Home

medapati sai chand - network engineer

[email protected]

Location: Chicago, Illinois, USA

Relocation:

Visa:

Resume file: MEDAPATI_network_engineer_1756306956367.pdf Please check the file(s) for viruses. Files are checked manually and then made available for download.

SAI CHAND [email protected] | 630-635-3466 | linkedin.com/in/msaichand SUMMARY Dynamic Senior Network Engineer with over 10 years of experience architecting, deploying, and managing secure, scalable, and highly available network infrastructures. Specialized in alarming architecture, automation development, and observability solutions, leveraging tools like Prometheus, Grafana, and Ansible to optimize network performance and reliability. Proficient in designing hybrid-cloud solutions (AWS, Azure) and modernizing legacy networks with EVPN/VXLAN and SD-WAN. Expert in implementing zero-trust security frameworks with Palo Alto firewalls and Cisco ISE, ensuring compliance with PCI-DSS, HIPAA, and GDPR. Adept at automating network provisioning, monitoring, and troubleshooting using Python, Terraform, and CI/CD pipelines, with a strong focus on collaboration, production support, and comprehensive documentation. PROFESSIONAL EXPERIENCE T-Mobile Remote | Senior Network Engineer | Oct 2023 Present Project: Enterprise Hybrid-Cloud Network & Security Overhaul Objective: Architect a secure, high-performance hybrid-cloud network connecting on-premise data centers with AWS and Azure, enhancing security with zero-trust, optimizing application delivery, and automating provisioning. Designed and deployed a hybrid-cloud network fabric integrating on-premise data centers with AWS and Azure, utilizing AWS Transit Gateway and Azure Virtual WAN for seamless connectivity. Developed alarming architecture with SNMP, Traps, and OIDs, implementing auto-ticketing and alarm correlation rules using SolarWinds NPM and Grafana, optimizing ticket creation to balance efficiency and coverage. Engineered a zero-trust security model with Palo Alto firewalls and Cisco ISE for micro-segmentation and 802.1X access control, integrated with Panorama for centralized threat management. Automated network provisioning and configuration using Terraform, Ansible, and GitHub Actions CI/CD pipelines, reducing provisioning time by 70% and ensuring compliance with security standards. Implemented observability solutions with Prometheus, Grafana, and ELK Stack for metrics collection, log aggregation, and anomaly detection, reducing MTTR by 30% through proactive monitoring. Provided 24/7 production support for alarming and automation platforms, resolving critical incidents to maintain service reliability. Collaborated with DevOps and SRE teams to integrate telemetry data into CI/CD workflows, enhancing network observability and self-healing capabilities. Documented automation workflows, observability dashboards, and training materials, enabling team adoption of monitoring tools and best practices. LAHD Los Angeles, CA | Network Architect | April 2021 Sep 2023 Project: City-Wide SD-WAN Deployment & Secure Multi-Cloud Transit Objective: Replace legacy MPLS with Cisco SD-WAN, centralize security via Aviatrix, and enhance observability for 100+ municipal sites. Led the migration from MPLS to Cisco SD-WAN across 100 sites, increasing bandwidth by 3x and reducing telecom costs by 35%. Designed a multi-cloud transit network with Aviatrix, integrating Palo Alto VM-Series firewalls for unified threat prevention and compliance with GDPR and HIPAA. Implemented observability solutions using Grafana, Prometheus, and KQL queries for real-time network health monitoring, reducing incident resolution time by 30%. Developed automation scripts with Python and Ansible for SD-WAN configuration and telemetry data collection, streamlining provisioning and monitoring processes. Established alarm correlation rules and enrichment processes using SNMP and SolarWinds, optimizing ticket creation for efficient incident management. Collaborated with cross-functional teams to integrate observability tools into CI/CD pipelines, ensuring proactive detection of performance issues. Provided production support for SD-WAN and observability platforms, resolving after-hours emergencies to maintain service uptime. Created comprehensive documentation and conducted training on observability tools, enhancing team proficiency in monitoring practices. Goldman Sachs Chicago, IL | Network Engineer | Dec 2018 Mar 2021 Project: Data Center Modernization with EVPN/VXLAN Fabric Objective: Modernize data center with EVPN/VXLAN, enhance security, and automate compliance for low-latency trading applications. Deployed an EVPN/VXLAN leaf-spine fabric using BGP, eliminating Spanning Tree Protocol and enabling active-active connectivity for trading applications. Implemented observability with SolarWinds NPM, NetFlow, and Prometheus, providing deep visibility into traffic patterns and proactive bottleneck detection. Automated compliance checks for PCI-DSS using Python and Ansible, reducing audit preparation time by 60% and ensuring adherence to security standards. Configured Cisco ISE for 802.1X access control and micro-segmentation, integrating with FortiGate firewalls for enhanced security. Developed automation scripts for configuration validation and telemetry collection, improving network reliability and observability. Supported production environments by troubleshooting complex network issues and maintaining alarming systems for rapid incident response. Documented automation processes and observability metrics, training team members on monitoring tools and best practices. CSS CROP HYD | Network Engineer | Feb 2015 Sep 2018 Project: Enterprise Campus Network Refresh and Expansion Objective: Refresh campus LAN for 3,000+ users, implementing scalable infrastructure and observability solutions. Designed a three-tier LAN architecture supporting 3,000+ users, with OSPF and BGP for high availability. Developed automation scripts using Python and Ansible for switch configuration and backup, improving disaster recovery readiness. Implemented QoS policies for VoIP and video conferencing, enhancing user experience. Deployed SolarWinds NPM for performance monitoring and alarm management, optimizing ticket creation with SNMP-based rules. Provided production support for network infrastructure, resolving connectivity issues and maintaining observability tools. Documented network configurations and monitoring processes, training staff on telemetry practices. EDUCATION Bachelor of Technology Amrita School of Engineering, 2012 2016 CERTIFICATIONS Cisco Certified Network Professional (CCNP) Cisco Certified Network Associate (CCNA) SKILLS Cloud Platforms & Services: AWS: VPC, Transit Gateway, Direct Connect, Route 53, AWS Shield, AWS WAF, CloudWatch Azure: Virtual WAN, ExpressRoute, Azure DNS, Azure Firewall, Azure Sentinel GCP: Cloud Interconnect, Cloud DNS, Cloud Armor General: Kubernetes Networking (Calico), Infrastructure as Code (IaC) Network Architecture & Design: Data Center: Leaf-Spine, EVPN/VXLAN, Cisco ACI WAN/Edge: SD-WAN (Cisco Viptela, Fortinet), SASE, Multi-Cloud Transit (Aviatrix) Services: F5 BIG-IP (LTM, GTM), Wireless Design (Juniper Mist, Aruba) Networking Protocols & Technologies: Routing: BGP, OSPF, EIGRP, Segment Routing Switching: EVPN/VXLAN, MPLS, VLAN, STP, LACP Tunneling & IP Services: IPSec/GRE, DMVPN, IPv6, Multicast, NAT, DNS Redundancy: HSRP, VRRP, BFD Security: Frameworks: Zero Trust, SASE, ZTNA Firewalls: Palo Alto, FortiGate, Cisco Firepower Access Control: Cisco ISE, 802.1X, NAC, Micro-segmentation Threat Management: Panorama, FortiManager, IDS/IPS, DDoS Mitigation Compliance: PCI-DSS, HIPAA, GDPR Automation & Orchestration: Scripting: Python (Netmiko, NAPALM, Nornir), Bash Configuration Management: Ansible, Terraform CI/CD & Version Control: GitHub Actions, Jenkins, Git APIs & Data Models: REST APIs, NETCONF, YANG, JSON, YAML Monitoring & Observability: Tools: Prometheus, Grafana, ELK Stack, SolarWinds NPM, OpenTelemetry Techniques: Metrics Collection, Log Aggregation, Distributed Tracing, KQL, NetFlow Alarming: SNMP, Traps, OIDs, Alarm Correlation, Auto-Ticketing Keywords: continuous integration continuous deployment ffive California Illinois South Dakota