Senior Network Engineer
Resume:
Pravalika Parimi
Senior Network Engineer
*.*************@*****.***
Professional Summary:
Senior Network Security Engineer with 6 years of experience in designing, deploying, and securing large-scale enterprise networks across financial services, healthcare, and technology industries.
Expertise in configuring, managing, and troubleshooting multi-vendor firewalls including Palo Alto NGFW (PA-5410, 5250, 5450, 3440, 3260; PAN-OS 7.x/8.x), Cisco Firepower FTD/FMC (1010, 1120, 1150, 3140, 3130), Cisco ASA, 9Fortinet FortiGate (1800F, 3200F, 500E), FortiAnalyzer, Juniper SRX (550, 4600, 5400, 5600, 5800), Bluecoat ProxySG, and Check Point Firewalls.
Skilled in developing and applying security policies, IPS configurations, URL filtering, DDoS mitigation strategies, and threat intelligence-based filtering to protect against advanced cyber threats.
Proficient in advanced networking with Cisco Nexus (7010, 7018, 9400, 9500, 9800, 5548, 5600), ASR (9000, 1001, 1002), ISR 1100 series, and Catalyst platforms, including VLAN segmentation, HSRP, OSPF, BGP, IPv4/IPv6, and port-channel configurations.
Extensive experience with Cisco ACI (APIC, Filters, Spine-Leaf architecture) and Cisco ISE (802.1x authentication) for secure, policy-driven network access control.
Hands-on expertise in SD-WAN solutions including Cisco Viptela (vManage, vSmart, vBond) and Cisco Meraki SD-WAN for application-aware routing, centralized management, and secure branch connectivity.
Strong background in cloud networking and security with AWS (VPC, Direct Connect, VPN Gateway, CloudFront, Security Groups) and Azure (VNets, NSGs, ExpressRoute, VPN Gateway, Firewall Premium, Application Gateway WAF).
Experienced in load balancing and application delivery with F5 BIG-IP LTM/GTM (4300, 4340N, 4450) including SSL termination, iRules, persistence profiles, and global traffic management.
Proficient in monitoring and network analysis tools including Wireshark, PyShark, Scapy, SNMP, SolarWinds, Cisco Nexus Fabric Manager, and F5 Enterprise Manager.
Automation and scripting expertise using Python (Netmiko, PyShark, Scapy), Ansible, and Terraform for configuration management, compliance checks, and network provisioning.
Experienced in DNS, DHCP, and IPAM management with Infoblox, including upgrades, security enhancements, and integration with enforcement consoles (ISEC).
Technical Skills:
Category
Technologies / Tools
Firewalls & Security
Palo Alto NGFW (PA-5410, 5250, 5450, 3440, 3260; PAN-OS 7.x/8.x), Panorama, Cisco Firepower FTD/FMC (1010, 1120, 1150, 3140, 3130), Cisco ASA, Fortinet FortiGate (1800F, 3200F, 500E), FortiAnalyzer, Juniper SRX (550, 4600, 5400, 5600, 5800), Bluecoat ProxySG, Check Point Firewalls, Cloudflare WAF, AWS CloudFront, Azure Firewall Premium
Networking (Routing, Switching, Wireless)
Cisco Nexus (7010, 7018, 9400, 9500, 9800, 5548, 5600), Cisco ASR (9000, 1001, 1002), ISR 1100 series, Catalyst Switches, VLANs, Port-channel, HSRP, OSPF, BGP, IPv4/IPv6, Aruba Wireless, Cisco Meraki Wireless, Cisco ACI (APIC, Filters, Spine-Leaf), Cisco ISE (802.1x)
SD-WAN
Cisco Viptela (vManage, vSmart, vBond), Cisco Meraki SD-WAN
Cloud Networking
AWS VPC, Direct Connect, VPN Gateway, Azure VNets, NSGs, ExpressRoute, Azure VPN Gateway, Azure Application Gateway (WAF)
Load Balancing
F5 BIG-IP LTM/GTM (4300, 4340N, 4450), iRules, SSL termination
VPN Technologies
IPsec VPN, GlobalProtect VPN, GRE, DMVPN, IKEv2
Monitoring & Analysis
Wireshark, PyShark, Scapy, SNMP, SolarWinds
Automation & Scripting
Python (Netmiko, Scapy, PyShark), Ansible, Terraform
DNS, DHCP & IPAM
Infoblox DNS/DHCP/IPAM, ISEC console
Documentation & Compliance
Visio, CIS benchmark audits
Fidelity Investments, New York City, NY, USA (Jan 25 – Present)
Senior Network Security Engineer
Set up and maintained IPsec VPN tunnels on Palo Alto devices, including routine maintenance like password recovery and software upgrades to ensure secure connectivity.
Worked extensively with Next Generation Firewalls such as Bluecoat ProxySG and Palo Alto PA series for URL filtering and enhanced network threat protection.
Implemented detailed network security policies using Palo Alto firewalls to prevent unauthorized access attempts and protect against a wide range of cyber threats.
Optimized Cloudflare firewall performance by enabling Rate Limiting rules, Bot Management, and API Gateway protection, reducing attack surfaces and unauthorized API access.
Worked on Cloudflare DDoS mitigation capabilities to protect against layer 3, 4 and 7 attacks.
Involved in configuring F5 BIG-IP LTM (Local Traffic Manager) on rSeries for intelligent traffic distribution, reducing application latency by 40%.
Configured and maintained F5 BIG-IP LTM load balancers to intelligently distribute traffic across web and application servers, ensuring high availability and optimal application performance.
Monitored Viptela vSmart SD-WAN controllers to ensure routing decisions followed the most efficient traffic paths, optimizing bandwidth and network resource utilization.
Used vManage orchestrator to centrally configure, monitor, and enforce policies across the entire Viptela SD-WAN infrastructure in real time.
Configured and enhanced Cisco ACI Point of Delivery components to improve network service delivery while strengthening overall security posture.
Managed traffic flow using Cisco ACI filters to impose restrictions and limitations, safeguarding network security and enforcing corporate policies effectively.
Installed and managed Aruba wireless networks to ensure superior wireless performance, adequate capacity, and extensive coverage throughout enterprise facilities.
Developed AWS CloudFront distributions leveraging cookies and signed URLs to securely control content access and improve content delivery performance.
Configured and maintained AWS Direct Connect virtual interfaces, ensuring private and secure low-latency connectivity for mission-critical workloads hosted on AWS.
Created comprehensive documentation and led training sessions on Information Security Enforcement Console (ISEC) to improve IT teams’ security configuration management skills.
Managed Infoblox upgrade projects, smoothly upgrading to newer versions while utilizing enhanced features to increase network security and operational speed.
Implemented IPS policies on Cisco FTD devices using Snort-based rules and custom signatures to detect and block zero-day exploits and lateral threat movements.
Configured FMC object groups, security zones, and policy maps to simplify and streamline firewall policy creation and management across large enterprise networks.
Developed Python scripts using Netmiko to automatically retrieve interface utilization data from firewalls and routers, providing actionable insights into network traffic patterns.
Installed, maintained, and troubleshot Cisco routers supporting both IPv4 and IPv6 protocols to ensure smooth coexistence of next-generation and legacy network infrastructures.
Worked on Cisco ASR 9000 routers and implemented Hot Standby Router Protocol (HSRP) to provide high availability and failover for critical network paths.
Diagnosed and resolved network issues on Cisco Nexus switches (7018, 9400, 9500, 9800), ensuring optimal reliability and uptime in a large-scale data center environment.
Collaborated closely with multidisciplinary teams to integrate Cisco Nexus switches into comprehensive network security architectures and operational workflows.
Cigna Health, Charlotte, NC USA (Sept 23 - Dec24 )
Senior Network Engineer
Configured and managed FortiAnalyzer appliances for thorough security event analysis, generating insightful reports that identify and mitigate potential network threats.
Supported Fortinet FortiGate firewall models (1800F, 3200F, 500E) by providing configuration, tuning, and technical troubleshooting to ensure secure and efficient network operations.
Integrated Palo Alto firewalls with WildFire cloud service to detect zero-day malware and automate incident response workflows.
Managed Palo Alto Networks firewalls (PA-5250, PA-5450, PA-3440) using Panorama for centralized configuration, monitoring, and performance optimization.
Deployed Palo Alto firewall features including user identification, security profiles, and advanced reporting capabilities to enhance network security posture.
Worked on Prisma SD-WAN to dynamically steer traffic based on link health and application requirements, automatically rerouting traffic to healthy links and optimizing bandwidth utilization.
Used Netmiko scripting to perform real-time network health monitoring, execute CLI commands, and parse device outputs for structured data analysis.
Designed and deployed Cisco Meraki wireless networks to provide secure, lag-free connectivity for users across multiple corporate facilities and remote sites.
Created Azure Virtual Networks (VNets) with appropriate subnetting, Network Security Groups (NSGs), and route tables to establish secure multi-tier cloud architectures.
Involved in configuring F5 devices (models 4300, 4450, 4340N) in high availability mode, including virtual servers, VIPs, and custom iRules for intelligent traffic management.
Monitored Global Traffic Manager (GTM) health and traffic distribution via F5 Enterprise Manager and SNMP tools to proactively detect and resolve application availability issues.
Improved and enhanced Cisco ACI APIC controllers to enable centralized administration, policy enforcement, and real-time monitoring of Cisco ACI-based fabric infrastructure.
Assisted in migrating from Cisco ACI Spine-Leaf architecture to traditional three-layer network designs using Cisco Validated Designs for enterprise clients and service providers.
Implemented disaster recovery protocols for Active Directory services, ensuring timely data restoration and minimizing downtime in case of system failures.
Conducted extensive network packet manipulation and analysis using Python libraries such as PyShark and Scapy to automate diagnostics and troubleshooting workflows.
Developed and deployed Ansible playbooks to automate distribution of firewall rules across multiple devices, ensuring consistent security configurations throughout the network.
Installed Juniper SRX 5600 and SRX 5800 firewalls at multiple branch sites as part of ongoing network security refresh projects.
Integrated diagnostic and management tools such as Cisco Nexus Fabric Manager and Nexus dashboards to monitor and troubleshoot Nexus switch infrastructure in real time.
Infosys, USA
Network Engineer (Apr 22-July 23)
Led complex firewall migration projects from Cisco ASA to Cisco Firepower, including translating security policies and enabling advanced features for improved protection and performance.
Optimized Cisco Nexus switch performance by fine-tuning spanning-tree protocol parameters, configuring link aggregation, and setting up redundant paths for network resilience.
Enhanced AWS hybrid cloud connectivity by adjusting routing policies and firewall rules, reducing latency and improving throughput between on-premises and cloud environments.
Tuned F5 load balancing policies, optimizing SSL profiles, persistence settings, and health checks to enhance application delivery and user experience.
Optimized SD-WAN routing policies to prioritize latency-sensitive applications while balancing load between MPLS circuits and broadband links for better network efficiency.
Configured and maintained a variety of firewalls including Fortinet FortiGate, Cisco ASA, and Cisco Firepower, implementing security policies, NAT, VPN tunnels, and intrusion prevention features.
Applied dynamic routing protocols BGP and OSPF on Cisco routers to optimize WAN routing, increase redundancy, and enable failover between data centers and branch offices.
Deployed and managed Cisco Nexus switches within data centers, handling VLAN segmentation, Virtual Port Channels (VPCs), port-channel aggregation, and inter-VLAN routing for scalable networks.
Automated repetitive operational tasks including configuration backups, compliance audits, and device health checks using Python scripting and Ansible automation tools.
Built and managed AWS Virtual Private Cloud (VPC) networking components, including subnet creation, route table management, security groups, and VPN connectivity to on-premises networks.
Configured and supported F5 load balancers, setting up SSL termination, persistence profiles, and advanced health monitoring to maintain high application availability.
Equi soft, India
Network Administrator (Dec2019- Feb 22)
Performed firmware upgrades on Cisco and Juniper network devices, validating stability and ensuring compatibility with existing configurations.
Configured Cisco ASA and Juniper SRX firewalls, including ACLs, NAT rules, and IPSec VPN site-to-site connectivity.
Implemented BGP and OSPF routing on Cisco and Juniper routers, troubleshooting route redistribution and resolving flapping peer sessions.
Configured and maintained VLANs, trunk ports, EtherChannels, and inter-VLAN routing for scalable LAN environments.
Automated repetitive network operations using Python scripts and Ansible playbooks for configuration backups and inventory management.
Provisioned AWS VPC infrastructure with Terraform, including subnets, route tables, security groups, and VPN connectivity to on-prem networks.
Configured and maintained F5 and Citrix ADC load balancers for application delivery, SSL termination, and high availability.
Performed deep packet analysis with Wireshark to troubleshoot asymmetric routing, packet loss, and latency issues.
Reviewed logs and alerts for Cisco ASA and Check Point firewalls to track traffic patterns and detect security anomalies.
Investigated SD-WAN link degradation by validating tunnel status, failovers, and transport performance metrics.
Conducted daily health checks for routers and switches, validating interface status, CPU usage, and error logs.
Education:
Master’s in management information system, Northern Illinois university, USA
Bachelor’s in Electronics and communication engineering, St martin’s engineering college, India
Contact this candidate