Network Security & Infra Engineer - SD-WAN, Zero Trust, Cloud

Deva Datti

+1-217-***-**** **********@*****.*** Portfolio

Summary

Network Security and Infrastructure Engineer with 3.5 years of experience implementing and maintaining enterprise and hybrid cloud networks in healthcare and global delivery environments. Skilled in SD-WAN migrations, Palo Alto and Cisco firewall management, and Zero Trust access with Cisco ISE, with expertise monitoring performance, troubleshooting data and voice services, and optimizing network reliability. Proficient in routing and switching, wireless LAN, SIEM monitoring, and automation with Python and Ansible, with strong documentation skills and collaborative support in fast-paced operations. Skill

• Core Networking & Routing: TCP/IP, IPv4/IPv6, LAN/WAN, Subnetting, Trunking, VLANs, STP, EtherChannel, QoS, OSPF, BGP, EIGRP, HSRP, SD-WAN, DHCP, DNS

• Enterprise Network Infrastructure: Cisco Routers, Catalyst & Nexus Switches, Wireless LAN Controllers, Aruba Wireless, Load Balancers (F5), Cisco DNA Center, Juniper Router And Switch Hardware

• Network Security & Firewalls: Palo Alto Networks (PAN-OS), Cisco ASA/Firepower, Fortinet FortiGate, iptables, NAT, ACLs, IDS/IPS, IPSec & SSL VPN, ZTNA, Cisco VPN Concentrator, PaloAlto Firewall

• Identity, NAC & Zero Trust: Cisco ISE, Forescout NAC, 802.1X, RADIUS, TACACS+, MFA, AD/GPO, Zero Trust Architecture

• Cloud & Hybrid Networking/Security: AWS VPC, Transit Gateway, Direct Connect, Route Tables, Security Groups Azure NSGs, VPN Gateway, ExpressRoute Cloudflare Gateway, SASE, CASB

• Monitoring, SIEM & Troubleshooting: Splunk, IBM QRadar, AlienVault OSSIM, SolarWinds NPM, PRTG, Wireshark, Nagios, NetFlow, Syslog, Cisco SecureX

• Wireless & Voice: Cisco Wireless LAN Controllers, Secure WLAN, VoIP Policies, Cisco Call Manager, VoIP

• Automation & Infrastructure as Code: Python (log parsing, rule validation), Bash, PowerShell, REST APIs, Terraform, Ansible

• Vulnerability, Tools & Platforms: Nessus, Nmap, OpenVAS, Postman, Git, ServiceNow, Jira

• Compliance & Documentation: ISO 27001, NIST 800-53, SOC 2, CIS Benchmarks, MITRE ATT&CK Network Diagrams, Cabling Maps, Runbooks, Audit Logs, Visio, Lucidchart

• General IT Skills: IT Infrastructure, Networking Solutions Professional Experience

CVS Health Feb 2025 - Present

Network Security Engineer US.

• Migrated the Charleston site from MPLS to a secure SD-WAN networking solution, configuring Palo Alto firewalls and IPSec VPNs to AWS Transit Gateway, reducing latency by 35% and improving application reliability.

• Implemented Cisco ISE with 802.1X NAC to restrict network access to authorized pharmacy tablets and WOW devices, isolating sensitive VLANs and reducing unauthorized access incidents by 40%.

• Hardened hybrid IT infrastructure and cloud environments by managing Azure NSGs and AWS Security Groups, using Splunk and Cisco SecureX to correlate Syslog and NetFlow data for faster threat detection.

• Optimized Cisco Wireless LAN Controllers and Aruba access points, applying QoS policies to prioritize VoIP and clinical traffic, ensuring stable connectivity during peak usage while limiting guest Wi-Fi impact.

• Automated firewall rule validation and configuration updates using Python scripts and Ansible across Fortinet and Cisco ASA devices, supporting rapid releases while maintaining compliance with HIPAA, NIST 800-53, and SOC 2.

• Supported hybrid network infrastructure across on-premises and cloud environments (AWS/Azure), assisting with LAN, WAN, and Wi-Fi connectivity while maintaining secure cloud networking and firewall configurations; applied strong technical skills in troubleshooting, optimization, and documentation to ensure reliable and scalable network operations.

• Collaborated with senior engineers and cross-functional teams to deliver network solutions, contributing to automation and Infrastructure as Code initiatives; gained hands-on experience with Cisco and Aruba technologies while expanding scope, ownership, and technical depth in a high-growth, market-leading environment.

• Participated in network performance tuning, issue resolution, and continuous improvement efforts, demonstrating strong collaboration, team collaboration, and problem-solving skills; supported hiring initiatives and knowledge sharing while building expertise in cloud networking, security, and enterprise infrastructure operations. Wipro Jun 2020 - Nov 2022

Network Engineer Hyderabad, India

• Configured and maintained Palo Alto and Cisco ASA firewalls, implementing granular ACLs and NAT rules to safeguard sensitive client IP while supporting fast-paced digital platform deployments.

• Managed WAN routing across multiple international locations using BGP on Cisco and Juniper routers and SD-WAN networking solutions, applying QoS policies to prioritize critical traffic and reducing congestion during peak business hours by 25%.

• Monitored overall performance of IT infrastructure and enterprise network using SolarWinds, Splunk, and NetFlow, proactively

• Foundations of Cybersecurity

• Play It Safe: Manage Security Risks

identifying latency and packet loss issues before they affected application availability or delivery timelines.

• Upgraded campus backbone using Cisco Nexus and Catalyst 9000 switches, refining VLAN segmentation, trunking, and STP to support growing VoIP and video usage, improving network stability by 30%.

• Built Python and Bash scripts to automate configuration tasks and log analysis, reducing manual effort for firewall updates and audit preparation while improving consistency across network environments Projects

Zero Trust Network Transformation

• Designed and implemented a secure SD-WAN architecture to replace legacy MPLS, integrating Palo Alto firewalls and site-to-site IPSec VPNs with AWS Transit Gateway for encrypted hybrid connectivity.

• Enforced Zero Trust principles via Cisco ISE and 802.1X for device-level access control across segmented VLANs, and hardened cloud workloads using AWS Security Groups and Azure NSGs with continuous monitoring through Splunk and NetFlow telemetry. Global Network Infrastructure Optimization & Security Hardening

• Modernized enterprise networks across international sites by upgrading Cisco Nexus and Catalyst 9000 switches, optimizing BGP routing and SD-WAN policies to enhance performance and resilience.

• Prioritized VoIP and critical business traffic with QoS policies, strengthened perimeter security through Palo Alto and Cisco ASA firewall rule design, and automated config deployments using Python and Bash with proactive monitoring via SolarWinds and Splunk.

Certificates

Education

Eastern Illinois University Jan 2023 - Dec

2024

Master of Science, Computer Technology Charleston, IL

Osmania University Aug 2018 - Jul

2022

Bachelor of Engineering, Electrical & Electronics Engineering Hyderabad, India

Contact this candidate