Cisco Firepower, Fortinet FortiGate
VPN Technologies: IPSec, DMVPN, SSL VPN, Site-to-Site VPN, Cisco AnyConnect, Meraki VPN
Load Balancing: F5 LTM/GTM, A10, Citrix NetScaler
Network Automation: Python, Ansible, Terraform
Cloud Networking: AWS (VPC, VPN, Transit Gateway), Azure (ExpressRoute, VNet Peering, Virtual Network Gateway)
Monitoring & Troubleshooting: SolarWinds, Splunk, NetScout Pulse, Wireshark
Compliance & Security: HIPAA, PCI-DSS, NIST, ISO 27001, Zero Trust Architecture
Tools & Platforms: ServiceNow, Jira, SecureCRT, PuTTY, Cisco ACS, VoIP, Windows Server 2012
PROFESSIONAL EXPERIENCE
NY Office of Attorney General, Information Technology Specialist 2 07/2025 to Present
Monitor and maintain LAN/WAN infrastructure across multiple OAG locations, ensuring stable, secure, and high-performing network operations.
Support cloud networking configurations and services within Microsoft Azure, AWS, and Oracle Cloud Infrastructure, assisting with hybrid environment management and modernization efforts.
Manage and configure Cisco Meraki Wireless systems and Palo Alto firewalls, including VPNs and security policies, to uphold network security and accessibility.
Managing and Optimizing enterprise-wide SD-WAN deployments using Palo Alto Networks Prisma SD-WAN and Strata Cloud Manager, ensuring secure connectivity, centralized policy control, and high application performance across distributed locations.
Provide end-user support for networking, VOIP, and video conferencing systems, troubleshooting issues efficiently and contributing to continuous service reliability.
Fidelity Investments, Network Engineer 05/2024 to 06/2025
Contributed to a large-scale transformation project modernizing Fidelity’s branch and data center connectivity by migrating 100+ sites from legacy MPLS to Cisco SD-WAN (Viptela), improving availability and reducing circuit costs.
Engineered and deployed Cisco ACI with VXLAN and EVPN in the data center, integrating VTEPs and Spine-Leaf architecture to enable scalable hybrid-cloud connectivity with AWS and Azure.
Configured Cisco Nexus (7010, 9396, 5548) and Catalyst 9300 series switches to support Layer 2/3 designs across the new SD-WAN topology, ensuring fault tolerance with vPC and HSRP.
Designed and implemented network segmentation using VLANs and ACLs for zero-trust access enforcement, integrated with Cisco ISE and RADIUS to support 802.1x authentication.
Led the migration of firewall policies from Cisco ASA to Fortinet FortiGate, implementing advanced security profiles (IPS, threat protection) while maintaining compliance with internal audit policies.
Deployed and managed Palo Alto firewalls (PA-VM300, PA-5K) for data center edge security, integrating Wildfire threat intelligence, URL filtering, and custom rule tuning.
Automated repetitive tasks such as device configuration backups and ACL deployments using Python scripts and Ansible playbooks, reducing manual effort by 40%.
Used SolarWinds, NetScout Pulse, and DNAC to proactively monitor latency and packet drops during site cutovers, maintaining 99.5% uptime throughout the transition.
Collaborated closely with architecture and security teams during design and cutover phases; prepared change requests, rollback plans, and conducted post-migration validations for each site.
LTIMindtree, Network Engineer 05/2022 to 12/2022
Contributed to a global network transformation project involving the rearchitecture of WAN/LAN infrastructure and security enhancements across 50+ branch offices and data centers.
Configured and maintained core and distribution switches (Cisco Nexus 5K/7K, Catalyst 6800) and ASR 1001-X/1002-X routers to support high-throughput, resilient campus and WAN connectivity.
Implemented BGP, OSPF, and MPLS routing protocols to optimize inter-site communication, redundancy, and route failover across international links.
Led the migration of firewall rules from Cisco ASA to Check Point and Palo Alto (via Panorama), hardening the perimeter and aligning configurations with updated security baselines.
Designed and maintained secure VPN infrastructure, including IPsec site-to-site tunnels and Cisco AnyConnect SSL VPNs, enabling encrypted access for remote employees and branch offices.
Monitored and optimized network performance using SolarWinds, Splunk, and NetScout Pulse, reducing ticket volume by 30% through initiative-taking fault detection and resolution.
Cyient, Network Support Engineer 07/2019 to 04/2022
Deployed and maintained network devices including Cisco routers (3600, 2800, 2900) and switches (3750, 3850, 2960) across multiple regional offices, improving connectivity and reducing downtime.
Executed stacking, racking, and patch panel cable management of switches and routers, cutting hardware deployment time by 20% and improving physical network hygiene.
Configured VLANs, trunk ports, and STP features to ensure efficient Layer 2 segmentation and loop prevention, resolving misconfigurations during office expansions.
Monitored network health using SolarWinds and Wireshark, proactively identifying and remediating performance bottlenecks, reducing average troubleshooting time by 25%.
Set up Site-to-Site VPN tunnels for secure partner (B2B) communication and supported hybrid workload routing with Azure VNets and VPN gateways.
Installed and configured Windows Server 2012 environments including DNS, DHCP, and file server roles; managed user permissions and authentication for shared services.
Provided frontline support for Wi-Fi, LAN, and VPN access issues; coordinated with ISPs to resolve WAN outages and escalations.
Implemented and evaluated basic firewall access control policies on Cisco ASA to segment networks and block unauthorized traffic.
Maintained thorough documentation of network topologies, IP schemas, device configs, and SOPs for audit readiness and cross-team reference.
EDUCATION
University of New Haven, West Haven, CT 01/2023 to 12/2024
Master of Science in Cybersecurity & Networks GPA 3.7/4.0
Anurag University, Hyderabad, India 08/2016 to 07/2020
Bachelor of Technology GPA 9.3/10
CERTIFICATIONS
Cisco Certified Network Associate (CCNA)
Issued by: Cisco Verified at: https://www.credly.com/earner/earned/badge/e628447d-1b14-4119-b309-023a1f2dcc9e
Cisco Certified Network Professional (CCNP)
Issued by: Cisco Verified at: https://www.credly.com/earner/earned/badge/fbc3f08d-4b49-47a3-8606-7f2637ed1d16
Networks and Network Security
Issued by: Google Verified at: https://drive.google.com/file/d/15239nOQZP6oRpuJzrDJKC55GNZ9Tz77K/view?usp=sharing
KEY PROJECTS
Hybrid Network Modernization at Fidelity Investments: Led the migration of 100+ sites from MPLS to Cisco SD-WAN and deployed Cisco ACI for hybrid-cloud integration with AWS and Azure, improving network scalability and achieving 99.5% uptime during the transition.
Global Network Security Upgrade at LTIMindtree: Directed the firewall policy migration from Cisco ASA to Palo Alto and Check Point, implemented VPN and 802.1x authentication with Cisco ISE, and optimized routing protocols across 50+ global sites for enhanced security and performance
Infrastructure Rollout & Azure Integration at Cyient: Managed the deployment of Cisco routers, switches, and VPN connectivity across multiple offices, integrated Azure VNets for hybrid operations, and reduced troubleshooting time by 25% through initiative-taking monitoring with SolarWinds and Wireshark.
Contact this candidate