Network Engineer Palo Alto

SUMMARY

NAVYA SRI NEKKALAPU

Phone: +1-689-***-**** Email: *****************@*****.***

Network Engineer with 4+ years of hands-on experience designing, deploying, and securing enterprise LAN/WAN, SD-WAN, and cloud-integrated networks across multi-site environments. Skilled in optimizing routing protocols (OSPF, BGP), enhancing wireless coverage, and implementing secure perimeter controls using Cisco ASA, Palo Alto, and Fortinet firewalls. Experienced in network automation with Python and Ansible, reducing operational overhead and improving configuration consistency. Adept at integrating Cisco ISE for 802.1X NAC, managing IPAM/DNS/DHCP with Infoblox, and monitoring performance using SolarWinds, PRTG, and Nagios. Proven track record in cutting network downtime, improving application performance, and ensuring compliance with industry security standards.

SKILLS

Core Networking: LAN/WAN Design, Routing (OSPF, BGP, EIGRP), Switching (VLANs, EtherChannel), NAT, PAT, IPv4/IPv6, TCP/IP,

DHCP, DNS, SNMP, QoS, HTTPS

Routing Technologies: MPLS, DMVPN, SD-WAN, Static Routing, VRRP, VTP, HSRP, GLBP

Switching Technologies: STP, RSTP, LACP, Inter-VLAN Routing

Network Security: Cisco ASA, Palo Alto, Fortinet, VPN (IPSec, SSL), IDS/IPS, NGFW, ACLs, NAC (Cisco ISE), TACACS+, RADIUS, 802.1X

Wireless Technologies: Cisco WLCs (5508, 8510), Cisco Aironet APs, Aruba Controllers, Aruba Central, WPA2/WPA3, Wi- Fi 6 (802.11 a/b/g/n/ac/ax), Meraki Wireless

Monitoring & Diagnostics: SolarWinds, PRTG, Wireshark, Tcpdump, Nmap, Ping, Traceroute, Nslookup, Infoblox, NetFlow, Nagios, Netstat

Network Tools & Platforms: Cisco IOS/NX-OS, JunOS, Meraki Dashboard, SecureCRT, GNS3, IPAM

Automation & Scripting: Python (Netmiko, NAPALM), Ansible, Cisco DNA Center, REST APIs

Cloud & Virtualization: AWS (VPC, Transit Gateway), Azure (VNets, ExpressRoute), VMware NSX, Cisco ACI, Hyper-V, Site- to-Site VPN, vSphere

Operating Systems: Windows Server, Linux (Ubuntu, CentOS), Cisco IOS/XE/NX-OS, PAN-OS, Junos OS

Documentation, Diagrams & Tools: Visio, Lucidchart, Network Diagrams, Runbooks, ServiceNow, Jira, Confluence

Compliance & Standards: ISO 27001, NIST 800-53, PCI-DSS, ITIL v4 EXPERIENCE

Nex-Tech Communication Nov 2023 – Current

Network Engineer

Noticed frequent routing instability between sites, traced it to outdated configurations, and redesigned the OSPF and BGP topologies to improve convergence speed and cut failover time by more than half.

Discovered inconsistent firewall rules causing blocked business-critical traffic; consolidated ACLs and NAT rules on Cisco ASA and Palo Alto firewalls, reducing troubleshooting tickets from end users.

Conducted on-site and remote Ekahau wireless surveys after staff reported dead spots in manufacturing areas, repositioned APs, and tuned channels, improving signal strength in problem zones by 40%.

Found that manual configuration backups were often missed; built a Python + Netmiko automation script to run nightly backups and compliance checks, ensuring up-to-date configs for audits.

Identified unmanaged network access in lab areas; implemented 802.1X authentication using Cisco ISE with AD integration, ensuring only authorized devices connected to sensitive VLANs.

Noticed inconsistent IP allocation causing conflicts; restructured DHCP scopes and centralized IPAM management in Infoblox, reducing duplicate IP incidents to zero.

Detected that downtime alerts were delayed; tuned SolarWinds NPM and IP SLA thresholds for faster detection, enabling the team to address issues before users reported them.

Documented every network change in MS Visio and ServiceNow, which reduced handover confusion for the on-call team and helped pass internal IT security audits without rework. Sundaram Finance Feb 2020 – Dec 2022

Network Support Engineer

Realized MPLS circuits were expensive and underutilized; piloted Meraki SD-WAN at two sites, measured performance gains, and then rolled it out company-wide, cutting WAN costs by 50%.

Detected poor VoIP call quality over certain branches; created traffic shaping rules in SD-WAN to prioritize voice and video, which stabilized call quality across all offices.

Found loop prevention inconsistencies in older switches; cleaned up VLAN configurations, standardized STP settings, and set up EtherChannel links to improve Layer 2 stability.

During firewall audits, noticed unused or overly permissive rules; worked with security to remove them, tightening access without breaking legitimate workflows.

Saw authentication gaps in branch offices; deployed Cisco ISE for wired/wireless 802.1X, integrating with RADIUS and AD to enforce consistent access control.

Identified latency in applications hosted in Azure; redesigned routing between on-prem data centers and Azure VNets using optimized VPN Gateway paths, lowering response times by 30%.

Observed monitoring gaps for bandwidth usage; set up PRTG and Nagios sensors to track link utilization and device uptime, with automated alerts to the NOC.

Automated repetitive switch port provisioning with Ansible playbooks, freeing up hours each week and reducing human error during deployments.

EDUCATION

Masters in cybersecurity

Webster University, Saint Louis

B. tech in Electronics and Communication Engineering Swarna Bharathi Institute of Science & Technology

CERTIFICATION

Cisco Certified Network Associate (CCNA)

Contact this candidate