Home

Needa Fathima - Senior Network Engineer

[email protected]

Location: Decatur, Georgia, USA

Relocation:

Visa:

Resume file: Needa Fathima - Senior Network Engineer_1764079197516.docx Please check the file(s) for viruses. Files are checked manually and then made available for download.

Needa Fathima Sr. Network Engineer +1 (404) 483-5037 [email protected] Professional Summary: 10 years of expertise in Networking and Security, with extensive hands on experience in network installation, integration, support, and performance analysis across diverse LAN, WAN, and MAN communication systems. Hands on experience working with Cisco routing platforms including the 2500, 2600, 3000, 6500, 7500, 7200, and ASR 9K series and data center environments. Experience with routing protocols including RIP, OSPF, BGP, EIGRP, IS-IS, and MPLS, covering troubleshooting, route filtering, redistribution, and traffic engineering. Implemented Zero Trust, VPNs (SSL/IPSec), IDS/IPS, DLP, and segmentation strategies for compliance driven enterprises. Tuned BGP policies using AS-Path, MED, and Local Preference for path control. Supported Juniper ACX/MX/EX platforms for configuration and routing changes and designed LAN infrastructures using Cisco 4510/4948/4507 switches with uplink design, STP tuning, VLAN segmentation, and high-availability setups. Worked on advanced Layer-2/Layer-3 features on Catalyst 9300 switches including OTV, LACP, VPC peers, and VXLAN for scalable and resilient data center network expansions. Configured VLANs, trunking (802.1Q), inter-VLAN routing, and multilayer switching for segmentation and traffic control in enterprise networks. Worked on Prisma for Monitor cloud security posture, detect and respond to threats, and maintain compliance. Installed and configured Nexus 2000 FEX modules with Nexus 5000 platforms, including vPC, FabricPath, and port-channel design for aggregation and redundancy. Hands on experience with Cisco ASA for VPNs, IPsec, NAT rules, ACLs, multi-context setups, and failover. Experience with Palo Alto firewalls including PA-3060 and 5K series, handling URL filtering, App-ID, SSL Forward Proxy, SSL decryption, Threat-ID, and other security profiles, zone-based segmentation and general policy configuration. Experienced in creating, tuning, and managing WAF policies across Akamai Kona, F5 ASM, and Palo Alto platforms to improve application security, reduce false positives, and maintain compliance. Designed DMZ setups on Cisco ASA 5500 with NAT, access rules, and inspection for web, mail, and FTP services. Managed Palo Alto firewalls, rule creation, Panorama log analysis, application/URL filtering, threat prevention, VPN configuration, and periodic rule reviews and cleanup using Tufin and Splunk to maintain secure and optimized policies. Managed TACACS+ and RADIUS for AAA authentication, device access control, and user-based IPsec/SSL VPN access. Worked on F5 BIG-IP LTM/GTM for load balancing, VIP and health monitor setups, migrations from Citrix ADC, certificate updates, traffic validation, managing F5 ASM policies for application security, signature tuning, reducing false positives. Strong knowledge of ISP routing policies, network architecture, IP addressing/subnetting, ARP, VLSM, TCP/IP, NAT, ACLs, DHCP, and DNS. Developed TCL iRules for URL redirection, header modification, and custom traffic handling. Experience upgrading and configuring Cisco 5508 Wireless LAN Controllers and integrating WLC policies with Cisco ISE for secure wireless access, 802.1X, and posture enforcement. Worked with 802.1X (EAP/PEAP), certificate-based and MAC-based authentication, AP groups, ARM profiles, anchor controllers, AP provisioning, and performed RF tuning across 2.4 GHz and 5 GHz bands (802.11a/b/g/n/ac), with additional exposure to Cisco Meraki cloud platforms. Managed Azure transit firewalls, routing, IPsec VPN tunnels, identity services (Azure AD/Office 365), and storage/backup setups, while deploying IaaS and PaaS workloads into secured VNets and segmented subnets. Designed AWS VPCs and deployed resources such as Amazon EC2, Amazon S3, EBS, IAM roles, RDS, Auto Scaling groups, and security groups as part of cloud migration and expansion projects. Created and maintained CloudFormation templates for automated deployment of AWS infrastructure, including VPC builds, instance deployments, and networking components. Built automation scripts using PowerShell and Python for monitoring tasks, configuration checks, and generating operational and compliance reports. Managed large, distributed networks using Meraki, FortiManager, and Zscaler platforms, handling wireless deployments, centralized firewall administration, security policy updates, identity integrations (Azure AD/Office 365), WAF/ASM configurations, and supporting secure access through Citrix ADC, cloud proxies, and web/email security gateways. Worked across multiple SD-WAN and SDN solutions including Cisco iWAN, Meraki, SilverPeak, VeloCloud, Versa, and Cisco ACI, supported major WAN migration projects, large-scale PoC testing for 2,000+ sites, and built scalable fabric designs using VXLAN, VTEPs, Bridge Domains, and Application Profiles. Technical Skills: Router and VoIP Platforms & Network Configuration Cisco ASR9K, 7300, ISR-4000/3800/2000/1900; Juniper MX and ACX series; Arista 7000series. Advanced IOS configuration including ACLs, route redistribution, IPv4/IPv6, HSRP/VRRP. Routing Protocols RIP, EIGRP, IGRP, OSPFv2/v3, IS-IS, BGPv4, MP-BGP, MPLS, Static routing, ICMP, ARP, HSRP, VRRP. Switch Platforms and switching protocols Cisco Catalyst 2960, 3650, 3850, 4500, 6500, 6880, 7000; Nexus 2K/3K/5K/7K/9K; Juniper EX3300/EX3400/EX4300/EX4600, QFX; Aruba 2000/3000 series. Technologies: VLANs, VTP, STP, RSTP, PVST+, Multicast, 802.1Q, EtherChannel (PAgP/LACP), MAC, CDP, HDLC, RARP, Multi-layer switching. Cisco Routers Cisco ISR-1000, ISR-4000, ASR-1000, ASR-9000, ASR-5500, Meraki vMX100; Juniper T4000, MX10, MX40, ACX2200, ACX5000. Firewall Platforms and security protocols Cisco ASA/PIX/FWSM/ASDM, Cisco FirePOWER, Palo Alto, Check Point, IDS/IPS, Blue Coat Proxy, Akamai CDN, DHCP Snooping, Port Security, IP Source Guard, Standard/Extended ACLs. Network Management and Monitoring Ekahau, AirMagnet, LogicMonitor, Wireshark, Infoblox, HP OpenView, Cisco Prime, Splunk, SolarWinds, Cisco SDM, CiscoWorks, TCPdump, NetScout, NPM, NCM, SAM, IPAM, Additional Polling Engine. Load Balancers and Proxies F5 BIG-IP LTM (2000/3900/6400/6800), GTM, iRules; Citrix NetScaler; McAfee Web Gateway; Zscaler Proxies; Blue Coat Web Security. WAN Protocols and SD-WAN technologies HDLC, PPP, MPLS, DS1, DS3, OC3, T1 /T3 lines, SONET OC3-OC192, SDH, POS, PDH MPLS, ISP Leased Lines, SONET, Viptella, Versa. Circuit switched WAN -T1/E1 T3/E3/OCX Other Networking Protocols and Fundamentals DHCP, DNS, Active Directory, NTP, NDP, TCP/UDP, SNMP, SMTP, SIP, PAP, PPTP, FTP/TFTP, NHRP, NetBIOS, NFS, HTTP, Radius, TACACS+, PBX systems, SDN, IPv4/IPv6. Wireless and Radius Technologies Cisco APs, Cisco Meraki, Cisco Prime, AirMagnet, AirWatch, Cisco WLC (8510/5508/5706), Cisco Aironet (2600/3600/3700), Aruba APs and controllers (225, 3000, AirWave), Cisco ISE, MSE, ClearPass; 802.11a/b/g/n/ac. Scripting and Cloud Computing Python scripting, Ansible and TCL (F5), AWS, Microsoft Azure, Cisco Meraki, C++, Cloud Migration Professional Experience: JPMC, Atlanta, GA Oct 23 Till Date Sr. Network Engineer Responsibilities: Manages LAN/WAN/WLAN issues and helped deploy Cisco routers and switches in the data center. Asset new VLANs and extend existing VLANs between data centers to maintain connectivity and segmentation. Configure and maintain VPNs, firewall policies, and NAT across Cisco ASA, Palo Alto, and Fortinet environments. 24x7 on-call escalation support as part of the security operations team Work with data center teams to review cabling needs and plan connectivity for network equipment. Support core network tasks including creating, managing VLANs, port security, trunking, RPVST, inter-VLAN routing, and general LAN security. Support Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) for secure remote and web access. Design SD-WAN (Versa) and LAN optimization technologies for efficient application data delivery across LAN/WAN. Set up Hyper-V virtual networks to separate virtual traffic from the physical network and simplify VM provisioning. Manage ASA firewall configurations and assist in migrating hardware from PIX to ASA. Configure FWSM modules on Cisco 7600 routers to consolidate firewall management and reduce operational overhead. Knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers. Configure ASA 5520/5500to ensure high-end security on the network with ACLs and Firewall. Work with Cisco Catalyst 4500, 4900 switches and Cisco 2800, 3600, 3800, 7200 7600 series Routers. Configure PVSTP for loop prevention and VTP for Inter-VLAN Routing. Install Cisco WAAS device 4451-X for acceleration of TCP-based applications, and Cisco's Wide Area File Services WAFS in a single appliance and to preserve and strengthening branch security Work with EIGRP and BGP routing, supported network design, DNS, subnetting, and TCP/IP, and deployed Nexus 2000, 5000, and 7000 series switches. Work on commissioning and decommissioning of the MPLS circuits for various field offices POPs. GRE tunnelling Site-to Site VPN configuration between other two sites in USA. Develop and deploy Infrastructure as Code (IaC) using Terraform and CloudFormation, streamlining resource management and deployment processes. Manage Cisco Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations Creating automated scripts using Python language and manual testing to enhance hardware performance. IP Allocation Maintenance for users and other needs throughout company. Configure and manage OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding and also configured OSPF over frame relay networks for NBMA and point to multipoint strategies. Support AWS cloud connectivity using VPCs, Transit Gateways, and Direct Connect integration. Implementing and managing traffic engineering on top of an existing Multiprotocol Label Switching MPLS network using Frame Relay and Open Shortest Path First OSPF. Manage F5 BIG-IP LTM/GTM load balancers for global and local traffic distribution, handled LTM-6400 implementations, and support on-call IPsec VPN setups across multiple business lines. Convert P2P circuits to MPLS and manage MPLS circuit turn-ups and removals for branch sites. Assist in validating DPDK/VPP-based data path performance during testing and optimization activities. Hand multi-area OSPF issues and implemented BGP routing with OSPF BGP redistribution. Experience in Layer 2 switching tasks including VLANs, VTP, STP/RSTP/PVST/RPVST, EtherChannel (LACP/PAgP), and troubleshooting inter-VLAN routing. Member of a team in planning, design, capacity management, and budget approvals for switching, Ethernet over SONET, Ethernet over DWDM, fiber network including spur closures, and other infrastructures. Assist in EPL, EVPL, ELINE And ELAN design and provisioning based on MPLS LDP, RSVP and TLDP Manage multi-domain/multi-platform networks comprised of 33 multi-platform server Solaris 11, Windows Server 2003, 2008, and 75 Windows-based clients XP, 7 I was proficient in Python scripting for automation and participated in the Cisco DNA Voucher Operations Program. Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience Configure and support software such as Webmetrics, Cfengine, Citrix NetScaler Prepare the SA, NMTP, and NMVT documents and worked with dev, test, and ops teams to deliver a smooth upgrade. Also handled the network management validation testing. Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network. Environment: Cisco ASA 5520, 5505, BIG-IP LTM 6400, Nexus, STP, RSTP, VTP, HSRP, Port-Channel, Ethernet over SONET, Ethernet over DWDM BGP, OSPF, EIGRP, PPP, HDLC. SNMP, DNS, DHCP, Hyper-V Networking, Checkpoint, RIP, Nexus 2K, 5K, 7K.s, EPL, EVPL, ELAN, NMTP, NMVT. UPS, Parsippany, NJ Jul 21 Sep 23 Sr. Network Security Engineer Responsibilities: Worked on network security architecture, design, and troubleshooting across Cisco ASA, Firepower/FTD, FXOS, and Palo Alto firewalls with Panorama in a multi-vendor environment. Deployed new ASA firewalls for branch sites using NIST security guidelines and maintained multi-context ASA setups in DMZ environments, including contexts, sub-interfaces, ACLs, and access groups. Upgraded Cisco ASA firewalls to 9.6 with zero downtime and supported daily firewall policy changes, VPN updates, and troubleshooting. Maintained organizations wide firewalls which include Cisco ASA s, FTD, FXOS and Palo Alto. Managed remote access VPN using Pulse Connect Secure, including MFA setup, upgrades, and HA deployments across two data centers with Citrix load balancers and GSLB. Upgraded all the Cisco firewalls from lower versions to 9.6 Image without causing any down time. Designing, implementing, maintaining and troubleshooting organization wide Remote Access VPN with Juniper s Pulse connect secure. Implemented Zscaler (ZIA/ZPA) for secure Internet and private application access, configured policies, SSL inspection, and user authentication. Supported testing of VPP/DPDK-based virtual network functions (VNF) in a lab and production environment. Worked on Pulse connect secure with MFA Authentication Manager for multifactor authentication using soft tokens. I Was part of the project moving the networks from Fabric Path to Cisco ACI (Application Centric infrastructure. Skilled in troubleshooting site-to-site and remote VPNs, ACL issues, latency, and asymmetric routing on Cisco ASA using built-in tools and Splunk. Upgraded Pulse connect secure hardware on PSA 3000 and PSA7000f from 8.3R7.2 to 9.0R1 with very minimal down time using active/passive and active/active configurations. I was part of the design implementation and maintaining Pulse connect secure environment both Test and Prod. This includes upgrading the Pulse secure devices at one data center in active/passive mode and configuring them as Active/Active devises as per the requirement due to increase in number of users because of Covid. I was part of team in designing, configuring and maintaining two data center HA implementation for four Pulse devices from scratch using Citrix Load balancers and Citrix GSLB. Single handedly maintained organization wide remote access VPN using Pulse Connect secure. Used Splunk to investigate different access issues related to firewalls access, VPN connection issues (SSL) Worked on creating policies, troubleshooting access issues monitoring and maintaining Cisco Firepower FMC version 6.0.0 and newer. Designed and implemented cloud infrastructure solutions using AWS, Azure, and Google Cloud Platform to improve scalability and performance. Deployed and tuned IDS/IPS, ACLs, and NAT in production environments for secure traffic control. Worked on IPSec tunnels, SWG rules, and IDS/IPS profiles across enterprise WAN. Hands on experience using Splunk, SolarWinds Orion, etc. for log monitoring, device management and deployments on large number of devices at the same time. Monitored and analyzed network traffic and DPI reports to maintain performance standards. Hands-on experience working with different ticketing tools like Cherwell, Service now etc. Experience working Infoblox for Ip address management. Reserving IP and Subnets. Experience working with Microsoft authentication manager. Environment: Cisco ASA 5506,5507,5585. Pulse Secure PSA 3000 PSA 7000F. Microsoft Authentication manager. Splunk. Cisco Firepower FMC series appliances. Firewalls. windows server 2003/2008, Linux. ACL s, Remote VPN (SSL), NAT, PAT, Site-to-Site VPN. Scholastic Corporation, Manhattan, NY Apr 20 May 21 Network Engineer Responsibilities: Managed and configured Cisco switches and routers, implementing IP, EIGRP, OSPF, and multi-protocol routing across multi interface Cisco platforms. Supported Palo Alto firewalls, Cisco ASA, and VPN policies for secure connectivity between remote offices. Configured and supported firewalls, VPNs, and SWG access policies for secure branch connectivity. Configuring BGP/OSPF routing policies, designs and worked on implementation strategies for the expansion of the MPLS VPN networks. Experience in Enterprise Brocade Storage Switches and Routers Hands on experience with troubleshooting and configuring terminal servers. Providing Technical Support and solutions for Network Problems. Implemented and monitored IPsec site-to-site VPNs, managed user accounts in partner environments, and supported Cisco switching, routing, IP addressing, and WAN configurations. Hands on using crimp tools, punch down tools to punch cables to the 110 data/voice blocks. Communicating and escalating tickets with service providers for network outage issues. Monitoring Network infrastructure using SNMP tools HP NNM, Solar-winds. Coordinating with Security team for NAT configuration and troubleshooting issues related to access lists and DNS/DHCP issues within the LAN network. Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues. Manual testing of L2 protocols such as STP, RSTP and checking whether they work properly on switches. And then configuring the VLANS on Cisco switches. Supported DPI and QoS policy tuning to optimize network utilization. Deployed the Fabric interconnect, blade servers, mezzanine card on the UCS chassis. Install and monitor application traffic using network protocol monitoring tools such as NTOP or Wireshark to analyze network usage and bandwidth and run diagnostic programs to resolve problems. Worked on MPLS for redirecting data from one network node to another node based on shortest paths. Perform the traffic analyze using cisco net flow collector. Implemented Infoblox DNS, DHCP, and IPAM (DDI) for network management. Worked with security teams on IDS/IPS configuration and incident response support. Worked with F5, A10, CISCO ACE 4710 Load balancers, GSS and Wireless networks. Deployed Cisco Catalyst 7509, 6500, 4500, 4000, 3750, 3850, 3560 (Layer 2 through 7). Installed and monitored extreme networks S-series, 7100 stackable switches and E4G-400, 1800 router to support VMware machines in NCFAST. Experience in working with Nexus OS, IOS, CATOS and Nexus 7K, 5K & 3K Switches. Worked and working with Cisco ASA 5525 firewalls with current and demonstrated expertise with ACL security in a multi-VLAN environment. Troubleshoot network Topology specifying the whole infrastructure for wireless LAN that includes access points, Distributed system switch, wireless LAN controllers. Worked with ITIL (Information and technology information library) for managing our services. Knowledge of with APIs for troubleshooting Network issues using Wireshark and NTOP. Configuration of static NAT, dynamic NAT and dynamic NAT overloading. Worked with Infoblox for secure DNS, DHCP and IPAM. Support for tier 2, tier 3 issues and troubleshooting on DNS entry into Infoblox Implementation of Cisco 3750, 3850 switches and Cisco 3900 and ASR 1000s routers to new sites. Involved in complete LAN, WAN, Extranet redesign (including IP address planning, designing, installation, pre-configuration of network equipment, testing, and maintenance) in both Campus and Branch networks. Worked with Nexus 7010/5020 series and configured Nexus 2000 FEX modules as remote line cards for Nexus 5000 deployments Used SolarWinds and Wireshark for traffic analysis and troubleshooting network latency issues. Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design. Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls. Configuring ASA Firewall and accept/reject rules for network traffic. Provide Tier III Level Load Balancer expertise on F5 Big IP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 Big IP Load Balancers. Packet capturing, troubleshooting network problems with Wireshark, identifying and fixing problems Performing network monitoring, providing analysis using various tools like Wireshark, Solar winds etc. Environment: Palo alto, Checkpoint, ASA, Tufin, Splunk, F5 LTM, GTM, ServiceNow, Panorama, SNMP, SSL, Wireshark, VPN, URL filtering, Log monitoring, Splunk hit count, NAT, Data filtering, Juniper, IPSEC. Syntel Inc, India Aug 18 - Mar 20 Network Engineer/Data Center Responsibilities: supported in configuration of routing protocols like MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Analyze packets using OpNet and Wireshark tools and hands on experience on all software blades of Cisco ASA firewall. Supported the design, development and implementation of the Riverbed Steelhead and Interceptor architecture for WAN optimization. Configured VPN, clustering and ISP redundancy in Cisco ASA firewall Configured, maintained and troubleshooting IPS and IPS-1 in Cisco ASA Configured redundant interfaces, DHCP server, DHCP relay, NTP settings, and sub interfaces on firewalls. Worked on the migration of Frame Relay based branches to MPLS based VPN for customer's WAN infrastructure Configured and Worked with BGP, OSPF protocols in MPLS Cloud and Cisco IOS XR. Providing daily network support for national wide area network consisting of MPLS, VPN and point-to-point site. Configure CSM (Cisco Security Manager) for all Firewall, IDS/IPS management in the network. Perform SSL Offloading on LTMs and web accelerators with 2048-bits VeriSign certificates. Also, renewing certificates to ensure the security of websites. Worked on Cisco ACE load balancers. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability. Supported network diagrams utilizing OpNet Net Mapper and Visio2003. Utilized CA NetQoS monitoring tools to maintain and perform RCA for network management. Installed and monitored performance of wired and wireless networks to maximize operations. Used various tools from SolarWinds, Wireshark, tshark, OpNet, Riverbed to capture network packets and Netflow and SNMP based information to analysis application and network based performance issues. Commissioning and Integration of other nodes with Core and Edge routers in the network (cisco and juniper). Administration of network devices in WAN, LAN, WLAN, Internet Gateways and Data Center for cisco and juniper environment. Configured Admin and User Realms, Roles, Resource Profiles, Sign-in Policies and monitored User logs on Juniper IVE Experience working with Nexus 9000, 7010,7018, 5020, 2148, 2248 devices. Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus devices. Installed & Configured: Cisco Routers: 3600, 2600, 2500, Catalyst Switches: 6500, 5500, 3550, and 2900s and Nexus 9K, 7K, 5K and 2K switches. Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 9K, 7K, 5K, 2Kseries, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches. Configuration of SSL VPN through access blade and up-gradation of Firewall Monitor Ridgeline, Solar Winds, NetFlow and syslog/logarithms for alerts/alarms Environment: Switching, Routing, Nexus, Access-lists, Subnetting, STP, RSTP, VTP, HSRP, Port-Channel, EIGRP, RIP, PPP, HDLC. SNMP, DNS, IPAM, DHCP Honeywell, India Nov 16 Jun 18 Network Engineer Responsibilities: Responsible for managing activities, Upgrading IOS Upgrading hardware and installing new devices, tuning (Configuration), make standardization for the topology Configured, installed, & managed DHCP, DNS, & WINS servers Experience with LAN protocols like STP, RSTP, VTP, VLAN and Port Channel Protocols like LACP, PAGP Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover. Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers. Responsible for Cisco ASA firewall administration across our global networks. Migration of existing IPSEC VPN tunnels from one Data Center to another Data Center, due to decom of existing Data Center, which involved working with Partner Companies. Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits. Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN Implement and configured VRRP/GLBP (on distro/core switching), HSRP on different location of office on the switched network and managing the entire multilayer switched network Experience in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA Firewalls. Environment: Cisco, Juniper, Palo Alto, Fortinet, Checkpoint, Cisco ISE, F5 BIG-IP, Citrix ADC, SD-WAN, Ansible, Terraform, Python, API Integration, Infoblox, SolarWinds, Wireshark, VLANs, IPv6, BGP, OSPF, QoS, IPSec, DNS, DHCP, Zero Trust, NAC, DR, Compliance. Technical Enhancements & Projects Designed and deployed SD-WAN solutions to optimize branch connectivity and reduce MPLS dependency. Implemented network automation using Ansible and Python to streamline configuration management. Integrated cloud networking components in AWS and Azure, enabling hybrid cloud environments. Configured and managed Palo Alto firewalls including policy creation, NAT rules, and Panorama integration. Administered load balancers such as F5 and NGINX for application delivery and traffic optimization. Implemented Cloudflare with backend APIs for bot protection and TLS configuration. Built GitLab CI/CD pipelines to automate CDN deployment with IaC. Keywords: cplusplus continuous integration continuous deployment sthree active directory ffive hewlett packard California Georgia Idaho New Jersey New York Pennsylvania South Dakota