Network and Security Engineer with 6+ Years Experience
Resume:
Ramya A
+1-984-***-**** ***********@*****.*** LinkedIn
Professional Summary:
Network and Security Engineer with over 6 years of experience designing, implementing, and securing enterprise-grade network infrastructures across data center, cloud, and WAN environments, ensuring high availability, scalability, and compliance with industry best practices.
Specialized in deploying and managing SD-WAN solutions using Cisco Viptela, Cisco Meraki, and Silver Peak, replacing legacy MPLS architectures with high-speed broadband and DIA links that enhanced application performance, security, and cost efficiency.
Extensive experience in Cisco ACI data center environments, building and configuring tenants, VRFs, bridge domains, and endpoint groups (EPGs) to enforce network segmentation and micro-segmentation policies, while integrating ACI with external Layer 3 domains for automated and scalable routing.
Proven expertise in Next-Generation Firewalls (NGFWs) from multiple vendors including Palo Alto Networks, Cisco Firepower, Checkpoint, and Fortinet, implementing IPS/IDS, SSL inspection, URL filtering, and VPN solutions to safeguard enterprise networks from evolving cyber threats.
Proficient in deploying and maintaining F5 BIG-IP (LTM, GTM, ASM) for application delivery and traffic management, designing iRules and iApps for load balancing, SSL offloading, and redundancy, ensuring secure and seamless user access to mission-critical applications.
Maintained accurate TPRM inventories and risk registers, integrating OSINT data, vulnerability intelligence, and threat-monitoring feeds to proactively detect shifts in supplier security posture across cloud and hybrid environments.
Built and maintained CI/CD pipelines with Jenkins and GitHub Actions, integrating Python, C#, and C automation scripts for configuration validation and deployment; conducted code reviews and technical analysis to uphold best practices, reliability, and continuous improvement.
Collaborated with project management and quality assurance teams to implement process improvement initiatives, enhance service delivery efficiency, and maintain compliance with organizational and regulatory standards.
Deep hands-on experience in advanced routing and switching protocols such as BGP, OSPF, EIGRP, MPLS, IS-IS, and OTV, configuring HSRP/VRRP, VPC, and EtherChannel to maintain high availability, reduce latency, and optimize network performance across global enterprise networks.
Skilled in managing DDI (DNS, DHCP, IPAM) through Infoblox, improving IP address management, visibility, and operational control, while integrating BGP peering with AWS and Azure for hybrid cloud connectivity and secure data exchange between on-prem and cloud environments.
Implemented Zero Trust and NAC frameworks using Cisco Identity Services Engine (ISE) and Aruba ClearPass, enhancing endpoint visibility, access control, and authentication efficiency through 802.1X enforcement, device profiling, and posture assessments.
Strong background in network automation and orchestration using Python scripting, Ansible, and REST API integrations, developing automated workflows for configuration deployment, network audits, and compliance checks to minimize manual effort and human error.
Supported application and infrastructure development pipelines with focus on state management, kernel tuning, and API orchestration; contributed to solution design, execution, and market-driven innovation, ensuring robust performance, governance, and operational excellence.
Integrated modern network monitoring and observability tools such as Dynatrace, SolarWinds, and Splunk to provide end-to-end visibility across the network and application layers, proactively detecting latency, throughput, and security anomalies for faster resolution.
Experienced in documentation and operational governance, creating detailed network diagrams, configuration standards, runbooks, and SOPs, supporting effective change management, cross-team collaboration, and audit-readiness in enterprise IT environments.
Work collaboratively across engineering, QA, and architecture teams to develop a long-term technical roadmap, integrating operating systems, virtualization layers, and cloud components to enhance scalability and reliability.
Tools & Technologies:
Networking: Cisco Nexus (9K/7K/5K/3K), Cisco Catalyst (9500/9300/3850), Cisco Meraki (MX/MS/MR), Cisco ACI, Arista Switches, Juniper SRX, Silver Peak, Cisco ISR/ASR Routers, F5 BIG-IP (LTM, GTM, ASM), HPE/Aruba Switches, Cisco Viptela SD-WAN, VMware NSX.
Security & Firewalls: Palo Alto Networks (PA-3060/PA-3220, Panorama), Cisco Firepower/ASA/FMC, Checkpoint, Fortinet FortiGate, Juniper SRX, Aruba ClearPass, Cisco ISE, AlgoSec, Qualys, Rapid7, Infoblox DDI (DNS, DHCP, IPAM), GlobalProtect VPN, Cisco AnyConnect, SSL/IPSec VPN.
Routing & Protocols: BGP, OSPF, EIGRP, MPLS, IS-IS, RIP, HSRP, VRRP, STP, VPC, EtherChannel, VXLAN, OTV, QoS, ACLs, NAT, Policy-Based Routing (PBR), Route Redistribution.
Cloud & Virtualization: AWS (VPC, Direct Connect, Route Tables, Security Groups, IAM, BGP Peering), Microsoft Azure (VNets, NSGs, Traffic Manager), Azure VPN Gateway, AWS Transit Gateway, Hybrid Cloud Networking, SD-WAN Cloud Integration.
Monitoring, Automation & Tools: Dynatrace, SolarWinds (NPM/NTA), Splunk, FortiAnalyzer, Wireshark, NetFlow, SNMP, Python Programming, Ansible, REST APIs, Git, ServiceNow, Visio, SIEM Platforms.
Educational Details:
University of Alabama at Birmingham, Birmingham, AL – Jan 2023- Dec 2024
Master of Science (M.S.): Computer and Information Science.
Vishnu institute of technology, Bhimavaram, India - June 2015 - May 2019
Bachelor of Technology: Computer Science and engineering.
Awards & Certifications:
Cisco Certified Network Associate – CCNA
Cisco Certified Network Professional - CCNP
AWS Certified Advanced Networking
In progress: PCNSE (PaloAlto Certified Network Security Engineer), Fortinet NSE7
Professional Experience:
Juniper Networks Chicago, IL
Network/Security Engineer Aug 2023 – Current
Designed and implemented SD-WAN solutions using Cisco Viptela, Cisco Meraki, and Silver Peak, replacing legacy MPLS networks with high-speed broadband and direct internet links. Configured encrypted IPsec tunnels, dynamic path selection, and application-based policies to ensure secure and efficient routing for branch and remote sites.
Built and configured Cisco ACI fabrics, including tenants, VRFs, bridge domains, endpoint groups (EPGs), and contracts, to enforce segmentation and micro-segmentation in the data center. Integrated ACI with external Layer 3 networks for automated routing, scalable connectivity, and policy-driven inter-tenant communication.
Deployed and supported Cisco Nexus 9300, 9500, and 9800 switches for high-performance data center switching. Configured HSRP/VRRP for gateway redundancy, VPC and EtherChannel for link aggregation, and QoS policies to optimize traffic flow. Enhanced network visibility using Arista switches with built-in telemetry and streaming analytics for proactive performance monitoring.
Designed and deployed dual-stack IPv4/IPv6 network architectures, including address planning, neighbor discovery, OSPFv3, and MP-BGP route propagation, ensuring seamless coexistence and migration readiness across data center and cloud networks.
Configured and troubleshot IPv6 transition and tunneling technologies such as GRE, IPsec VPN tunnels, and ISATAP, enabling secure communication between legacy IPv4 environments and IPv6-enabled domains during phased rollout projects.
Conducted proactive security alert monitoring and log analytics using Splunk and Snowflake, correlating user behavior, authentication patterns, and network events to identify potential account takeover (ATO) activity.
Developed and executed advanced query logic across SIEM and IAM platforms to detect anomalies, reduce false positives, and refine detection accuracy within hybrid SaaS and on-prem environments.
Collaborated cross-functionally with engineering, customer support, and fraud response teams in a fast-paced environment to triage security incidents, coordinate containment, and communicate investigation outcomes effectively.
Hands-on experience in application, network, and cloud security, securing workloads across AWS, Azure, and hybrid infrastructures through micro-segmentation, IAM, and Zero-Trust access frameworks.
Developed and integrated secure authentication and authorization workflows leveraging SSO/SAML, OAuth, and OpenID protocols; collaborated with product and engineering teams to strengthen coding and secure cloud development practices.
Designed and optimized SQL queries and database schemas to support network automation tools and configuration management systems, improving data retrieval efficiency and scalability.
Collaborated with full-stack and UI development teams using React, TypeScript, JavaScript, and Figma to validate front-end dashboards, API integrations, and web-based monitoring tools, ensuring seamless customer engagement, accessibility, and high-quality execution across sprint planning and release cycles.
Administered and maintained centralized DDI (DNS, DHCP, and IPAM) using Infoblox to improve operational control and IP address management. Configured BGP peering with AWS for secure hybrid cloud integration and coordinated with vulnerability management platforms like Qualys for firewall audits and network security compliance.
Configured, managed, and troubleshot Next-Generation Firewalls (NGFWs) including Cisco Firepower, Palo Alto Networks, Checkpoint, and Fortinet. Implemented IPS/IDS, SSL inspection, URL filtering, and application control to protect enterprise environments from threats. Supported upgrades, high availability setups, and policy optimizations across multiple vendors.
Deployed secure remote access and VPN infrastructures using Palo Alto GlobalProtect, Cisco ASA, and Juniper SRX. Configured IPsec site-to-site and SSL VPNs, integrated PKI certificates, and enforced secure user access policies. Migrated enterprise network access control from Cisco ISE to Aruba ClearPass, improving endpoint visibility and authentication efficiency.
Supported the preparation and review of RFP (Request for Proposal) documentation, providing technical insights and cost-effective recommendations aligned with business and market trends.
Collaborated with legal, procurement, and InfoSec stakeholders to support onboarding, due diligence, and continuous monitoring of vendor risk posture through tools such as ServiceNow GRC, SAP GRC, and Black Kite, ensuring alignment with frameworks like NIST, ISO, and CCPA/GDPR.
Implemented and maintained F5 BIG-IP solutions including LTM, GTM, and ASM, supporting load balancing and application delivery. Created iRules and iApps for traffic management and automated application services. Managed SSL certificate deployment and renewal across multiple applications to maintain secure connectivity.
Supported enterprise branch connectivity using Cisco Meraki MX security appliances, MS switches, and MR access points. Configured Layer 2 and Layer 3 features, VLANs, and routing through the Meraki Dashboard, leveraging its cloud management for centralized visibility, configuration, and troubleshooting.
Provided in-depth configuration and troubleshooting for routing and switching protocols including BGP, OSPF, EIGRP, MPLS, IS-IS, and OTV. Managed ACLs, VLANs, and NAT policies to ensure secure and optimized network traffic flow across data centers, WANs, and enterprise branches.
Integrated Dynatrace into the monitoring ecosystem to provide end-to-end visibility into both network and application layers. Used the platform to identify latency, throughput, and availability issues, supporting faster troubleshooting and performance optimization strategy across hybrid infrastructures.
Configured and monitored proxy, firewalls, and MFA systems to prevent unauthorized access and ensure compliance with organizational security standards.
Delivered exceptional client satisfaction by efficiently managing service desk operations, monitoring ticket status against SLAs, and providing clear written communication to ensure timely issue resolution and user confidence.
Developed Python automation scripts and REST API integrations for repetitive network tasks, configuration consistency, and data collection. Created detailed network documentation, Visio diagrams, and standard operating procedures (SOPs) to ensure knowledge transfer, change management, and audit readiness.
Demonstrated analytical and debugging skills to diagnose and resolve complex system and application issues across Linux, Windows, and VMware environments.
Leveraged JIRA ticketing systems to manage, track, and document technical issues, ensuring accurate status updates by collaborating and communication with stakeholders.
Actively performed root cause analysis to ensure long-term resolution and prevent recurring incidents, maintaining over 95% SLA compliance.
Created and maintained detailed process documentation using Confluence, improving knowledge sharing and onboarding efficiency by 30%.
Demonstrated strong communication skills and interpersonal skills while coordinating network projects and presenting technical interface designs to both technical and non-technical teams.
Collaborated with cross-functional teams to develop threat intelligence playbooks, document incident classification workflows, and present findings through PowerPoint, executive briefs, and clear verbal communication.
Built internal metrics dashboards and Excel-based trend reports to track threat patterns; led experiments to evaluate new detection logic, tuning, and automation enhancements, including chatbot-assisted analyst workflows.
Demonstrated strategic thinking and leadership by driving software security initiatives, enforcing compliance standards, and mentoring junior engineers to promote operational excellence and professional growth.
Accenture Texas Health Care Hyderabad, India
Sr. Network Security Engineer Dec 2021 – Dec 2022
Designed, deployed, and secured enterprise network infrastructure using Cisco Nexus (9K/7K/5K) and Catalyst (9300/3850) switches, implementing OSPF, BGP, EIGRP, HSRP, and VRRP to ensure high availability and efficient routing.
Implemented and managed advanced firewall security using Palo Alto (PA-3060/PA-3220), Cisco ASA/Firepower, and Checkpoint, configuring IPSec/SSL VPNs, NAT, and granular security policies to protect critical environments.
Standardized firewall and security policy management with Palo Alto Panorama and Cisco FMC, automating rule deployments, compliance reporting, and configuration synchronization across multiple environments.
Deployed and optimized Cisco SD-WAN (Viptela) to replace legacy MPLS, configuring encrypted tunnels, dynamic path selection, and traffic prioritization to enhance connectivity and reduce latency.
Enhanced network visibility and proactive monitoring through SolarWinds (NPM/NTA) and Splunk, creating dashboards and alerting mechanisms to identify security threats, performance issues, and anomalies in real time.
Configured and maintained F5 BIG-IP LTM/GTM load balancers for optimized application delivery, SSL offloading, and redundancy to ensure seamless user access and minimal downtime.
Leveraged Databricks and Python for advanced data modelling, traffic analysis, and performance tuning of hybrid cloud infrastructures, generating actionable recommendations and improving network optimization through problem resolution and testing automation.
Designed and implemented advanced TCP/IP, Ethernet, and 5G networking architectures integrating optics, routers, and firewalls, ensuring high-speed, reliable data transmission aligned with enterprise information system specifications.
Strengthened network segmentation and access control using Cisco ACI and Cisco ISE, implementing micro-segmentation, authentication policies, and Zero Trust security principles for improved control and visibility.
Managed secure hybrid cloud connectivity by configuring AWS VPCs, Direct Connect, Security Groups, Route Tables, and IAM roles, integrating BGP for reliable communication between on-premises and cloud environments.
Automated routine network operations, monitoring, and configuration updates using Python and Ansible, streamlining maintenance processes and reducing manual overhead.
Collaborated with cross-functional teams to gather requirements and translate them into detailed user stories with defined acceptance criteria, ensuring technical feasibility and alignment with organizational goals.
Contributed to the planning, development, and implementation of enterprise information security strategies to strengthen system defenses, mitigate risks, and ensure compliance with organizational and regulatory standards.
Collaborated in cross-functional teamwork environments within a startup-style agile culture to define project scope, identify project risks, and deliver innovative information technology solutions aligned with business goals.
Provided exceptional customer service by managing ticket backlogs, gathering user feedback, and clearly communicating resolutions, ensuring timely issue closure and high user satisfaction.
Created detailed technical documentation including network diagrams, configuration baselines, and maintenance procedures for hardware, firmware, and software components to ensure traceability and compliance.
Performed firewall rule audits and security optimization using AlgoSec, Qualys, and Infoblox DDI, identifying redundant rules, improving IP address management, and reinforcing network security posture.
Applied strategic thinking and analytical skills to develop Java-based automation scripts using IO streams, improving data validation accuracy with less manual intervention and greater efficiency.
Self-motivated and detail-oriented professional with hands-on experience in configuring and monitoring security systems across Windows and Linux environments, ensuring compliance with organizational policies and standards.
Capgemini Sunlight Financial Hyderabad, India
Software Engineer/Associate Network Engineer Jun 2018 – Dec 2021
Designed and implemented secure enterprise network architectures using Cisco Catalyst and Cisco Nexus switches, creating VLANs and EtherChannels for segmentation and redundancy, while leveraging Spanning Tree Protocol (STP) to eliminate loops and maintain network stability.
Configured and maintained routing protocols such as OSPF, EIGRP, and BGP across Cisco ISR and ASR routers, ensuring optimal path selection and secure WAN communication through the use of Access Control Lists (ACLs) and route filtering.
Deployed and managed Palo Alto, Cisco ASA, and FortiGate firewalls, defining security policies, NAT rules, and intrusion prevention profiles to protect the organization’s perimeter and internal zones against evolving threats.
Implemented IPSec Site-to-Site and SSL VPN tunnels to connect remote offices and mobile users securely, enforcing encryption standards and authentication policies to safeguard data exchange over untrusted networks.
Deployed and secured workloads in Microsoft Azure, designing Virtual Networks (VNets) and Network Security Groups (NSGs) to control east-west and north-south traffic, and used Azure Traffic Manager to maintain application availability across regions.
Partnered with cross-functional teams in consulting, development, and security to deliver scalable architectures, driving collaboration, agile sprint execution, and alignment with business goals through effective verbal communication and documentation writing.
Demonstrated exceptional problem-solving and critical-thinking abilities by diagnosing complex issues across multi-vendor firewalls, SD-WANs, and hybrid cloud environments, ensuring rapid incident containment and service restoration.
Enhanced access control and endpoint security through Cisco Identity Services Engine (ISE), implementing 802.1X authentication, device profiling, and posture assessments to verify and authorize network users dynamically.
Configured F5 BIG-IP Local Traffic Manager (LTM) to manage secure application delivery, utilizing SSL offloading and load balancing algorithms to improve performance and ensure fault-tolerant service availability.
Centralized network services with Infoblox, integrating DNS, DHCP, and IP Address Management (IPAM) for consistent addressing and enhanced visibility. Used DNS security analytics to identify anomalies and mitigate spoofing risks.
Monitored and secured the network infrastructure using SolarWinds for device and bandwidth analysis, and Wireshark for deep packet inspection and protocol-based troubleshooting during incident investigations.
Improved visibility and incident response by integrating logs into Security Information and Event Management (SIEM) platforms and Forti Analyzer, correlating firewall and system events to detect and respond to security incidents in real time.
Automated recurring network and security operations using Python, developing scripts for configuration checks, log parsing, and performance monitoring to streamline troubleshooting and reduce manual workload.
Led cloud and network migration activities integrating on-prem infrastructures with AWS/Azure environments; communicated rollout plans, risk impacts, and implementation steps to stakeholders, including government and enterprise partners in fintech and regulated environments.
Academic Projects:
1. AI-Driven Network Anomaly Detection System
University of Alabama at Birmingham
Developed a smart system using Python and machine learning to spot unusual network traffic and possible security threats automatically.
Collected and analyzed large sets of network data to train models like Random Forest and Autoencoders, helping detect attacks such as DDoS and brute force with over 95% accuracy.
Combined data from NetFlow and Syslog to identify patterns and improve detection reliability.
Linked the system with Splunk, allowing real-time dashboards and instant alerts for faster response to network issues.
2. Intelligent Firewall Rule Optimization Using AI
University of Alabama at Birmingham
Created an AI tool that reviews and cleans up firewall rules to make networks more secure and easier to manage.
Used natural language processing (NLP) and Python scripts to read and understand rules from Palo Alto and Cisco Firepower systems, identifying duplicates or conflicts.
Cut firewall review time by about 40% and improved accuracy by automatically flagging risky or unnecessary rules.
Shared the project’s results in a research paper, showing how it could work with tools like AlgoSec and Panorama to automate network security management.
Contact this candidate