Home

Kalyan - Network Engineer

[email protected]

Location: Bristol, Connecticut, USA

Relocation: Yes

Visa: GC

PROFESSINAL SUMMARY Highly accomplished Network Engineer with over 8+ years of experience designing, implementing, and supporting enterprise-grade network infrastructures for mission-critical business environments. Proven expertise in network architecture, routing, switching, and performance optimization, ensuring high availability, scalability, and reliability of complex networks. Extensive hands-on experience with Cisco enterprise networking hardware, including routers, switches, firewalls, and wireless access points. Strong background in LAN, WAN, and WLAN technologies, supporting multi-site and geographically distributed network environments. In-depth knowledge of TCP/IP networking, advanced routing protocols such as BGP, OSPF, and MPLS, and modern switching concepts. Demonstrated ability to monitor, analyze, and troubleshoot network performance issues, proactively minimizing downtime and operational disruptions. Experienced in implementing and managing network security solutions, including firewalls, VPNs, IDS/IPS, and access control policies. Adept at maintaining secure user access management, permissions, and authentication mechanisms aligned with security best practices. Strong expertise in network monitoring, diagnostic, and analysis tools to ensure optimal performance and early issue detection. Proven success in supporting disaster recovery and business continuity planning, including network backups and recovery testing. Skilled in developing and maintaining detailed network documentation, topology diagrams, and standard operating procedures. Collaborative professional with experience working closely with cross-functional IT teams and business stakeholders. Strong analytical and problem-solving skills, capable of resolving complex infrastructure and security challenges. Experienced in evaluating emerging networking technologies and recommending strategic upgrades to improve efficiency and scalability. Hands-on experience in capacity planning and network optimization to support future organizational growth. Adept at managing enterprise network changes, upgrades, and migrations with minimal user impact. Demonstrated leadership abilities, providing technical guidance and mentoring to junior network administrators. Strong understanding of network compliance, security standards, and best practices within enterprise environments. Excellent communication skills, capable of translating complex technical concepts into clear business-focused solutions. Dedicated to delivering secure, reliable, and high-performing network solutions that directly support organizational objectives. TECHNICAL SKILLS Network Architecture & Design: Expertise in designing scalable, high-availability enterprise network infrastructures aligned with business requirements. Routing & Switching: Advanced knowledge of Layer 2 and Layer 3 technologies, including switching, routing, and network segmentation. Routing Protocols: Strong hands-on experience with TCP/IP, BGP, OSPF, MPLS, and dynamic routing implementations. Enterprise Networking Hardware: Extensive experience with Cisco routers, switches, firewalls, and equivalent enterprise-grade devices. LAN / WAN / WLAN Technologies: Proven ability to deploy and manage local, wide-area, and wireless networks across multi-site environments. Network Security: Hands-on expertise in configuring and managing firewalls, VPNs, IDS/IPS, and network access control solutions. VPN Technologies: Experience with site-to-site and remote access VPNs, ensuring secure encrypted communications. Network Monitoring Tools: Proficient in using network monitoring, diagnostic, and analysis tools for performance and availability tracking. VLANs & Network Segmentation: Strong skills in implementing VLANs, ACLs, and segmentation strategies to enhance security and performance. IP Address Management: Expertise in IP subnetting, addressing schemes, and IPAM best practices. Wireless Networking: Experience designing and supporting enterprise wireless networks, including access point configuration and optimization. Disaster Recovery & Business Continuity: Knowledge of network backup, recovery procedures, and failover planning. System Administration Support: Experience supporting network-related system software, hardware, and configurations. Network Troubleshooting: Advanced troubleshooting skills for resolving connectivity, latency, packet loss, and hardware failures. Performance Optimization: Ability to implement QoS policies and traffic optimization techniques. Documentation & SOPs: Skilled in producing detailed network documentation, diagrams, and operational procedures. Change & Configuration Management: Experience managing network changes, upgrades, and configuration control in enterprise environments. Cloud & Hybrid Networking: Familiarity with cloud networking concepts, including AWS Advanced Networking fundamentals. Compliance & Security Standards: Understanding of enterprise security policies, compliance requirements, and best practices. Certifications & Standards: Knowledge aligned with CompTIA Network+, Cisco CCNA / CCNP / CCIE, and industry networking standards. PROFESSIONAL EXPERIENCE Position: Senior Network Engineer MAY2023-CURRENT Client: State Of Rhode Island Location: Providence RI Project Name: Enterprise Network Infrastructure Modernization Project Description: Led the end-to-end design, implementation, and ongoing optimization of a highly available enterprise network infrastructure supporting business-critical applications across multiple locations. The project emphasized network architecture modernization, performance optimization, scalability, and operational reliability using industry-standard networking technologies and best practices Key Responsibilities & Achievements: Designed and implemented a resilient enterprise network architecture utilizing Cisco routers and switches, ensuring high availability, fault tolerance, and scalability for mission-critical business operations. Installed, configured, and supported routers, Layer 2/Layer 3 switches, firewalls, and wireless access points, ensuring seamless connectivity across corporate LAN, WAN, and WLAN environments. Administered and optimized LAN, WAN, and wireless networks, applying advanced routing and switching concepts to improve throughput, latency, and overall network performance. Implemented and managed dynamic routing protocols including BGP, OSPF, and MPLS, enabling efficient traffic routing, redundancy, and rapid failover during network outages. Designed and maintained VLAN architectures, IP subnetting schemes, and TCP/IP configurations to support secure network segmentation and efficient IP address utilization. Continuously monitored network performance using network monitoring, diagnostic, and analysis tools, proactively identifying performance degradation and preventing service disruptions. Troubleshot complex network issues involving hardware failures, routing loops, packet loss, and latency, restoring services while minimizing downtime and business impact. Implemented Quality of Service (QoS) policies to prioritize critical applications and ensure consistent performance during peak network usage. Planned and executed network hardware upgrades, firmware patches, and configuration changes, following change management procedures to ensure minimal disruption to users. Maintained and administered enterprise network environments, including network hardware, system software, configurations, and associated documentation. Created and maintained detailed network diagrams, topology documentation, and standard operating procedures (SOPs) to support operational continuity and knowledge transfer. Collaborated closely with IT teams, system administrators, and business stakeholders to deliver network solutions aligned with organizational goals and project requirements. Supported data center networking operations, implementing redundancy, failover, and load-balancing strategies to ensure high availability of core systems. Conducted capacity planning and performance analysis to anticipate future network growth and recommend scalable infrastructure solutions. Evaluated emerging networking technologies and tools, providing recommendations for infrastructure upgrades and long-term network improvements. Ensured compliance with enterprise networking standards, security policies, and industry best practices across all deployed solutions. Provided technical leadership and mentorship to junior network administrators, assisting with troubleshooting and professional development. Worked with vendors to evaluate, select, and implement enterprise networking hardware and services, ensuring cost-effective and reliable solutions. Performed regular network health checks and optimization reviews, improving stability, reliability, and performance across the environment. Played a critical role in maintaining high network uptime, reliability, and scalability, directly supporting business continuity and operational success. Role: Lead Network Security Engineer SEP2021-APR2023 Client: Cigna Location: Bloomfield CT Project Name: Network Security, Disaster Recovery & Business Continuity Implementation Project Description: Led the implementation of comprehensive network security, disaster recovery, and business continuity solutions designed to protect enterprise systems, secure data, and ensure uninterrupted operations. The project strengthened the organization s overall security posture while aligning with compliance and risk management requirements. Key Responsibilities & Achievements: Designed and implemented a layered network security architecture to protect enterprise infrastructure from internal and external threats. Configured, managed, and optimized firewalls, VPNs, IDS/IPS systems, and network access control policies to secure network traffic. Implemented secure remote access and site-to-site VPN solutions, enabling encrypted communication for remote users and branch offices. Administered user accounts, permissions, and access rights, enforcing strict security best practices and least-privilege access. Implemented role-based access control (RBAC) to ensure appropriate access levels across systems and network resources. Conducted ongoing network security assessments, risk analysis, and vulnerability scans to identify and mitigate potential threats. Monitored network activity for intrusion detection and prevention, responding promptly to suspicious or malicious behavior. Led security incident response efforts, including root-cause analysis, remediation, and post-incident documentation. Implemented network segmentation using VLANs and access control lists (ACLs) to reduce attack surfaces and enhance security. Performed regular network configuration backups to support rapid recovery during system failures or security incidents. Designed, documented, and tested disaster recovery and business continuity plans, ensuring minimal downtime during outages. Ensured secure data transmission and communication through encryption and secure networking protocols. Maintained comprehensive security documentation, including network configurations, incident logs, and remediation procedures. Collaborated with IT operations, security teams, and management to align network security initiatives with business objectives. Supported compliance efforts by providing network security documentation and audit support. Utilized advanced network monitoring and analysis tools to identify performance anomalies and potential security threats. Evaluated and implemented network security upgrades and enhancements to address evolving threat landscapes. Provided guidance on secure network design principles and best practices for new infrastructure initiatives. Assisted with internal and external audits by validating network security controls and configurations. Strengthened overall network reliability, resilience, and security, ensuring continuous and secure enterprise operations. Role: Cyber security Analyst MAY2018-AUG2021 Client: Privia Health Group Location: Arlington VA Project Name: Secure Electronic Health Records Access Control &HIPAA Compliance. Project Description: This project focused on strengthening the cybersecurity framework for Privia Health Group by implementing comprehensive access control mechanisms, enforcing HIPAA compliance, and safeguarding Electronic Health Records (EHR). The initiative included the design and deployment of Role-Based Access Control (RBAC), integration of Multi-Factor Authentication (MFA), continuous auditing, and risk management measures to ensure that Protected Health Information (PHI) remained secure against internal and external threats. Project Responsibilities: Designed and implemented a Role-Based Access Control (RBAC) model in the simulated hospital environment, ensuring that only authorized doctors, nurses, and administrative personnel could access specific EHR modules based on their job responsibilities, thereby minimizing the risk of data breaches. Integrated Multi-Factor Authentication (MFA) with Active Directory, enhancing login security by requiring multiple verification methods for all hospital staff and ensuring secure access to critical patient information in compliance with HIPAA standards. Configured comprehensive audit logging and monitoring systems to track every access attempt, modification, and deletion of PHI, enabling proactive detection of unauthorized activities and ensuring accountability of all EHR users. Conducted rigorous privilege escalation and penetration testing to validate system security, ensuring proper segregation of duties and confirming that no single user could bypass controls to access sensitive patient data without authorization. Verified adherence to HIPAA technical safeguards, including enforcement of unique user IDs for each employee, automatic session logoff after periods of inactivity, and end-to-end encryption for data in transit, effectively reducing the risk of PHI exposure. Developed and maintained structured workflows for account provisioning and de-provisioning, ensuring that newly onboarded staff received timely access while terminated personnel had their access revoked immediately to prevent unauthorized entry. Coordinated with IT and HR teams to promptly deactivate user accounts of employees who left the organization or changed roles, minimizing the potential for insider threats and ensuring ongoing compliance with regulatory requirements. Documented the complete security configuration and policies in a comprehensive HIPAA compliance report, including detailed descriptions of access control measures, audit logs, encryption standards, and risk mitigation strategies. Performed detailed risk assessments and vulnerability analyses, identifying potential security gaps in the EHR system and providing actionable recommendations to senior management for remediation and continuous improvement of the cybersecurity posture. Prepared and delivered executive-level presentations and stakeholder briefings on system security, HIPAA compliance, and patient data protection measures, ensuring alignment between IT security initiatives and organizational governance requirements. Collaborated with IT teams to implement data encryption protocols for PHI, both at rest and in transit, thereby safeguarding sensitive patient information from unauthorized interception or tampering. Configured real-time system alerts to notify security teams of suspicious login attempts, unusual access patterns, or potential breach activity, enabling rapid response to any potential threats. Developed and enforced strict user authentication and password policies, ensuring that all hospital staff adhered to best practices for secure access to EHR systems. Created security Standard Operating Procedures (SOPs) and documentation for hospital staff, providing clear guidance on access control, PHI handling, and reporting suspicious activity to maintain regulatory compliance. Partnered with compliance teams to ensure that all HIPAA-related policies and procedures were up to date and aligned with changing regulatory requirements, maintaining full legal compliance for all EHR operations. Conducted regular audits and performance reviews of the access control system to verify the effectiveness of implemented security measures and identify areas for enhancement. Provided training sessions and awareness programs to educate hospital staff on best practices for safeguarding PHI, reducing human error, and promoting a culture of cybersecurity awareness across the organization. Strengthened the EHR system s resilience against internal and external threats, including malware attacks, phishing attempts, and unauthorized access attempts, contributing to the overall security and reliability of patient data. Maintained detailed audit trails and security documentation to support internal reviews, regulatory inspections, and external audits, ensuring the organization s readiness for compliance verification at all times. Successfully contributed to a measurable reduction in security incidents and unauthorized access attempts, enhancing patient trust and reinforcing the organization s commitment to protecting sensitive health information. Role: Junior Security Analyst AUG2017-APR2018 Client: Nuwellis Health Group Eden Prairie, MN Project Name: Healthcare Newtork Traffic Monitoring & Threat Detection Project Description: This project focused on establishing a comprehensive network traffic monitoring and threat detection system for a simulated hospital environment to protect Electronic Health Records (EHR) and other sensitive healthcare data. The project leveraged tools like Wireshark and Snort IDS to capture, analyze, and monitor network traffic in real time, detect anomalies, and identify potential security threats. The initiative ensured alignment with HIPAA security requirements, performed risk assessments for common cyber threats, and implemented recommendations to strengthen network security posture and safeguard Protected Health Information (PHI). Key Responsibilities & Achievements: Configured Wireshark and Snort IDS within a lab-simulated hospital network to capture and monitor real-time traffic, ensuring visibility into all communication channels carrying sensitive patient information. Collected, filtered, and analyzed network packets to identify abnormal activities such as port scans, ARP spoofing, failed login attempts, and other indicators of potential cyber threats to hospital systems. Developed and implemented custom Snort alert rules to detect suspicious network patterns, including repeated login failures, SQL injection attempts, and anomalous network flows indicative of potential attacks. Designed and executed a structured log review process, enabling the IT/security team to track unauthorized access attempts to EHR systems and maintain detailed audit trails for regulatory compliance. Documented all security observations and analysis results in a comprehensive threat detection report, providing clear remediation recommendations to reduce exposure to potential network threats. Ensured that the network monitoring and threat detection setup fully aligned with HIPAA technical safeguards, protecting the confidentiality, integrity, and availability of PHI in all monitored systems. Presented findings and recommended improvements to the IT/security team, including network segmentation, strong password policies, and endpoint security measures, to reduce attack surfaces and enhance overall security posture. Performed baseline traffic analysis to establish patterns of normal hospital network activity, enabling the rapid detection of anomalous behavior that could indicate compromise or insider threats. Configured automatic log forwarding from endpoints and critical servers to a centralized logging system, streamlining monitoring and incident review processes. Created a daily incident summary report highlighting alerts, false positives, confirmed threats, and ongoing investigations to maintain situational awareness for the IT/security team. Tested encryption in transit (HTTPS, TLS) for all internal and external communications to verify that sensitive patient data was never transmitted in plain text, ensuring compliance with HIPAA encryption standards. Conducted a risk assessment for common cyber threats such as ransomware, phishing campaigns, brute-force attacks, and insider threats, mapping each to potential impacts on healthcare operations and patient data security. Collaborated with simulated IT staff and lab teammates to demonstrate and refine incident escalation procedures, ensuring proper response workflows during security events. Implemented network segmentation strategies in the lab to isolate critical EHR servers from general hospital network traffic, reducing lateral movement risk in case of compromise. Configured real-time alerting mechanisms to notify security teams of high-risk activities, ensuring rapid detection and response to potential breaches or policy violations. Developed and documented step-by-step procedures for traffic analysis, Snort configuration, and threat investigation, creating a knowledge base for junior analysts and new team members. Conducted periodic reviews of monitoring rules and detection thresholds to reduce false positives while maintaining high sensitivity to actual threats. Collaborated with cybersecurity team members to integrate monitoring insights into broader risk management and compliance frameworks, ensuring actionable intelligence for decision-making. Maintained detailed documentation of all configurations, alerts, and remediation actions to support internal audits, compliance checks, and regulatory reporting. Contributed to strengthening the hospital s cybersecurity posture by reducing network-based vulnerabilities and increasing detection capabilities for potential intrusions, thereby safeguarding patient data and maintaining regulatory compliance. Education Qualification Details: Master's Degree: Sacred Heart University/2017 CT, United states of America Major: Cyber computer Forensics Bachelors: TKR college of engineering and Technology/2016 Hyderabad, India Major: Electrical and Electronics. Keywords: information technology Connecticut Delaware Minnesota Rhode Island Virginia