Home

Pavan - Network Engineer
[email protected]
Location: Denver, Colorado, USA
Relocation: Yes
Visa: H1B
Pavan Kumar. K
Email: [email protected]
Phone: 508-389-4760

Professional Summary:
Over 7+ years of expertise in network design, security, and tier support across diverse environments.
Extensive experience with Cisco and Juniper routers/switches in complex multi-ISP environments, including Cisco Catalyst Series (3750, 4500, 4900, 6500), Nexus Series (2000, 5000, 6000, 7000, 9000), and various wireless technologies.
Proficient in wireless standards (802.11), controllers, access points, and Wi-Fi analytics from vendors such as Cisco Meraki, HPE/Aruba, D-Link, and Netgear.
In-depth knowledge of networking protocols (TCP/IP, OSI, UDP), routing protocols (RIP, EIGRP, OSPF, BGP), WAN technologies (Frame Relay, IPsec, VPNs, MPLS), and QoS.
Strong foundational expertise in IP routing protocols (BGP & OSPF), IPv4, IPv6 routing and security, and IPSec VPNs.
Hands-on experience with SD-WAN technologies (Meraki, OpenStack, Silver Peak) and network virtualization through UCS and NSX.
Proficient in network automation tools and testing, leveraging Ansible, Python scripting, and automation frameworks.
Skilled in integrating public and private cloud services (AWS, Microsoft Azure, Office 365) and VoIP/SIP providers for enhanced infrastructure agility.
Extensive experience in AAA protocols (RADIUS, TACACS+) and Cisco ISE.
Proven track record in designing, implementing, and managing security tools and systems, including IDS, IPS, VPN, WAF, DLP, AV, Cisco AMP, SIEM, and vulnerability assessments.
Configuration and administration of firewalls (Palo Alto, Juniper, Cisco ASA, Checkpoint, Fortinet) with expertise in policy creation, rules modification, and security policy implementation.
Successful replacement of aging Cisco ASA firewall architecture with new-generation Palo Alto appliances for enhanced security.
Configured IPsec Site-to-Site VPN on ASA and Checkpoint Firewalls.
Configuration and implementation of Fortinet Security systems Firewall, contributing to global Fortinet FortiGate infrastructure management.
Expertise in Juniper security appliances (SRX 220, SRX 240, SRX 550, NS 50, SSG 550M, SSG 520M) and establishment of VPN tunnels.
Experience in performing IOS software upgrades on various Cisco switches and routers.
Proficient with Cisco ACI Fabric, SD-WAN technology, A10 and F5 load balancers, Infoblox for DNS, DHCP, IPAM.
Hands-on management of Data Center services, including rack and cable management, and expertise in incident and change management using tools like ServiceNow and Remedy.
Proficient in mapping network diagrams and physical identification using MS Visio.
Cisco Security skills include Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, and Cisco (ASA, PIX) 5510.
Experience in physical cabling, IP addressing, subnetting with VLSM, TCP/IP configuration, DNS, and proxy installation and configuration.
Proven team leader and collaborative professional with excellent multitasking abilities in fast-paced environments.

Technical Skills:
Routers and VoIP Platforms: Cisco Routers series ASR9k, 7300, 4000, 3800, 2000, 1900; Juniper SRX, MX, Arista 7000 series.
Routing Fundamentals and Protocols: RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, Static Routing, ICMP, ARP, HSRP, VRRP, Route
Filtering, Multicast, Policy-Based Routing, Redistribution, Port forwarding. Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series).

Switch Platforms: Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; Nexus series 2K, 5K, 7K,9k; Juniper SRX 3600, 4600, EX, QFX, Aruba 2000, 3000 series.
Switching Fundamentals and Protocols: Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, Multicast, RSTP, Multi-Layer Switching, 802.1Q, EtherChannel, LACP, CDP, HDLC, RARP.

Firewall Platforms: Checkpoint (NGX R65, R75, R77.30, R80.40, R81), Cisco Firewalls (ASA 5505, 5506-X, 5585), Fortinet, Palo Alto Networks (PA series 2K, 3K and 5K) with Panorama 8.0, WAF.
Security Protocols: Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP 10trap

Network Management and Monitoring: Wireshark, Infoblox, HP OpenView, Cisco Prime, Splunk, Security Device Manager (SDM), Cisco Works, TCP Dump and Sniffer; SolarWinds NetFlow Traffic Analyzer, NetScout, Network Performance Monitor (NPM), Network Configuration Manager (NCM), SAM, IP Address Manager, Auvik/Logic monitor Additional Polling Engine.

Load Balancers and Proxies: F5 (BIG-IP) LTM 2000, 3900, 6400, 6800, GTM AV 510, Citrix NetScaler, MWG, Zscaler, Proxies, Bluecoat Proxies

WAN & SD-WAN Technologies: MPLS, ISP Leased Lines, SONET, Viptella, Versa
Wireless and Radius Technologies: Canopy Wireless Devices, Cisco 1200 series APs, Aruba wireless and APs, Cisco Meraki, Linksys Wireless/Wi-Fi Routers, Prime Infrastructure, Ekahau, Air Magnet, AirWatch and WLC s (8510, 5508, 5706), Cisco Aironet APs (2600, 3600, 3700), ISE, MSE, Aruba 225, Aruba 3000 controller & Airwave, ISE, ClearPass 6.0,6.2,6.5, 802.11a, b, c, g, n, ac

Other Networking Protocols and Fundamentals: DHCP and DNS server, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, SMTP, RADIUS and TACACS+, PBX servers, SDN, IPV4, IPv6,

Spectrum Communications, CO June 2023-Till Date
Network Engineer IV
Responsibilities:
Designed HSRP for load balancing on turns within the organizational network.
Relocated and set up VLANs with 802.1q labeling, Ether channels, and Spanning Tree for Access/Distribution and Core layer switching.
Implemented OSPF, BGP, HSRP, IPV6, and EtherChannel on Cisco ASR9K redundant pairs.
Managed BGP neighbors, ensuring reliability and security in Trust and Untrust configurations.
Extensive experience in planning, documenting, deploying, and supporting LAN and WAN network equipment.
Installed and configured NEXUS 2K, 5K, 7K, 9K series switches, expanding network performance and collaborating with network architects on improvement strategies.
Proficiently migrated diverse firewall environments (SonicWall, Sophos, Fortinet) to Checkpoint firewalls.
Spearheaded the deployment of Juniper firewalls, emphasizing security best practices and optimal performance.
Day-to-day operations on Palo-Alto, including adding routes, policies, and monitoring logs.
Collaborated with cross-functional teams to design and implement custom security policies aligned with industry standards.
Conducted thorough risk assessments before, during, and after migration projects to identify and mitigate security vulnerabilities.
Ensured compliance with industry regulations and standards, implementing necessary adjustments to firewall configurations.
Utilized project management tools to track progress, manage resources efficiently, and communicate effectively.
Developed comprehensive troubleshooting procedures and detailed documentation for migration processes, configurations, and post-migration support.
Involved in training sessions for team members on managing and maintaining the newly implemented firewall infrastructure.
Implemented continuous improvement initiatives to enhance the efficiency and effectiveness of migration processes.
Configured and managed Bluecoat forward and reverse proxy appliances for improved network performance and security.
Applied knowledge of Bluecoat's Web Acceleration and Security Services (WASS) modules, including caching, compression, optimization, and filtering.
Experience with using Bluecoat's Web Application Firewall (WAF) to protect web applications from attacks.
Knowledge of best practices for migrating Bluecoat appliances to virtual environments.
Experience with using Bluecoat Reporter for generating reports on web traffic, security events, and appliance performance, as well as troubleshooting network problems.



IP Infusion INC, CA Nov 2021-May 2023
Senior Network Engineer
Responsibilities:
As an IT professional, I have a diverse skill set encompassing network infrastructure, security, virtualization, and cloud technologies. Some key responsibilities and achievements include:
Successfully migrated from Cisco PIX and ASA to Palo Alto Next-Gen Firewalls.
Implemented and managed various firewall series, including PA-500, PA-3060, PA-5060, PA-7050, and PA-7080.
Extensive experience with BGP routing protocol on Nexus, Juniper, and Cisco routers.
Proficient in configuring and troubleshooting SDN technologies, Cisco ACI, VXLAN, and Arista Cloud Vision.
Installed and configured VMware ESX, NSX Servers, vSphere Client, and Vcenter Server.
Contributed to building a new cloud platform on Azure for legacy applications.
Implemented Cisco Meraki wireless solutions, managing access points and wireless networks.
Integrated Panorama with Palo Alto Firewalls, efficiently handling multiple firewall configurations.
Deployed F5 and A10 load balancers, including virtual server configuration and health monitoring.
Managed SD-WAN network (Cisco Meraki Solution) for WAN connectivity.
Utilized automation tools for code upgrades and device configurations.
Implemented IP SLA and SD-WAN traffic engineering on top of MPLS networks.
Designed and implemented security policies, firewall ACLs, and VPN technologies.
Conducted Vulnerability Assessments using tools such as Qualys, Nessus, and Nexpose.
Collaborated with application teams for effective application validations involving F5 LTM and GTM components.
Provided support for Cisco Unified Communication Manager, Call Manager Express, and other communication systems.
Experience working with Aruba and Cisco Wireless LAN controllers, Configuring and Provisioning AP s, Virtual AP s, RTLS, Wireless SSID s, remote and campus AP s, upgrading WLC, worked in Active/Active local Controllers and Master controller. (Aruba 6000)
Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; Nexus series 2K,5K, 7K; Juniper EX, QFX, Aruba 2000, 3000 series.
Experience in Build and Release, SCM, GCP, AWS environment management Continuous Integration (CI), Continuous Delivery (CD) and DevOps methodologies.
Managed SolarWinds for network monitoring and configuration management.
Coordinated with global data center teams for troubleshooting and issue resolution.
Actively engaged in CI/CD pipelines using Git, Jenkins, and Code Pipelines.S
Participated in migration projects, including XenApp upgrades and NetScaler to F5 migration.
My expertise lies in planning, executing, and managing complex projects, and I possess strong problem-solving skills in resolving diverse IT challenges.




Tango Analytics, TX Jan 2020 - Sep 2021
Network Engineer
Responsibilities:
Successfully managed a network infrastructure with over 6000 devices.
Configured network switches, VLANs, VTP, and trunks to implement layer 2/3 switch features.
Implemented WAN routing conversions from OSPF to BGP for enhanced network efficiency.
Configured STP and HSRP to optimize network performance and achieve high availability.
Applied URL and content filtering using Bluecoat Proxy SG.
Configured Check Point Firewalls, creating objects, groups, and updating access-lists.
Led the migration of virtual environments from VMware to Azure cloud using ASR.
Deployed and managed SD-WAN network using Cisco Meraki solutions for efficient WAN connectivity.
Implemented Cisco Meraki wireless solutions, deploying access points and managing wireless networks.
Worked on connectivity between Cisco Networking Equipment and F5 Load Balancer.
Implemented Zone Based Firewalling and Security Rules on Palo Alto Firewalls.
Monitored network performance using tools such as Wireshark and Solar Winds.
Updated SLA reporting procedures for effective utilization of SolarWinds reporting.
Deployed Site-to-Site and Client-to-Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
Configured IPsec Site-to-Site VPN on ASA and Checkpoint Firewalls.
Executed changes in the production environment with minimal disruption, including planned weekend activities such as IOS upgrades.
Conducted disaster recovery tests, network failovers, and IP migration activities.
Developed and maintained documentation for LAN/WAN infrastructures using tools like Granite, IP control, and VISIO.
Collaborated with various internal groups for weekly capacity planning and project conference calls.
Interfaced with Cisco on TAC cases, creating RMA for hardware replacements as needed.
Ensured adherence to client standards for networking devices through regular monitoring and reconfiguration.
Proficient in BGP, EIGRP, OSPF, and other LAN/WAN technologies.
Configured and managed F5 Big-IP LTM-6400 load balancers.
Incorporated changes and enhancements to enhance network efficiency and security, ensuring seamless operations and compliance with industry standards.



ICICI, Hyderabad, Ind Jan 2018- July 2019
Network Engineer
Responsibilities:
Assisted in troubleshooting LAN connectivity and hardware issues in a network of 500 hosts.
Studied client requirements to provide solutions for network design, configuration, administration, and security.
Configured and resolved OSPF issues in a multi-area environment among multiple branch routers.
Implemented traffic engineering on an existing MPLS network using Frame Relay and OSPF.
Interacted with support services to reduce downtime on leased lines.
Conducted maintenance and troubleshooting of connectivity problems using Ping and Trace route.
Monitored network performance and servers to identify potential problems and bottlenecks.
Daily responsibilities included using network management tools to monitor remote sites.
Implemented security policies using ASA 55XX Firewall and Fortinet firewall IPS/IDS.
Configured AAA Security (TACACS+, RADIUS) on various router series.
Maintained redundancy on Cisco 2600, 2800, and 3600 routers with HSRP.
Troubleshooted Cisco routers including 2800, 2900, 3900, 7200, 7600, ASR9k, CRS, and GSR 12k Series.
Configured GLBP, VLAN Trunking 802.1Q, STP, and Port security on Catalyst 6500 switches.
Hands-on experience with the configuration and implementation of various Cisco Routers and L2 Switches.
Delivered IT Services Management (ITSM) solutions based on ITIL best practices.
Focused on people, process, and technology perspectives within the IT infrastructure.
Troubleshooted network routing protocols (BGP, EIGRP, OSPF) during migrations and new client connections.
Utilized Python automation scripts for troubleshooting and network issue resolution with remote connections.

Systems & Services Limited, Hyderabad, India June 2015- Dec 2017
Junior Network Engineer
Responsibilities:
Installed and configured Cisco Routers (3600, 3900) and Switches (3550, 3560, 3560E, 3750, 6500, 7200) for VLANs, Routing Protocols (OSPF, BGP), VPNs, etc.
Configured Etherchannels, Trunks, VLANs, and HSRP across Access, Core, and Distribution layers.
Implemented Cisco ACS for wired and wireless user authentication using certificates and MAB for company assets.
Performed Access Control Lists (ACLs) to ensure usage control for intended users.
Installed WAN and LAN access for internet and intranet access.
Assisted in deploying WAN projects, including connectivity and configuration of routers, switches, and end-to-end monitoring in new campuses.
Implemented route redistribution between OSPF and EIGRP.
Provided WAN/LAN Cisco router/switch configuration, implementation, and support for BGP, OSPF, and EIGRP.
Implemented, and maintained Site-to-Site VPNs and remote access VPNs using Cisco solutions (ASA 5520 and 5540).
Configured and maintained ASA 5585 firewalls with firepower, as well as 5540 and 5525 Firewalls using Cisco Security Manager (CSM).
Troubleshot Routing/Switching/Security configuration problems/errors for clients in head and remote campuses.
Implemented and modified DNS entries and managed IP Addresses using Windows DNS and DHCP.
Technical Support:
Provided end-user technical support for LAN and remote users in a 24/7 environment.
Troubleshooted Routing/Switching/Security configuration problems/errors encountered by clients in head and remote campuses.
Additional Expertise:
Experience configuring and troubleshooting Citrix NetScaler Load Balancer.
Responsible for IOS installations and upgrades using TFTP Server.


EDUCATION:
Master s Degree in MIS (master s in information system) USA, Nov- 2020.
Bachelor s Degree in B.com (Computer Application) IND, 2015.
Keywords: cprogramm continuous integration continuous deployment information technology ffive hewlett packard microsoft California Colorado Pennsylvania South Dakota Texas Wisconsin

To remove this resume please click here or send an email from [email protected] to [email protected] with subject as "delete" (without inverted commas)
[email protected];1831
Enter the captcha code and we will send and email at [email protected]
with a link to edit / delete this resume
Captcha Image: