Security Engineer Network

Harika Kalavala

Network Security Engineer

*******************@*****.*** +1-812-***-****

SUMMARY:

5+ years of experience as a Network Security Engineer, network and application security expertise, troubleshooting and presenting enterprise security solutions.

Using the Palo Alto PA-5220, PA-5410, PA-3220 firewalls, division techniques were created and put into practice to reduce the safety region and separate important data.

Configure firewall log analysis and the FortiGate 1800F, 3200F, and 500E monitors to monitor web activity, spot anomalies, and respond to safety issues promptly.

Assisted in handling patches and Infoblox NIOS updates to guarantee that the newest features and safeguards were implemented, preserving network stability and safety.

Managing and deploying Microsoft security updates and specialized software authorized by Group Policy under Active Directory associations.

Monitoring performance of network appliances and WAN utilizing using network analyzer like Wireshark.

Deployed AWS Direct Connect for a financial services company, reducing latency and increasing bandwidth for critical applications.

TECHNICAL SKILLS:

Firewalls: Palo Alto Networks, Fortinet FortiGate, Cisco ASA firewalls, Checkpoint R77.30, R75.10, R75.20.

Switches: Nexus 9000, 5000, 7000, Arista switches 7800, 7170, 5000 and Juniper switches.

Monitoring/Management Tools: Splunk, Syslog, Solar Wind, NetIQ, SNMP, Net Flow, Cisco Prime, Cisco DCNM.

Routing series: Cisco ISR 4000, 1000, 900 and 800, Juniper MX480 and MX960 series.

Cloud services: AWS (VPC, Route53, Direct Connect)

Routing Protocols: OSPF, EIGRP, BGP, RIPv2, IS-IS, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Load Balancers: F5 LTM, GTM and BIG-IP.

Wireless: Cisco Meraki MR 32, 33, 34 and Aruba Wireless.

Accounting Platforms/Protocols: TACACS+, Clear Pass, Airwave, and Policy Manager.

Certifications: CCNA.

Professional Experience:

Charter Communications, CO

Network Security Engineer Sep 2023 - Present

Responsibilities:

Using a range of technologies, Palo Alto rules and firewalls were developed and maintained to successfully detect and stop attacks in records.

Implemented safety for Palo Alto systems by employing IPv4 and IPv6 modules to identify and eliminate malware, intrusions, and C&C techniques.

Setting up and utilizing Palo Alto Networks Next-Generation Firewalls allowed for complete security and operational networked administration.

Working with Palo Alto Panorama and Wild Fire, providing a significant amount of information on safety inspections and services for the PA-5250, PA-5450, and PA-3260 devices' firewall controls.

Configure the safety settings and internet connectivity for the FortiGate firewalls in the 500E, 200E, 1800F and 3200F areas appropriately.

Using risk-assessing techniques, FortiGate firewalls already constantly protected from new vulnerabilities by utilizing safeguards that were already in effect.

Deployed FTD in hybrid environments with seamless integration across on-premises and cloud networks.

Developed FMC database optimization to improve query performance and reduce latency in event retrieval.

Implemented SD-WAN solutions using Cisco Viptela to enhance network performance and reliability across multiple sites.

Configured and managed Cisco Viptela SD-WAN controllers, edge routers, and policies to optimize traffic flow and ensure secure communication.

Implemented advanced security features in Viptela SD-WAN, including end-to-end encryption, segmentation, and firewall policies.

Using the Cisco ACI architecture in conjunction with a Border and Leaf-Spine the company, a centralized dynamic linked networking architecture was developed.

Configured security and adherence in multi-tenant structures, Cisco ACI's Tenant-Based Policies Execution (TBPE) innovation creates unique standards of privacy for every tenancy.

Developed connection through Cisco ACI Bridge Domains by assisting in making certain that URLs are granted and used as effectively as possible to enable a variety of applications.

Set up AWS Cloud Watch to monitor and collect data from various AWS services, providing precise the system's efficiency information to customers.

Implement Amazon Direct Connect to establish trustworthy connections between corporate networks and AWS, ensuring constant and safe internet access.

Create the procedures for deleting data from retention, configuring caches, and often releasing important updates to the AWS Cloud Front storage.

Worked to make sure that networks were fixed and adherence to corporate security guidelines and norms was maintained by using Netmiko for validation.

Configured in developing F5 iRules for data enrichment, testing, and monitoring to boost global safety standards.

Setup and servicing F5 BIG-IP R Series devices, enabling traffic controlling tools, SSL departure, and developed load balancing to improve network security and dependability.

Implemented, maintained, and improved Arista switch design was used, with a focus on the Arista 7000, 7800, and 7300 series specifically to provide more bandwidth.

Configuring Netmiko scripts to handle updating security vulnerabilities, and safe system assessments, customers may ensure PCI DSS and CIS adherence.

Working with groups from several sectors, we designed and implemented visitor interaction through the use of Aruba Clear Pass administrative areas and real-time online permission.

Using Cisco router security monitoring and prevention technology, better alerting and fast response capabilities are achieved.

Improved safety and a concealed secured networked architecture can result from the use of network address translation (NAT) on Cisco routers.

Configuring and maintaining a range of Cisco router types, with a focus on connection safety and reliability, including the ASR 902, 902U, 903 series.

Setting up of Infoblox DDI utilities (DNS, DHCP, and IP address administration) allowed for efficient and secure usage of assets.

Working knowledge of ISEC equipment setup and installation scheduling, including expertise counseling IT staff members on the matter.

Added and carried out online resources and safety procedures, downloaded Fore Scout CounterACT, and set up Cisco ISE.

Developed Ansible instructions that manage system installation and setting up to be tracked by connecting network devices with Zabbix and Nagios.

Using EIGRP to provide a reliable routing link across related objects, establish many Virtual Device Contexts (VDCs) on Nexus 9300, 9400, and 9800 switches.

Maintained thorough network details with layouts and installation directions, specifically tailored for Cisco Nexus deployments.

Using Cisco Nexus-specific tools and directions, network difficulties were located and fixed with the shortest period of disruption feasible.

Installed anti-malware and firewall software, and gave Juniper SRX 5800, SRX 5400, and SRX 4600 PCs more security.

Increased international security procedures by ongoing risk and vulnerability mitigation with the application of Ansible-driven methodologies.

Using the 3130 and 3120 internet Cisco Secure Firewall appliances to establish and maintain effective security policies.

Developing and employing customized Python programs to expedite continuing monitoring and security device evaluations.

Wells Fargo, Charlotte, NC

Network Engineer Dec 2021 – July 2023

Responsibilities:

Using Palo Alto Networks Panorama to enhance safety strategy, layout, and monitoring for dispersed IPv4 and IPv6 connectivity.

Implement an encrypted web browser-to-Bluetooth device connection and set up Global Protect VPN on Palo Alto firewalls.

Configured zone-based safeguards on Palo Alto PA-5280, PA-5260, and PA-3430 firewalls may assist in the creation of a secure networks structure by distributing data throughout many system regions.

Developed a connection between many Palo Alto firewalls and the Palo Alto Panorama M-500 platform's integrated administration.

Deploying and modifying the security-related options on Fortinet firewalls, customers may lessen threat and increase attack reacting, web-based assessment, and virus eradication skills.

Installing the FortiGate firewall systems 3200F, 100E, and 200E is secured against unauthorized use by integrated design and security protocols.

Configured URL filtering and DNS inspection on FTD 2100 devices to block malicious domains and control web traffic.

Implemented FMC high-availability setups to ensure uninterrupted management of Firepower devices in mission-critical environments.

Set up and improve the design's IPsec-protected SD-WAN networking to enable encrypted communication between devices and operating regions.

Implemented the efficacy of SD-WAN administration by identifying and resolving connection issues with the use of vManage's analytics tools.

Configuring the adoption and implementation of Viptela SD-WAN products by collaborating with people from multiple divisions.

Developed tracking online activity and implementing safety protocols through the use of Cisco ACI's safety areas and the enforcement of laws and guidelines.

Setting up Cisco ACI security policies and procedures to meet the business and security needs of AAA clients.

Developed health monitoring checks on F5 LTM 7000 to ensure seamless failover and uninterrupted application availability.

Deployed F5 BIG-IP Application Security Manager modules for web application firewall (WAF) protection.

Using template-driven methodologies, programming was carried out across the entire Viprion system, and the technical setup was accelerated with F5 iRules.

Developed networking management and scheduling abilities, as well as familiarity with Arista switch models, such as the 7020R, 7130, and 7280R3.

Configuring secure settings on Cisco Meraki MR18, MR20, and MR26 networked devices with user approval to establish private Wi-Fi links and prevent unauthorized access.

Implementing organizational policies, we managed to create, alter, and deactivate Active Directory applications and users rapidly, facilitating access management.

Improving the effectiveness and utility of services may be achieved by using Netmiko scripts for standard tasks such as device delay and expertise rotation.

Implemented and managed VPN solutions using Cisco Secure Firewall 4245 and 4215 capabilities to preserve encrypted web service for customers and vendors.

Configure AWS Direct Connect in accordance with safety regulations, access requirements, and privacy policies to establish up sensitive information while viewing specific URLs.

Created Ansible routines to handle daily setup changes linked to networks, guaranteeing correct data and fast analysis in the event of problems.

Implemented an Amazon tunnel gateway in the network's design, you may improve productivity and provide lag-free connection within VPCs and limited topologies.

Maintain updated on security problems and communicating with ISEC applications, risks were promptly found and eliminated.

Configured in monitoring connecting companies, devices regulating supervision, Cisco ISE, Radius, and overall attractiveness.

Additional Python scripts are being written, notification systems are being developed, and security flaws are being found and fixed with greater accuracy.

Involved in network activity and security problems were thoroughly examined, and an individual log analyzer was developed using Python to evaluate information from across the system records.

Integrating management and monitoring of secured standards and regulations is made possible by implementing Cisco Security Manager (CSM) on Cisco routers.

Setting up and managing several Cisco router types, such as the ASR 9901, 9902, 9903 to ensure a stable and efficient connectivity.

Configure Cisco routers with IPsec-based virtual private network (VPN) connections to provide reliable and safe knowledge linkages across distant sites.

Developed an extensive installation documentation for Nexus 7000s, that's currently an ordinary resource used by the company's IT staff.

Configured in establishing a productive devices group with deployed Nexus 7010, 7018, 5548, and 5600 switches, increasing computing power by 35%.

Assist in managing the vast amount of data needed to maintain the Nexus construction, change connectivity designs, and handle changing protocols.

Developed modifications to procedures and testing procedures and meticulously documented all Juniper SRX 380, SRX 4100, and SRX 2300 setups.

Wipro, India

Network Engineer Apr 2020 – Nov 2021

Responsibilities:

Assistance in offering guidance about ways to improve system dependability and address safety concerns using Check Point R77.30, R80.10, R80.30, and R77 Secure Network modifications.

Creating efficient use of the Cisco ASA 5515, 5580, and 5540's exposure evaluation and administration features to increase protection against external threats.

Develop optimal connections and ensure effective usage of assets by using Silver Peak's all-inclusive connectivity administration services.

Working with Solar Winds, expertise monitoring and research were created to offer data from the present and the past on the general health and operation of the organization.

Monitoring and detecting irregularities in online behavior to help ensure that TrustSec standards have been properly applied.

Experience in selecting, configuring, and assessing several routing protocols, including RIP, OSPF, EIGRP, BGP, and others; ability to identify and fix complex routing database issues.

Configuring groups, security regions, connectivity schedules, and accurate and trustworthy models installs in AWS VPCs is accomplished using Terraform scripts.

Experience in incorporating Cisco Tetration with system apparatus, such as firewalls, switches, and load balancers, to accelerate the execution of safety regulation remedies.

Managed and improved the cabling supply, ensuring that necessary components were accessible and minimizing setup and maintenance restrictions.

Knowledge of connectivity specifications, traffic monitoring, and Wireshark filtration for broadband interfaces.

Skilled in network and web related protocols such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols.

Maintaining and adjusting Citrix NetScaler load-balancing rules and regulations, as well as collaborating on new outsiders.

Education:

Bachelor’s in Electronics and Communications Engineering, Gudlavalleru Engineering College, India.

Masters in Computer Science, Indiana State University, Indiana, USA.

Contact this candidate