Senior Network Engineer - Security & Cloud Networking
Resume:
ROHIT TADAKAMALLA
Network Engineer
+1-737-***-**** *****.***********.**@*****.*** linkedin.com/in/t-rohit-6b0541221
PROFESSIONAL SUMMARY
Network and security engineer with 6+ years of experience supporting enterprise, telecom, and critical infrastructure networks across data center, WAN, and cloud environments.
Strong expertise in routing and switching protocols including BGP, OSPF, EIGRP, IS-IS, VRF, VLANs, and STP across multi-vendor network platforms.
Experience managing IP/MPLS backbone networks and L3VPN services, delivering reliable connectivity for branch offices, substations, and enterprise customers.
Hands-on experience with SD-WAN technologies including Cisco Viptela, Versa, and Silver Peak for branch connectivity, WAN optimization, and policy-based traffic management.
Practical experience with data center networking technologies including Cisco ACI, Nexus switching, and hybrid cloud interconnects supporting enterprise and analytics workloads.
Skilled in next-generation firewall administration using Palo Alto, Fortinet, Cisco Firepower, and Cisco ASA including rule optimization, segmentation, and firewall migration projects.
Experience implementing secure connectivity solutions including IPsec VPN, SSL VPN, and DMVPN across hybrid enterprise and cloud environments.
Applied Zero Trust security principles using Cisco ISE, Zscaler, and identity-based access controls to secure users, devices, and application access.
Experience working with load balancing platforms including F5 BIG-IP, Citrix NetScaler, and cloud load balancers to improve application availability and traffic distribution.
Hands-on experience integrating AWS, Azure, and GCP networking services including VPC/VNet design, hybrid VPN connectivity, routing policies, and security group alignment.
Experience using automation tools such as Python, Ansible, and Terraform to streamline configuration management, device provisioning, and infrastructure standardization.
Built CI/CD pipelines and Git-based workflows to validate network changes and improve deployment efficiency.
Proficient in network monitoring and troubleshooting tools including SolarWinds, Splunk, Wireshark, Grafana, Prometheus, SNMP, and NetFlow.
Experience supporting enterprise wireless networks using Aruba and Cisco wireless platforms along with Ekahau RF site survey tools.
Comfortable working in 24 7 production environments, handling incident response, root cause analysis, and cross-team collaboration to maintain network stability and service availability.
CERTIFICATIONS
Cisco Certified Network Professional, CCNP.
Fortinet Certified Associate – Cybersecurity.
Certified Threat Intelligence & Governance Analyst, CTIGA.
Palo Alto Certified Network Security Engineer, PCNSE.
EDUCATION
Masters of Science in Information Technology
University of Denver
Bachelor of Engineering in Information Technology
TKR College of Engineering & Technology
TECHNICAL SKILLS
Routers: Cisco ASR 9000, Cisco ISR 4000, Cisco Catalyst 8300/8200, Juniper MX, Arista 7800R, Cisco IR 809/1101
Switches: Cisco Catalyst 9000 Series, Cisco Nexus 7000/9000, Cisco Meraki MS, Arista 7000 Series Data Center Switches
Data Center Technologies: Cisco ACI (Spine–Leaf Architecture), Cisco Nexus 7000/9000, Data Center Fabric Design, VXLAN, EVPN, Spine–Leaf Topology, VPC, MLAG, East-West Traffic Segmentation, Network Micro-Segmentation, High Availability Design, Data Center Interconnect (DCI), Server Load Balancing, Layer 2/Layer 3 Fabric Routing
Wireless & RF: Cisco Wireless LAN Controllers (WLC), Aruba Central, 802.11 a/b/g/n/ac/ax, 802.1X, EAP/PEAP, Ekahau, Airagnet, Cisco DNA Spaces
Routing & Switching Protocols: BGP, OSPF, EIGRP, IS-IS, MPLS, EVPN, VLAN, STP, LACP, HSRP, VRRP, GLBP, VPC, MLAG, SNMP
Security & AAA: Palo Alto, Fortinet FortiGate, Cisco ASA, Cisco Firepower, Check Point, Blue Coat Proxy, Cisco ISE, TACACS+, RADIUS, AAA, IPsec VPN, SSL VPN, NAT, PAT, ACLs, IDS/IPS, URL Filtering
Load Balancers: F5 BIG-IP (LTM/GTM), Citrix NetScaler ADC, A10 ADC, Azure Load Balancer
WAN & SD-WAN: Cisco SD-WAN (Viptela), Versa SD-WAN, Silver Peak SD-WAN, MPLS, L2VPN, L3VPN, VPLS, PPP
Cloud & Data Center Platforms: AWS (Transit Gateway, Direct Connect, NLB), Microsoft Azure (Load Balancer, Traffic Manager, DDoS Protection), Google Cloud Networking, VMware NSX, Cisco ACI, Zscaler ZIA/ZPA
Automation & Scripting: Python, Ansible, Terraform, Jenkins, Git, CI/CD Pipelines, Ansible AWX
Containers & Modern Platforms: Docker, Kubernetes
Monitoring & Network Management Tools: SolarWinds, Splunk, Wireshark, Infoblox, ThousandEyes, NetScout, Grafana, Prometheus, PRTG, Nagios, Zabbix, LogicMonitor, Cisco DNA Center
WORK EXPERIENCE
Network Security Engineer Austin Energy, Austin, TX OCT 2025-Present
Managed and supported a Cisco ACI spine-leaf data center fabric connecting the primary data center with multiple substations, ensuring secure east-west traffic flow for SCADA systems, analytics platforms, and internal enterprise applications.
Operated and troubleshot large scale IP/MPLS backbone networks using BGP, OSPF and IS-IS across Nokia and Juniper routing platforms, delivering stable L3VPN connectivity for remote utility sites and field locations.
Participated in a Cisco Viptela SD-WAN rollout replacing legacy MPLS links, handling device onboarding, policy validation, and performance tuning for branch and substation connectivity while reducing WAN operational costs.
Implemented Zero-Touch Provisioning (ZTP) for branch routers and SD-WAN edge devices, enabling faster onboarding of new substations and reducing manual configuration effort during rollouts.
Administered Palo Alto and Cisco Firepower firewalls for hybrid IT and OT environments, implementing rule optimization, segmentation policies, and deep packet inspection for industrial protocols such as Modbus and DNP3.
Performed Cisco ASA to Firepower Threat Defense migrations including pre-checks, rule conversion, change window execution, and post-migration validation with minimal service interruption.
Configured and maintained F5 BIG-IP load balancers for internal dashboards and grid analytics platforms, including SSL offloading, health monitoring, and traffic distribution during peak telemetry demand.
Automated configuration backups, compliance checks, and device provisioning using Ansible AWX and Python, improving configuration consistency across hundreds of network devices.
Supported AWS and Azure network integrations including VPN tunnels, route propagation, and security group alignment for analytics workloads and identity-based access control using Zero Trust principles.
Integrated Zscaler cloud security for remote engineers and third-party vendors, applying web filtering, SSL inspection, and identity-based access controls without exposing internal network resources.
Built monitoring dashboards using Grafana and Prometheus along with SNMP, NetFlow, and syslog feeds to provide proactive visibility into link utilization, latency trends, and device health across substations.
Worked with Cisco ISE for AAA, RADIUS and TACACS+ authentication, implementing role-based access, device profiling, and VLAN segmentation for field engineers and administrative users.
Conducted routing and QoS optimization on Juniper MX and ACX series routers to prioritize control traffic, reduce latency for critical applications, and prevent congestion during peak operational hours.
Used SolarWinds, Splunk, and Wireshark for advanced troubleshooting of packet loss, asymmetric routing, firewall drops, and performance anomalies in both WAN and data center environments.
Contributed to network security hardening initiatives including firewall audits, VPN encryption standard updates, DNS and DHCP management through Infoblox, and proxy filtering improvements using Blue Coat solutions.
Assisted in wireless network management using Juniper Mist and Cisco platforms and performed RF site surveys with Ekahau to validate coverage and optimize access point placement across energy facilities.
Developed and maintained network architecture documentation, configuration baselines, and standardized device templates for routers, switches, firewalls, and load balancers while reviewing network changes to ensure alignment with enterprise design and security standards.
Cloud Network Engineer Dish Networks, Denver, CO OCT-2024 AUG-2025
Supported large-scale cloud networking environments primarily on AWS with hybrid connectivity to on-prem data centers using VPN, Direct Connect, and BGP route propagation to support 5G core services, streaming platforms, and enterprise workloads.
Maintained hybrid connectivity between AWS environments and telecom data centers hosting 5G core and media platforms, ensuring stable routing, secure VPN connectivity, and high availability for critical network services.
Designed and supported Azure and GCP virtual networks with secure site-to-site IPsec tunnels, route tables, and network security groups aligned with Zero Trust access principles.
Configured advanced routing protocols including BGP, OSPF, and VRF segmentation to separate management, user plane, and analytics traffic across multi-region cloud deployments.
Supported Infoblox and BlueCat DNS/DHCP platforms for IP address management, automated subnet allocation, and reverse lookup consistency across development and production environments.
Implemented secure remote access and partner connectivity using IPsec and SSL VPNs, including MFA integration and certificate-based authentication for MVNO partners and external vendors.
Implemented Versa SD-WAN solutions for distributed cloud edges and regional hubs supporting 5G network sites, enabling application-aware routing, traffic steering, and automatic link failover.
Worked with Silver Peak SD-WAN appliances to optimize WAN performance and accelerate application traffic across remote data centers and partner interconnects.
Optimized QoS and traffic shaping policies across WAN edges and virtual routers to prioritize voice, signaling, streaming, and real-time telecom services.
Supported edge networking infrastructure for distributed 5G sites, ensuring reliable connectivity between cloud environments, regional data centers, and telecom edge nodes.
Managed Fortinet FortiGate firewalls across cloud and data center perimeters, performing rule optimization, IPS tuning, and segmentation between management, control plane, and subscriber data networks.
Configured Juniper SRX firewalls for inter-VPC and inter-region segmentation, enabling secure east-west inspection and granular application filtering for containerized telecom workloads.
Conducted firewall migrations from legacy virtual appliances to Fortinet and Juniper SRX platforms, executing staged cutovers, validation testing, and rollback planning.
Assisted in enforcing secure web access and remote connectivity policies using Zscaler ZIA/ZPA, enabling secure access for internal engineering teams and partners.
Deployed and maintained Citrix NetScaler ADC load balancers for customer portals, API gateways, and internal OSS platforms supporting telecom and media services.
Automated network and firewall provisioning using Python and Ansible, generating reusable templates for routers, security groups, and load balancer configurations.
Integrated Terraform into CI/CD pipelines using Jenkins and Git, enabling standardized infrastructure deployments and reducing configuration drift across environments.
Utilized Zero-Touch Provisioning (ZTP) workflows for automated deployment of virtual routers, SD-WAN edges, and firewall appliances across new AWS and Azure regions.
Monitored network and application performance using SolarWinds, Splunk, Prometheus, and Grafana, building dashboards to track latency, packet loss, and attach success rates for telecom and streaming services.
Performed advanced network troubleshooting using Wireshark and packet capture analysis, diagnosing MTU mismatches, TCP retransmissions, asymmetric routing, and performance issues impacting cloud applications.
Assisted with container networking for Docker and Kubernetes clusters, configuring ingress controllers, internal load balancing, and network policies to isolate microservices supporting telecom services.
Integrated Cisco Meraki branch devices for remote offices and engineering labs, configuring Auto-VPN connectivity, VLAN segmentation, and wireless SSID mappings.
Worked with Aruba wireless controllers and access points, tuning RF parameters and authentication policies integrated with RADIUS services.
Conducted wireless coverage validation using Ekahau heatmaps to optimize access point placement and improve signal reliability in office and lab environments.
Supported Cisco ISE for identity-based access and device profiling, enforcing posture validation and dynamic VLAN assignments for internal engineering and contractor access.
Maintained network diagrams, IP addressing plans, and change documentation aligned with telecom compliance requirements and internal operational standards.
Junior Network Engineer/Network Engineer Vodafone, India AUG-2018-JUL-2023
Worked in a 24 7 Network Operations Center supporting large scale telecom and enterprise IP/MPLS networks, continuously monitoring routers, switches and firewalls to maintain service availability for mobile and corporate customers.
Monitored network performance and device health using SolarWinds, PRTG and Nagios, responding to alerts for high CPU, interface errors, packet drops and link instability across access and core layers.
Performed first and second level troubleshooting on Cisco, Juniper and Arista routing platforms using CLI diagnostics, interface checks and routing validation for BGP, OSPF and EIGRP before escalating complex incidents.
Assisted in provisioning enterprise MPLS L3VPN and internet circuits including VRF creation, VLAN tagging, QoS templates and customer edge router configuration following standardized deployment procedures.
Configured and maintained Site-to-Site IPsec VPNs and DMVPN tunnels for enterprise customers, ensuring encrypted connectivity between corporate offices and data centers.
Participated in early SD-WAN pilot projects using Versa and Cisco SD-Access concepts, validating branch connectivity, segmentation policies and traffic steering in controlled environments.
Supported rollout of Cisco Meraki branch networks for corporate offices and partner locations, configuring Auto-VPN, SD-WAN policies, wireless SSIDs and centralized dashboard monitoring.
Implemented and reviewed Access Control Lists and firewall rules on Cisco ASA and Fortinet devices under change management guidelines to enable new services without exposing security risks.
Worked on Aruba wireless controllers and access points for office and regional facilities, handling RF tuning, 802.1X authentication, SSID-to-VLAN mapping and Wi-Fi coverage troubleshooting.
Worked with Blue Coat proxy and web filtering solutions to enforce browsing policies and monitor outbound internet traffic for enterprise customers.
Contributed to Cisco ISE and RADIUS/TACACS+ authentication setups for network device access, enabling role-based login control and improved accountability for configuration changes.
Used Wireshark and packet capture tools to analyze packet loss, latency spikes and TCP retransmissions impacting VoIP calls and enterprise application performance.
Supported VoIP and SIP trunk connectivity troubleshooting by validating QoS markings, jitter, latency and routing paths between call managers and service provider gateways.
Conducted capacity and bandwidth utilization analysis using monitoring tools and NetFlow data to recommend link upgrades before congestion affected subscriber experience.
Tuned QoS policies on backbone routers to prioritize voice, signaling and critical enterprise applications over best-effort data traffic on heavily utilized links.
Coordinated with field engineering teams during BTS, BSC, eNodeB and early 5G node maintenance by validating reachability, routing paths and latency from aggregation routers.
Supported DNS, DHCP and IP address management activities through Infoblox platforms, updating records, subnet allocations and reverse lookups to maintain accurate network inventories.
Assisted in load balancer support using F5 BIG-IP for internal corporate applications, validating pool member health, SSL certificates and traffic distribution during maintenance windows.
Assisted in automation using Python scripts and Ansible playbooks for configuration backups, interface audits and bulk VLAN updates across multiple network devices.
Participated in Azure and AWS VPN connectivity testing for enterprise customers migrating small workloads to cloud environments, validating routing, NAT and security group alignment.
Assisted senior engineers during firewall migrations and router upgrades by performing pre-checks, configuration validation and post-change monitoring for service stability.
Maintained detailed documentation including topology diagrams, port mappings, IP addressing plans and change records to keep operational data audit-ready and consistent.
Reviewed recurring incident patterns and contributed feedback in internal meetings, helping convert operational issues into configuration improvements and standardized deployment templates.
Contact this candidate