Post Job Free
Sign in

Network Engineer with 4+ Years Experience

Location:
Hyderabad, Telangana, India
Posted:
December 20, 2025

Contact this candidate

Resume:

HEMANTH THOTA

Network Engineer

www.linkedin.com/in/thota-hemanth-38a25718b

Email ID :- ****************@*****.*** Contact: 312-***-**** PROFESSIONAL SUMMARY :

Around 4+ years of Network Engineer with extensive experience designing, implementing, and securing enterprise- grade networks. Proficient in routing and switching protocols (BGP, OSPF, EIGRP), security technologies (Palo Alto, Cisco ASA/FTD, Zero Trust), and cloud/network automation (Python, Ansible, Terraform). Adept at managing complex infrastructures across on-prem, cloud, and hybrid environments, with strong troubleshooting and performance optimization skills. Actively CCNP certified and pursuing CCIE and PCNSE certifications.

Experience working in complex environments which includes Layer 2 Switching, L3 routing, Network security with perimeter and VPN firewalls, Load balancing and Access policies management in F5 and Wireless LAN Controllers.

Experience in installing, configuring, and maintaining Cisco Switches (2960, 3500, 3750, 3850, 4500, and 6500) in enterprise Environment and Nexus 2k, 3k, 5k, 7k and 9k in Data Center Environment.

Expertise in installing, configuring, and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).

TECHNICAL SUMMARY:

Network Configuration: Advanced switch/router configuration (Cisco IOS access list, Route redistribution/propagation).

Routing Protocols: RIP, IGRP, EIGRP, OSPFv2, OSPFv3, IS-IS, BGP v4, MP-BGP WAN Protocols: HDLC, PPP

Circuit switched WAN: T1/E1 – T3/E3/OCX (Channelized, Fractional & full). Security Technologies: Cisco FWSM/PIX/ASDM, Palo Alto, Cisco ASA, Checkpoint, Blue Coat proxy server. Port Security, DHCP Snooping, IP Source Guard (IPSG). Fortinet/Juniper firewalls Cisco Routers: Cisco ISR-1000, ISR-4000, ASR-1000, ASR-9000, ASR-5500, Meraki. Redundancy and

management:

HSRP, VRRP, GLBP, RPR, NSF/NSR, STP, Wireshark, SolarWinds, SNMP Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonet (POS) Switches: Catalyst 9400, 3850, 3650, 2960; Nexus 2k, 3k, 5k, 7k, 9k Load Balancers F5 LTM, GTM, iRules

Core Skills Routing & Switching: BGP, OSPF, EIGRP, VLANs, STP, HSRP, VRRP Network Devices: Cisco ISR/ASR, Catalyst 9K, Nexus 9K/7K/5K, Cisco ASA, Meraki MX/MS/MR

Firewalls & Security: Palo Alto (Panorama), Cisco FTD, ISE (802.1x), Cisco Umbrella, SASE, Zero Trust Architecture

VPN & WAN Technologies: MPLS, DMVPN, Flex VPN, Site-to-Site VPN, LTE Backup Wireless Networking: Cisco & Aruba Wireless, Ekahau for site surveys and planning Cloud Networking: AWS, Azure (VPC, TGW), SD-WAN (Meraki, Viptela), Cisco ACI Monitoring & Tools: SolarWinds, Wireshark, NetFlow, Thousand Eyes, Infoblox, Microsoft Visio

Network Automation: Python, Ansible, Terraform

Voice & QoS: Cisco VoIP, SIP, H.323, QoS policy

Firewalls Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA

(5520/5550/5580), McAfee Web Gateway, Checkpoint, Palo Alto firewalls. Networking Technologies LAN/WAN Architecture, TCP/IP, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP Cloud Infrastructure Azure - ARM, AKS, AWS, Terraform PROFESSIONAL EXPERIENCE: -

Client: BigCommerce, Remote, USA 10/2024 – Present Role: Network Engineer

BigCommerce Global Network & Cloud Infrastructure Modernization

Description:

Led the design, implementation, and ongoing support of a highly available, secure, and scalable global network infrastructure supporting BigCommerce’s large-scale e-commerce platform. The project focused on achieving near-zero downtime, enabling multi-cloud connectivity, strengthening security and PCI-DSS compliance, and ensuring optimal performance during peak traffic events such as promotions and seasonal sales.

Designed resilient LAN/WAN architectures across on-premises data centers and AWS/Azure environments, delivering 99.99% uptime for customer-facing applications. Implemented advanced routing and redundancy using BGP, OSPF, IS-IS, MP-BGP, HSRP, VRRP, GLBP, and NSF/NSR, ensuring seamless failover for mission-critical checkout and payment workflows. Managed BGP peering and route redistribution between data centers, cloud providers, CDN services, and third-party payment gateways.

Modernized the network through SD-WAN (Cisco Meraki/Viptela), MPLS, DMVPN, FlexVPN, and cloud interconnects (AWS Direct Connect, Azure ExpressRoute, Transit Gateway), improving global performance and resiliency. Integrated F5 LTM/GTM for global load balancing, SSL offloading, and traffic steering, including custom iRules to optimize API routing and session persistence during high-traffic events.

Strengthened security posture by deploying next-generation firewalls (Palo Alto, Cisco ASA/FTD, Fortinet, Juniper SRX, Check Point) and implementing Zero Trust and SASE architectures with Cisco Umbrella and ISE (802.1X). Enforced Layer 2 security controls, IDS/IPS, URL filtering, NAT, and ACL policies to protect storefronts, APIs, and payment systems while maintaining PCI-DSS compliance. Responsibilities:

Designed, implemented, and supported highly available LAN/WAN architectures for large-scale BigCommerce e- commerce platforms, ensuring 99.99% uptime for customer-facing applications.

Configured and optimized advanced routing protocols including BGP, OSPFv2/v3, EIGRP, IS-IS, and MP-BGP for multi-datacenter and cloud connectivity.

Managed BGP peering and route redistribution between on-prem data centers, AWS/Azure, CDN providers, and third-party payment gateways.

Implemented HSRP, VRRP, GLBP, NSF/NSR, and redundancy mechanisms to support mission-critical checkout and payment workflows.

Administered Cisco Catalyst (9400/3850/3650/2960) and Nexus (2K/3K/5K/7K/9K) switches, including VLAN, VTP, STP/RSTP/MSTP, and port-channel configurations.

Supported Cisco ISR/ASR platforms (ISR-1000/4000, ASR-1000/9000/5500) for enterprise and service-provider- grade routing.

Designed and maintained MPLS, DMVPN, FlexVPN, Site-to-Site VPNs, LTE failover, and SD-WAN (Meraki/Viptela) for global e-commerce operations.

Configured HDLC, PPP, and legacy T1/E1/T3/E3/SONET (POS) circuits during migrations and platform modernization projects.

Implemented and managed next-generation firewalls including Palo Alto (Panorama), Cisco ASA/FTD, Fortinet, Juniper SRX/NetScreen, Check Point, and Cisco PIX/FWSM.

Designed Zero Trust and SASE architectures integrating Cisco Umbrella, ISE (802.1X), IPS/IDS, and secure internet gateways.

Configured ACLs, NAT/PAT, threat prevention, URL filtering, and IPS policies to protect BigCommerce storefronts, APIs, and payment systems.

Enforced Layer 2 security using Port Security, DHCP Snooping, IP Source Guard (IPSG) to mitigate spoofing and rogue devices.

Managed Blue Coat Proxy, McAfee Web Gateway, and secure web gateways for outbound traffic inspection and compliance.

Supported PCI-DSS compliance requirements for e-commerce payment processing environments.

Administered F5 LTM/GTM for global traffic distribution, SSL offloading, and application availability.

Developed and maintained F5 iRules to optimize session persistence, API routing, and traffic steering for BigCommerce applications.

Integrated load balancers with cloud-native services and CDN providers to handle high-traffic events (sales, promotions).

Designed and implemented AWS and Azure networking, including VPC/VNet, Transit Gateway (TGW), VPN, Direct Connect/ExpressRoute.

Supported Azure ARM, AKS, and hybrid cloud connectivity using Terraform.

Deployed SD-WAN solutions (Cisco Meraki, Viptela) to improve performance, resiliency, and visibility across global offices.

Integrated cloud security controls with on-prem and SaaS environments for scalable e-commerce workloads.

Used SolarWinds, NetFlow, SNMP, Thousand Eyes, and Wireshark for proactive monitoring, root-cause analysis, and performance tuning.

Performed deep packet analysis to resolve latency, packet loss, and routing issues impacting checkout and API traffic.

Created network diagrams and architecture documentation using Microsoft Visio.

Managed Infoblox (DNS/DHCP/IPAM) to ensure reliable name resolution for customer-facing services.

Automated network provisioning and configuration using Python, Ansible, and Terraform.

Integrated network automation with CI/CD pipelines supporting BigCommerce platform releases.

Reduced deployment errors and mean time to resolution (MTTR) through infrastructure-as-code practices.

Designed and supported Cisco and Aruba wireless networks, including site surveys using Ekahau.

Implemented QoS policies to prioritize VoIP (SIP, H.323) and critical application traffic.

Supported Cisco VoIP infrastructure for corporate and support operations.

Collaborated with DevOps, Security, Cloud, and Application teams to ensure seamless platform scalability during peak sales events.

Led network migrations and upgrades with zero or minimal downtime for BigCommerce storefronts.

Provided Tier 3 support, mentoring junior engineers and leading incident response efforts. Environment: Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800), switches (6500/3750/3550 3500/2950), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, Voice Gateways, BGP, VPN, MPLS, Ether Channels, Cisco Catalyst Switches, Firewalls (Cisco ASA, Palo Alto, Fortinet), Cisco Voice (CCM, UCCE), Shell Scripting, AWS.

Client: NTT DATA, Chennai, India Aug 2021 – May 2023 Role: Network Operations Engineer

1. Enterprise Wireless Modernization Project – Cisco & Meraki 2. Data Center Network Refresh & Load Balancing Optimization 3. Global SD-WAN Deployment (Cisco Viptela & Meraki) Description:

Designed and deployed Cisco and Meraki enterprise wireless solutions, including large-scale Aruba WLAN environments, performing Ekahau/AirMagnet site surveys, controller upgrades, SSID design, and onboarding troubleshooting to ensure seamless user connectivity. Implemented QoS policies to prioritize VoIP and video traffic, significantly reducing jitter and call drops in 24 7 call center environments. Engineer hybrid cloud connectivity across AWS and Azure using VPC peering, Transit Gateway, VPN, and ExpressRoute. Architected and managed Azure VNets, VPN Gateways, ExpressRoute, and firewalls, leveraging Terraform for infrastructure automation and consistent deployments. Led enterprise SD-WAN rollouts (Cisco Viptela & Meraki), reducing WAN latency by 35% and improving failover times for business-critical applications.

Strengthened network security by deploying and managing Palo Alto firewalls (Panorama), Cisco ASA/FTD, and FortiGate, including site-to-site and remote access VPNs, NAT, ACLs, and application-aware security policies. Implemented Cisco ISE (802.1X) across LAN and WLAN environments to enforce NAC compliance and integrated Zscaler ZIA/ZPA with Azure Active Directory for Zero Trust Network Access. Monitored and responded to threats using Fort Analyzer, Zscaler ZDX, and integrated threat intelligence feeds. Configured and maintained BGP, OSPF, and EIGRP routing across multi-site MPLS and DMVPN WANs, including IPv6 addressing and dual-stack migrations. Administered enterprise switching and routing platforms including Cisco Catalyst, Nexus 7K, ASR 9K, and ISR platforms. Supported data centre load balancing using F5 LTM/GTM, configuring WIDE IPs and traffic pools, and led a zero-downtime migration from NetScaler to F5. Responsibilities:

Design and Implementation Cisco/Meraki Enterprise Wireless solutions for corporate infrastructures.

Worked in Enterprise and Data center environment on switching, routing, firewalls (Site to Site VPN tunnels) and VOIP. Worked on Different VOIP systems on network.

Worked on Cisco Wireless. Worked on Load balancers in Data center for internal and external applications.

Worked on upgrading Aruba controllers and Access points in troubleshooting the onboarding devices with the networks.

Hybrid cloud connectivity across AWS and Azure using VPC peering, TGW, VPN, and ExpressRoute.

Spearheaded enterprise SD-WAN rollout (Viptela & Meraki) reducing latency by 35% and improving failover time.

Automated baseline config management and deployment using Python and Ansible, cutting deployment time in half.

Deployed and managed Palo Alto firewalls with centralized Panorama policies and application-layer visibility.

Led Cisco ISE deployment for 802.1x authentication across LAN and WLAN, improving NAC compliance.

Collaborated with security and app teams to enforce Zero Trust segmentation in data centers and cloud environments.

Configured and maintained BGP, OSPF, and EIGRP routing across a multi-site MPLS and DMVPN WAN.

Implemented QoS for VoIP and video traffic, reducing call drops and jitter in a 24x7 call center.

Deployed and monitored wireless networks with Cisco WLCs and Aruba Mobility Controllers, conducting Ekahau surveys.

Administered Cisco ASA and FTD firewalls, including remote access VPN, NAT, and ACL policies.

Produced detailed network documentation and Visio diagrams for internal audits and compliance reviews.

Configured SSL and IPsec VPNs on FortiGate firewalls to provide secure remote access and establish site-to-site connections.

Experience with Zscaler cloud proxies ZIA and ZPA. Worked on setting up tunnels to Zscaler ZENS, zero trust network access.

Configuring Aruba Wireless Controllers 3400, 7030 and AP’s 105, 325.

Proficient in designing, implementing, and optimizing network architectures in Azure cloud platform along with Terraform including Virtual Networks, ExpressRoute, VPN Gateway, and Firewalls

Architected and managed Azure Virtual Networks (VNets), including VPN Gateways and ExpressRoute connections, to support hybrid cloud environments.

Experience with Aruba WLAN infrastructure in large scale global deployments.

Monitored network security using Forti Analyzer, identifying and responding to security incidents in real-time.

Integrated Zscaler with identity providers such as Azure Active Directory (AAD) for seamless user authentication and access control.

Implemented and managed Zscaler Secure Web Gateway to enforce security policies and protect against web- based threats.

Experience in Configuring and monitoring Zscaler ZDX dashboards to track application performance metrics, such as latency, packet loss, and throughput.

Configured and maintained Cisco Wireless LAN Controllers and Aruba systems, deploying APs, SSIDs, and upgrading WLCs for optimized wireless networks.

Customized FTD rules for specific applications and services to enhance network security posture

Integrated threat intelligence feeds with FortiGate firewalls to enhance threat detection and implemented proactive mitigation strategies.

Automated network configuration and management tasks, including VPCs, subnets, security groups, load balancers, and VPNs, using Terraform scripts.

Designed perimeter security policy, Implemented Firewall ACL's, allowed access to specified services, Configured Client VPN technologies including Cisco's VPN client via IPSEC.

Installed and configured LAN/WAN Networks, Hardware, Software, and Telecommunication services- Cisco Routers and Switches like Cisco 3750, 3750 Gig, 6500, Nexus 7k, ASR 9k etc.

Implementing IPv6 addressing scheme for routing protocols, VLANS, subnetting and mostly during up gradation of cisco ISR routers2800/2900/3800/3900 and switches.

Configuration and deployment of cisco ASA 5540 firewall for internet Access requests for servers, Protocol Handling, Object Grouping.

Configured WIDE IP and WIDE IP pool on F5 GTM’s to support load balancing between data centers.

Installation & configuration of Microsoft Proxy Server 2.0 and Infoblox DNS, DHCP and IP Address Management.

Experience with wireless survey tools (Air Magnet or Ekahau Site Survey).

Worked on Infoblox to update the DNS host and A records to assist the part of the migration.

Coordinating along with Global data center teams located at different locations and working along with them for troubleshooting layer 2 issues.

Migration from NetScaler’s to F5 without any downtime. Environment: Routers (Nexus 1K, 5K,7K, Juniper MX-960), switches (6500/3750/3550 3500/2950), F5 Load balancing

(LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, BGP, VPN, Unified Contact Center Enterprise (UCCE), MPLS, Cisco Catalyst Switches, Fortinet Equipment, Firewalls (Cisco ASA, Palo Alto), Cisco Voice (CCM, UCCE, UCCX), Citrix, Azure. INTERNSHIP: - Illinois Institute of Technology, Chicago (11/2023 – 08/2024) 1. Support Network Operations

Assist with daily network operations and monitoring to ensure uptime and reliability.

Help troubleshoot basic network issues and escalate complex problems to senior engineers.

Monitor network performance metrics (e.g., latency, throughput, error rates) using tools like SNMP- based dashboards.

Diagnose connectivity issues within LAN/WAN environments. 2. Configure and Maintain Network Devices

Install, configure, and maintain network hardware such as routers, switches, firewalls, and wireless access points.

Work with VLANs, TCP/IP settings, DHCP, DNS, and basic routing protocols under guidance.

Support routine network maintenance tasks including firmware updates and device reboots. Participate in structured training or lab exercises to strengthen networking fundamentals (e.g., OSI model, TCP/IP, Cisco/Meraki basics).

Education Qualifications:

Master of Information Technology 08/2023 – 05/2025 Illinois Institute of Technology, Chicago, IL, USA Bachelor of Technology (B.Tech) in Computer Science 09/2019 – 03/2023 Bharath University, Chennai, India



Contact this candidate