Home

Kashyap Mekala - Sr Network engineer

[email protected]

Location: North Brunswick, New Jersey, USA

Relocation: Yes

Visa:

Kashyap Mekala Sr. Network Security Engineer 848-209-1017 [email protected] Professional Summary: Network Security Engineer with 9.5 years of professional experience in Network design, Implementation and troubleshooting. Experience in installing, configuring and troubleshooting of CISCO Palo Alto firewall series link PA3250, PA5220, PA5420, PA5850, PA7080 security appliance. Working experience in troubleshooting and deployment of Juniper SRX2400, SRX4100, SRX4600, SRX5500, SRX5600, SRX5800, NS 50, SSG 550M, SSG 520M firewall policy lookups. Experienced in configuring of CISCO Fortigate forti 800, forti 1500 and forti 2800 series firewall devices. Worked on installing and troubleshooting of Juniper EX2200, EX2900, EX3300, EX3550, EX4500, EX6200, EX6509 EX8550 and 9250 series switches and Virtual MX (VMS) MX1600, MX2600, MX2800, MX3600, MX4400, MX6400, MX7300, MX9600, MX 10008 routers. Experience with monitoring alerts related to CISCO ACI nodes and Cisco Nexus 9k, 7k, 5k, and 3k data center downstream devices. Working Knowledge of modems, routers, switches and Aruba, Cisco & Meraki Wireless network systems. Experienced in installing and support of Viptela SD-WAN of V-Manage, V-Smart, V-Bond & V-Edge network deployment infrastructure. Strong hands on experience on ASA (5505/5510) Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS). Working experience in Azure cloud security appliance with 24x7 supports in Linux/Windows administration. Experience on Ansible automation scripting languages and Meraki Clear Pass Policy Server wireless devices. Worked on implementation of F5 BIG-IP 4200 LTM to 5250 VCMP guest load balancers and experienced in F5 LTM and GTM modules from v.11.4.1 to v.11.5.3 providers. Technical Skills:- Firewalls (CISCO & Juniper) CISCO Palo Alto PA3250, PA5220, PA5420, PA5850, PA7080 and forti 800, forti 1500 forti 2800 & Juniper SRX2400, SRX4100, SRX4600, SRX5500, SRX5600, SRX5800, NS 50, SSG 550M, SSG 520M Routing & Switching Juniper EX2200, EX2900, EX3300, EX3550, EX4500, EX6200, EX6509 EX8550, EX9250 switches and MX1600, MX2600, MX2800, MX3600, MX4400, MX6400, MX7300, MX9600, MX 10008 routers Data Center Switches Nexus 9k, 7k, 5k, 3k with ACI fabric SD-WAN Viptela SD-WAN, V-Manage, V-Smart, V-Bond & V-Edge Cloud Platform Azure, VPC, RDS could security Load Balancer F5 BIG-IP 4200 LTM to 5250 VCMP, LTM, GTM, v.11.4.1 to v.11.5.3 Modules AAA, SSH, NTP, SNMP, ACS, TACACS+ Professional Experience:- Rockwell Automation, WI Jan 2021-Present Senior Network Security Engineer Responsibilities: Worked on Configuring, troubleshooting and installation of CISCO Palo Alto firewall PA5220, PA5850, PA7080 devices, Panorama. Troubleshoot and resolve customer and upstream provider routing issues in a timely and efficient manner through the utilization of various networking Experience in Azure network, VPN and Express route, Azure DNS, Traffic Manager, and Load Balancers Worked on configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone Aps, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics. Experience in risk analysis, security policy, rules creation and modification of Bluecoat Proxies, Zscaler Proxies, Netscaler Infoblox DNS, Palo Alto Firewalls, and Check Point Firewall & Pulse Secure VPN. Knowledge of New Cisco SDA and Palo Alto SASE SDWAN Network Platform configured of Next Gen Firewalls, Zscaler Proxies, Mobile Device Management Solutions for improved security. Configured express routes and NSG in cloud security center, cloud application security. Experience with Zscaler cloud proxies ZIA and ZPA. Worked on setting up tunnels to Zscaler Zens, zero trust network access. Utilized knowledge of STP, BGP, MPLS, OSI model layers 1-2 to create network layouts, Configure and troubleshoot Routing protocols such as OSPF and EIGRP for routing internally and BGP for external routing. New Networking Concepts POC and Production Deployment- Cisco ACI, Cisco SDA, Palo Alto SASE, Palo Alto Prisma Configuration and Testing. Experience in Cisco ISE Version 2.4 deployed on VMware ESXI version 5.8, Configured for VPN and guest Users, I have Used Authentication Methodology 802.1x and MAB. Experience with enable file forwarding to Wildfire cloud through Content-ID implementation to identify new threats in PaloAlto. Experience in configuration of Juniper security appliances SRX 4100, SRX5600, SRX5800, NS 50, and SSG 550M, SSG 520M series firewalls. Working with identified and removed security policies that are no longer needed to reduce Juniper SRX firewall policy lookup. Experience with cisco ACI and Arista Cloud Vision on a POC. Knowledge on Spine leaf Architecture in Data center. Worked on EVPN, VXLAN, VTEPS, Bridge Domains, MP-BGP etc Experience in Adding Rules and Monitoring SRX Firewall traffic through smart dashboard and smart view Tracker applications. Working with deploying and decommission of VLANs on core ASR 9K, Nexus 9k, 7K, 5K and downstream devices. Experience in monitoring alerts related to CISCO ACI nodes and Cisco Nexus and providing technical feedback to fix abnormalities. Working on ACI fabric (leaf, spine, APIC).configuration of port, vlan, switch policies, profiles etc Work for collaborate with application owners to define dependencies, map dependencies for better application workflow within ACI or public cloud use. Experience with Cisco Viptela SD-WAN fabric (V-Manage, V-Smart, V-Bond & V-Edge) deployment, tuning using best practices, site on boarding to overlay network, troubleshooting and support. Experience in application security, infrastructure security, cloud security on Azure environment, set up Experience on Cloud security configuration reviews (Azure) and implementation of the cloud security controls. Working experience in architecting and configuring secure cloud VPC using private and public networks through subnets in Azure. Experience in creating automated scripts using Ansible language and also manual testing to enhance hardware performance. Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets. Experience on operated and maintained (O&M) the Meraki Clear Pass Policy Server and the Meraki Airwave Wireless Intrusion Detection System. Installed and configured Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud. Working with F5 LTM sessions and manipulating session using iRule and configuring and maintaining WebTop s and Portal Access Upgraded the F5 LTM and GTM modules from v.11.4.1 to v.11.5.3 in high-availability architecture TIAA, Lewisville,TX Nov 2017- Dec 2020 Senior Network Security Engineer Responsibilities: Configured, Monitored and Trouble shooted Palo Alto PA-7k, PA-5420 and PA-3250 security appliance, Failover DMZ zoning and configuring VLANs/routing/NAT with the firewalls as per the design Worked in optimize existing policies to improve security and performance. Identify and remove security policies that are not no longer needed to reduce Palo Alto firewall policy lookup. Worked with Air Magnet Wifi Analyzer for 802.11 a/b/g/n vlan troubleshooting, tuning, and channel rotation as required for adequate wireless coverage. Creating necessary VLANs on switches for WIFI networks Configured, deployed and done implementation of Juniper SRX Firewalls (SRX2400, SEX4600 and SRX5500) devices. Experienced in configuring Policies and Maintaining Juniper SRX Firewall & Analysis of firewall logs. Analyzed the Policy rules, monitor logs and documented the Network/Traffic flow diagram of the SRX firewalls placed in the Data Center with MS Visio. Worked with High performance data center switch like CISCO Nexus 9000, Nexus 7000 and Nexus 5000 series platform. Install and configure Silver Peak SD-WAN using Unity Orchestrator management software and Unity Edge appliances. Implementation of advanced deployments using Local Internet Breakout, EdgeHA, BGP, OSPF, RouteMaps, Zone Based Firewall and Regional Routing. Troubleshoot and manage Silver Peak EdgeConnect appliances. Worked in ACI fabric environment build up at around 9 locations and it is having different APIC cluster to manage individually. Experienced in managing connectivity between two POD's -To provide ACI troubleshoot support to endpoint devices team having reachability issue. Involved in configuring L3 out for accessing the server s and endpoints inside the ACI from outside network. Network Protocols: BGP/iBGP, OSPF, EIGRP, RIP, NAT, ACL, QoS Worked as a team member of Network operations WAN team. Handling incidents, VPN tunnel configuration, SD-WAN Viptela issues. Involved in maintenance of the SD-WAN laboratory environments Helped team in SD-WAN deployment Experience in multiple Azure zones, instances etc. for multiple vendors using the respective tools Interacted with teams and customers in different time zones for ensuring 24x7 support in Linux/Windows administration in Azure. Experience in creating, configuring, and utilizing Azure VPC to host clients computing services, virtual networking devices, database (RDS) environment and security configuration. Involved in generating property list for every application dynamically and writing automated testing scripts using Ansible. Involved in Managing and troubleshooting Meraki access point s wireless devices on Meraki VPN. Experienced in migrating applications from cisco ACE / CSM to F5LTM, and GSS configurations to F5 GTM wide-IP. Involved in configuration and troubleshooting the F5 LTM and APM and providing level 2 support for the customers. Verizon,India Oct 2016-Sep 2017 Network Engineer Responsibilities: Experienced in configuring VPN and applying security policy on various platform in Palo Alto PA 1200, PA 1800, PA 2500, PA 3800 firewalls Worked on troubleshoot and configure of CISCO Fortigate forti 800, forti 1500 and forti 2800 series firewall devices. Working at GSC (Global Service Center) Asia-Pacific, Responsible for any kind of network problem for the client. Installed and deployed Juniper MX300, MX900, MX1600 and MX2900 series routers and Juniper EX500, EX1200, EX1800 and EX2800 series switches. Experienced on IOS up-gradation, backup of network devices on Nexus 5k and 3k switching devices. Work for performing failover activity, primitive measure activity for Router and DC/DR devices Worked on Juniper ACS server (AAA Server) management, User database management, configuration privilege level, and command authorizations using TACACS+. Experience in configuring and troubleshooting IPSEC site to site VPN solutions. Experience with F5 Load Balancing and creating VIP pools, node, pool members, Monitoring in F5-LTM. Involved in configuration and troubleshooting F5 LTM and providing level 2 for the customers. Experienced in sending emails and SMS to the customer to keep them updated about major incidents or outages. Troubleshooting of all the Incidents and problems to find out the root cause and keeping track of the Changes. HCL, India Nov 2013-Sep 2016 System Administrator Responsibilities: As a team member, responsible for maintaining SLA across Datacenter the entire physical and virtual server and network environment. Worked with the client to understand the problem statement, coming up with tailor-made solutions, and ensuring that so wachieves the pre-defined objectives. Working on experienced in Antivirus Console and Firewall Policy Management. Worked on Implemented and managed migration from decentralized to centralized infrastructure using MPLS and other P2P technologies. Implemented up-gradation to Windows Servers and Linux Server. Working experience in Office365 Management and Active Directory management and file Server, Print Server, DHCP Server Management Education Information: - Bachelors in Electronics & Communication Engineering from SEIENT. India. 2010 Certifications:- Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP) References: - Upon Request Keywords: information technology ffive microsoft Idaho Pennsylvania South Dakota Texas Wisconsin