Network Security Engineer with 3+ Years of Experience

KARUTURIBHAVANA

NETWORK SECURITY ENGINEER

************@*****.***

201-***-****

SUMMARY

●Results-driven Network Security Engineer with 3+ years of experience delivering secure, resilient, and high-performing network infrastructures across IT Services & Consulting, Oil & Gas, and Financial Services environments. Specialized in multi-vendor security technologies including Palo Alto, Cisco Firepower, Fortinet, Cisco ASA, and Juniper SRX.

●Strong experience with Cisco ACI and Cisco ISE for micro-segmentation and identity-driven access control. Skilled in SD-WAN (Cisco Viptela, Meraki), cloud networking (AWS, Azure), F5 load balancing, and network automation using Python, Ansible, and Terraform.

●Proven ability to troubleshoot complex network/security incidents, enhance performance, and implement Zero Trust security models.

TECHNICAL SKILLS

Category

Technologies / Tools

Firewalls & Security

Palo Alto NGFW, Cisco Firepower (FTD/FMC), Cisco ASA, Fortinet FortiGate, Juniper SRX, IPS/IDS, NAT, URL Filtering, Zero Trust

Networking (Routing & switching)

Cisco Nexus, Catalyst, ASR/ISR, VLANs, VPC, Port-Channel, HSRP, OSPF, BGP, IPv4/IPv6

SD-WAN & VPN

Cisco Viptela, Cisco Meraki, IPsec VPN, GRE, DMVPN

Cloud Networking

AWS (VPC, VPN, Direct Connect), Azure (VNets, NSGs, VPN Gateway)

Load Balancing

F5 BIG-IP LTM / GTM, SSL Termination

Data Center & NAC

Cisco ACI (APIC, Spine-Leaf), Cisco ISE, 802.1X

Monitoring & Tools

Wireshark, SNMP, SolarWinds

Automation

Python (Netmiko), Ansible, Terraform

Infrastructure Services

Infoblox (DNS, DHCP, IPAM)

Documentation

Network Diagrams, Change Management

PROFESSIONAL EXPERIENCE

Network Security Engineer Fidelity Investments NY,USA Jan 2025– Present

●Managed and optimized multi-vendor firewall environments including Palo Alto, Fortinet, Cisco Firepower, and Juniper SRX, implementing security policies, NAT, IPS/IDS, and threat prevention controls.

●Configured and administered Palo Alto NGFW features including WildFire, URL Filtering, SSL Inspection, and GlobalProtect VPN to enhance real-time threat detection and secure remote access.

●Designed and maintained Panorama device groups and templates, ensuring consistent security policies and standardized configurations across enterprise firewall deployments.

●Implemented and managed Fortinet FortiGate security policies, leveraging FortiManager and FortiAnalyzer for centralized management, logging, reporting, and performance optimization.

●Performed firmware upgrades and patch deployments across firewall and network devices, strengthening security posture and minimizing vulnerability exposure.

●Designed and deployed SD-WAN architectures using Cisco Viptela and Meraki, optimizing application-aware routing, link utilization, and resilient branch connectivity.

●Integrated SD-WAN with cloud security platforms (Zscaler) and public cloud services to ensure secure, high-performance hybrid network connectivity.

●Configured IPS/IDS, URL Filtering, SSL Inspection, and Threat Prevention features to protect against advanced cyber threats.

●Implemented Zero Trust security principles, including identity-based access controls and micro-segmentation.

●Analyzed firewall logs and security events to detect, investigate, and mitigate network security anomalies.

●Configured and enforced Cisco ACI security policies, contracts, and filters to enable micro-segmentation and controlled communication between application tiers.

●Managed hybrid cloud networking solutions (AWS & Azure), including VPC/VNet design, VPN connectivity, Route 53/DNS services, CloudWatch logging, and DDoS protection using CloudFront & Shield.

●Configured and optimized F5 BIG-IP LTM / GTM load balancing solutions, implementing SSL termination, traffic distribution, and high-availability designs to improve application performance.

●Automated network operations using Python (Netmiko), Ansible, Terraform, and PowerShell, reducing manual errors and improving deployment efficiency.

●Monitored and troubleshot network performance using Wireshark, SolarWinds, and SNMP, resolving complex routing, switching, VPN, and security incidents.

Network Engineer Marathon Petroleum Corporation Findlay,OH Dec2022– Dec2024

●Designed, configured, and maintained enterprise network infrastructure, ensuring high availability, performance, and security across LAN/WAN environments.

●Implemented and managed multi-vendor firewalls (Palo Alto, Fortinet, Cisco Firepower/ASA), enforcing security policies, NAT, VPN, and threat prevention controls.

●Configured and optimized routing and switching protocols (OSPF, BGP, HSRP, VLANs, VPC, Port-Channels) to improve network redundancy and resilience.

●Deployed and supported site-to-site and remote access VPN solutions (IPsec / SSL VPN) for secure branch and remote user connectivity.

●Monitored network performance using Wireshark, SNMP, and SolarWinds, proactively identifying and resolving latency, packet loss, and connectivity issues.

●Implemented network segmentation and access control strategies, strengthening security posture and minimizing lateral movement risks.

●Supported hybrid cloud networking environments (AWS / Azure), including VPC/VNet connectivity, VPN gateways, routing, and security controls.

●Performed firmware upgrades, patching, and system hardening, ensuring network devices remained secure and compliant.

●Automated network operations using PowerShell / Python / Ansible / Terraform, reducing manual errors and improving deployment efficiency.

●Collaborated with cross-functional teams to troubleshoot complex network and security incidents, minimizing downtime and service disruptions.

Network Administrator SoftAge Groups Hyd,India May2020 – Feb2022

●Managed and maintained network infrastructure including routers, switches, firewalls, and VPNs across enterprise environments

●Configured Palo Alto, Cisco ASA/Firepower & Fortinet firewalls, implementing secure access policies and NAT/VPN solutions

●Administered VLANs, OSPF/BGP routing, high-availability (HSRP), and redundancy setups for resilient network operations

●Implemented 802.1X authentication and policy-based access control using Cisco ISE

●Monitored and troubleshot network performance using Wireshark, SolarWinds, and SNMP; reduced downtime through proactive optimizations.

●Optimized network performance by tuning routing protocols, QoS policies, and traffic engineering configurations.

●Implemented network redundancy and failover mechanisms, improving resilience and minimizing downtime.

●Developed automation scripts to streamline device monitoring, configuration backups, and operational tasks.

●Supported site-to-site & remote VPN connectivity; collaborated with cross-functional teams for secure infrastructure projects.

●Implemented and supported secure remote access solutions for users, contractors, and third-party integrations.

●Monitored and analyzed network logs and alerts, proactively resolving issues before service degradation.

●Ensured compliance with security and regulatory standards, supporting audits and documentation requirements.

●Created and maintained network documentation, diagrams, and change records in compliance with ITSM practices.

EDUCATION

Master of Science in Data Science – Saint Peter's University, New Jersey, USA

Contact this candidate