Home

Hetal - Cloud Network Engineer

[email protected]

Location: Chicago, Illinois, USA

Relocation: YES

Visa: H1B

Hetal Tanti Cloud Network Engineer [email protected] 773.378.1923 A highly skilled and certified Cloud Operations Engineer with 12 years of profound experience in the fields of network secu- rity, cloud infrastructure management, and system monitoring. Having showcased exceptional capabilities in deploying, managing, and securing complex network environments across various industries, including banking, energy, Oil & Gas, and telecommunications. Renowned for leading teams to achieve operational excellence, adeptly troubleshooting critical net- work issues, and enhancing network performance and security with innovative solutions. Proficient in an array of cutting- edge technologies such as VMware NSX, AWS services, and software-defined networking. Demonstrated expertise in auto- mation and scripting, coupled with a strong foundation in network security protocols and practices. Holds a Master of Sci- ence in Information and Technology and a Bachelor of Engineering in Electronics and Communication, further solidified by industry-recognized certifications such as AWS Certified Solutions Architect Associate, CCNP, CCNA, and PCNSE. A commit- ted professional dedicated to continuous learning and excellence in cloud operations and network engineering. SKILLS AWS Cloud Infrastructure Setup and Management: Experience in configuring and deploying AWS Virtual Private Cloud (VPC), VPN connections, AWS Direct Connect, and security measures like security groups and network ACLs (NACLs). Hybrid Cloud Operations: Establishing VPN and Direct Connect links for seamless hybrid operations between on- premises data centers and AWS. Hybrid Cloud Operations: Establishing VPN and Direct Connect links for seamless hybrid operations between on- premises data centers and AWS. Network Configuration and Management: Proficient in configuring BGP, OSPF, EIGRP, and VPN tunnel settings. Imple- mented dynamic routing and optimized network configurations for enhanced stability and throughput. Cisco Networking Equipment: Expertise in configuring Cisco networking equipment, including Direct Connect setups, routers, switches, and firewalls. Troubleshooting and Performance Optimization: Skilled in resolving complex network issues, troubleshooting con- nectivity problems, and optimizing network performance using various diagnostic tools and techniques. Monitoring and Alerting: Utilizing AWS CloudWatch, third-party tools like SolarWinds, and network-specific tools for monitoring network performance, setting up alerts, and ensuring system health. Infrastructure as Code (IaC): Developing IaC using Terraform to automate network configuration and environment deployment. Scripting and Automation: Writing Python scripts for automating routine tasks, updating rules, and deploying alarms to improve operational efficiency. Network Security Management: Configuring and managing network firewalls (Palo Alto, Cisco ASA), implementing advanced firewall features, and ensuring network security and compliance. Cisco ACI Deployment: Led the deployment of Cisco ACI fabric, configuring APICs and fabric switches and integrating with external networks and VMware environments. SD-WAN Solutions: Designing and deploying SD-WAN solutions (VMware VeloCloud, Cisco Viptela) for enhancing WAN performance and reliability. Cloud Services Deployment: Designing and deploying scalable web applications on AWS using CloudFormation tem- plates and managing cloud-based applications with seamless connectivity. Network Virtualization: Managing VMware NSX for network virtualization and configuring logical networking compo- nents. Compliance and Security Assessments: Conducting security assessments and audits, ensuring compliance with stand- ards like PCI DSS. Documentation and Training: Developing comprehensive documentation on network architectures, configurations, and operational procedures. Conducting training sessions for IT staff and stakeholders. TOOLS AWS Services: VPC, Site-to-Site VPN, Direct Connect, CloudWatch, CloudFront, Route 53, Client VPN, EC2, RDS, S3, CloudFormation. Cisco Equipment and Solutions: Cisco routers and switches, Cisco ASA firewalls, Cisco Identity Services Engine (ISE), Cisco ACI, Cisco Meraki, Cisco Viptela SD-WAN. Monitoring and Management Tools: SolarWinds, VMware vCenter, VMware NSX, VMware VeloCloud Orchestrator, ServiceNow, OPManager, NetBrain. Scripting and Automation: Python, Terraform, PowerShell. Security and Compliance: Cisco ASA, Palo Alto firewalls, FortiGate, Checkpoint firewalls, compliance with PCI DSS and SOX standards. Network Protocols and Technologies: BGP, OSPF, EIGRP, VPN, MPLS, ISIS, IP VPN, DHCP, NAT, 802.1X authentication. Virtualization and Cloud Platforms: VMware environments, AWS cloud services. Documentation and Communication: Microsoft Office 365, Visio. EDUCATION Master of Science in Information and Technology, UNIVERSITY OF THE CUMBERLANDS IN 2023 Bachelor of Engineering in Electronics and Communication, GUJARAT TECHNOLOGICAL UNIVERSITY IN 2013 CERTIFICATIONS AWS Certified Solutions Architect Associate CCNP Cisco Certified Network Professional CCNA Cisco Certified Network Associate PCNSE Palo Alto Networks Certified Network Security Engineer EXPERIENCE AWS Cloud Network Engineer - Senior Analyst Fifth Third Bank Feb '23 Present Cincinnati, United States (Remote) Configured and deployed AWS Virtual Private Cloud (VPC) environments to host the bank's critical applications. This in- volved setting up subnetting, route tables, internet gateways, and NAT gateways to ensure secure and efficient access to resources. Established VPN connections between the AWS VPC and the bank's on-premises data center using AWS Site-to-Site VPN, enabling secure and seamless hybrid cloud operations. Configured BGP over VPN to ensure dynamic routing between the AWS environment and the on-premises network. Implemented AWS Direct Connect for a more reliable and consistent network connection to AWS, reducing latency for criti- cal banking applications. Configured Direct Connect with Cisco networking equipment, ensuring high availability through redundant connections. Resolved complex network connectivity issues that affected application performance and availability. This often involved analyzing VPC flow logs, CloudWatch metrics, and Cisco router logs to identify and rectify misconfigurations or network congestion problems. Troubleshoot intermittent VPN connectivity issues between AWS and the on-premises data center. Adjusted VPN tunnel settings and optimized routing configurations to improve stability and throughput. Addressed configuration errors in security groups and network access control lists (NACLs) that inadvertently blocked le- gitimate traffic. Analyzed the traffic flow and adjusted rules to secure access while ensuring application functionality. Troubleshoot intermittent VPN connectivity issues between AWS and the on-premises data center. Adjusted VPN tunnel settings and optimized routing configurations to improve stability and throughput. Utilized AWS CloudWatch for monitoring network performance and system health. Set up alarms to alert on critical thresh- olds, such as high latency or unusual traffic patterns, indicating potential security incidents or performance issues. Integrated third-party monitoring tools like SolarWinds with AWS for comprehensive visibility into both cloud and on- premises network infrastructures. Continuously monitored network performance, identifying bottlenecks and implementing optimizations to improve data transfer efficiency. This included adjusting AWS Route 53 policies for optimized traffic routing and leveraging AWS Cloud- Front for content delivery optimization. Configured and maintained secure remote access solutions for bank employees using AWS Client VPN and Direct Connect. This ensured reliable and secure access to bank applications and data, accommodating flexible work arrangements. Proficient in using AWS CLI for managing and automating AWS services. Developed infrastructure as code (IaC) using Ter- raform to automate the deployment of VPCs, NSGs, VPNs, and Direct Connect, significantly reducing manual efforts and en- suring consistency across environments. Developed Python scripts for automating routine tasks, such as updating NSG rules, monitoring network usage, and deploy- ing CloudWatch alarms. This automation reduced manual workload and improved operational efficiency. Extensive experience in configuring and managing network firewalls, including Palo Alto and Cisco ASA, to protect network resources and data. Implemented advanced firewall features, such as threat prevention, URL filtering, and VPN configurations, to enhance net- work security. Led the deployment of Cisco ACI fabric as the backbone for the bank's data center networking, focusing on creating a scala- ble and resilient network architecture. This involved configuring Application Policy Infrastructure Controllers (APICs), fab- ric switches (spine and leaf), and integrating service appliances for enhanced network services. Configured Tenant, Application Profile, Endpoint Groups (EPGs), Contracts, and Policies to segment and secure network traffic according to the bank's operational requirements and compliance standards. Configured Layer 3 Outside (L3Out) connections to integrate the ACI fabric with external networks, including the bank's existing WAN and internet gateways. This setup was critical for maintaining connectivity with branch offices, external ser- vices, and cloud providers. Worked closely with the virtualization team to integrate VMware environments with ACI using the VMware vCenter DVS integration. This ensured that virtual machine networking was fully aligned with ACI policies and security settings. Troubleshot and resolved fabric connectivity issues, including problems related to VPC configurations, encapsulation mis- matches, and path selection. Utilized the ACI troubleshooting tools within the APIC GUI and CLI commands to diagnose and rectify issues swiftly. Resolved routing and connectivity issues between the ACI fabric and external networks. This often involved debugging BGP peering issues, fixing OSPF route distribution problems, and adjusting contract scopes and filters to ensure proper commu- nication with external entities. Addressed challenges integrating L4-L7 services (e.g., firewalls, load balancers) into the ACI fabric. This included trouble- shooting device package integrations, service graph configurations, and redirect policies. Monitored the health and performance of the ACI fabric using the APIC dashboard, focusing on health scores, tenant statis- tics, and fault reports. This proactive monitoring approach enabled early detection of potential issues and ensured high availability. Conducted regular capacity planning exercises to ensure the ACI fabric could support the bank's growth. This involved ana- lyzing traffic patterns, endpoint registration trends, and resource utilization to guide infrastructure scaling decisions. Provided tier 2/3 support for resolving user connectivity issues within the ACI fabric. This often required a detailed analy- sis of EPG-to-EPG communications, contract enforcement, and micro-segmentation policies to identify and resolve access issues. Worked with application teams to adjust ACI policies and contracts to support new applications or change requirements. This involved balancing security and compliance considerations with the need for flexibility and rapid application deploy- ment. Developed and maintained comprehensive documentation on the ACI fabric's architecture, configurations, and operational procedures. Cloud Network Engineer - Senior Analyst Wells Fargo Mar '22 Feb '23 San Francisco, United States (Remote) Designing and deploying scalable, high-availability web applications using AWS CloudFormation templates. This involves specifying all the AWS resources (like EC2 instances, RDS databases, and S3 buckets) and configurations in a YAML or JSON template to automate and replicate environments quickly and efficiently. Setting up Amazon CloudWatch for real-time monitoring of AWS resources and applications. Configuring custom dash- boards for key metrics, setting alarms for abnormal activity (e.g., spikes in load balancer latency, CPU utilization thresh- olds), and analyzing logs to optimize performance and uptime. Configuring and managing Cisco ACI fabric for data center automation, including creating application profiles, EPGs (End- point Groups), and contracts for micro-segmentation to enhance security and streamline operations. Implementing and maintaining Cisco ASA firewalls, setting up access control lists (ACLs), NAT rules, and VPNs to secure the network perimeter. Regularly updating firewall policies to adapt to evolving security needs. Implementing Cisco Identity Services Engine (ISE) for comprehensive network access control, including setting up policy enforcement, device compliance checks, and securing wireless and wired connections through 802.1X authentication. Conducting regular security assessments and audits to ensure compliance with PCI DSS standards. This involves vulnerabil- ity scanning, analyzing firewall configurations, and remediating identified security gaps. Leading projects to deploy SD-WAN solutions Cisco Viptela across the bank's branches to improve WAN efficiency, reduce costs, and enhance application performance by dynamically routing traffic across multiple links based on real-time condi- tions. Integrating cloud-based applications with on-premises data centers, ensuring secure and seamless connectivity between AWS services and internal applications. Setting up AWS application gateways and load balancers to distribute traffic effi- ciently. Managing VMware NSX for network virtualization, configuring logical switches, routers, and firewalls to create a flexible, programmable data center fabric that supports the bank's virtualization needs. Providing expert troubleshooting for network issues, utilizing diagnostic tools like CLI for real-time monitoring, and engag- ing with vendor support for escalated issues. Maintaining detailed documentation of network configurations, changes, and operational procedures. Ensuring network architecture and operations comply with industry regulations like PCI DSS and SOX by implementing strict access controls, data encryption, and regular compliance audits. Senior Analyst Cloud Operations Engineer Accenture Pvt Ltd Feb '20 Aug '21 Bengaluru, India Led the design and deployment of VMware VeloCloud SD-WAN solutions across Oil and Gas operational sites in Italy, en- hancing WAN performance and reliability while ensuring seamless integration with cloud infrastructure using AWS ser- vices. Utilized ServiceNow ticketing system to swiftly identify, log, and resolve complex network issues, minimizing operational downtime. Collaborated with VMware VeloCloud support and external vendors for escalated issue resolution. Implemented comprehensive monitoring strategies using VMware VeloCloud Orchestrator and ServiceNow, achieving opti- mal network performance through continuous assessment of latency, jitter, packet loss, and bandwidth usage. Configured and maintained advanced security policies within the VeloCloud infrastructure to ensure data integrity and compliance with industry-specific regulations. Conducted regular vulnerability assessments to safeguard against emerging cybersecurity threats. Optimized traffic routing and QoS policies via VeloCloud Orchestrator, significantly improving network efficiency and appli- cation performance based on business priorities. Developed and tested robust disaster recovery plans for the SD-WAN network, incorporating high-availability configura- tions to ensure business continuity. Streamlined incident and change management processes by developing automated workflows in ServiceNow, enhancing operational efficiency and response times. Fostered effective communication and collaboration between IT, operational teams, and vendors, ensuring alignment of the SD-WAN deployment with the company s strategic IT and business goals. Conducted training sessions for IT staff and stakeholders on best practices for SD-WAN usage and maintained detailed doc- umentation of network designs and configurations for compliance and operational efficiency. Stayed abreast of the latest SD-WAN and cloud technology developments, recommending and implementing innovations to enhance network performance and reliability. Spearheaded the integration of VMware VeloCloud SD-WAN with enterprise-level IPAM solutions Infoblox for an Italy- based Oil and Gas project, centralizing IP address management and enhancing network reliability across remote opera- tional sites. Developed and implemented custom Python and PowerShell scripts to automate IP address assignments and updates be- tween VMware VeloCloud and IPAM tools, significantly reducing manual overhead and ensuring real-time accuracy in net- work documentation. Established a rigorous documentation process for IP allocations, subnet designs, and DHCP configurations, using automated tools and scripts to maintain up-to-date network records, ensuring compliance with industry security standards. Expertly handled over 200 high-priority incidents, performing complex troubleshooting on WAN, F5 Load Balancers, Citrix NetScaler, and firewalls (FortiGate, Palo Alto, Cisco ASA, Checkpoint) configurations, ensuring minimal operational disrup- tion. Led root cause analysis for recurring network issues, identifying key bottlenecks in the on-premises architecture. Imple- mented Cisco Meraki and FortiGate firewalls for enhanced security and traffic management, reducing incident recurrence by 40%. Streamlined network operation processes, including incident management, change control, and configuration standards. Introduced automation scripts for routine tasks, enhancing process efficiency and adherence. Spearheaded the migration of the energy company's on-premises network infrastructure to AWS, utilizing AWS VPC and AWS Load Balancer for scalable and resilient cloud networking. Configured Palo Alto and Cisco ASA firewalls for secure cloud connectivity. Deployed ServiceNow dashboards for real-time SLA monitoring and reporting, significantly improving customer and stake- holder satisfaction through transparent communication and adherence to service commitments. Supported network operations across multiple geographic locations, ensuring consistent service delivery and user experi- ence. Initiated customer feedback loops to identify areas for improvement, leading to a 20% increase in employee satisfac- tion scores. Championed the adoption of SD-WAN technology, achieving a 25% reduction in WAN operational costs through enhanced network agility and cost efficiency. Mentored junior network engineers, enhancing team efficiency and knowledge in Cisco routing and switching, Infoblox IPAM, AWS cloud services, and network security solutions, leading to a 30% reduction in the meantime to resolve (MTTR) for network issues. Ensured 99.9% network uptime, aligning with stringent SLAs through proactive monitoring, rapid incident response, and the use of ServiceNow for issue tracking and escalation, significantly improving operational efficiency. Effectively communicated network changes and project updates in Change Advisory Board meetings, promoting a culture of transparency and collaboration within the organization. Senior Analyst Network Security Engineer NetEnrich Technologies Pvt Ltd Apr '19 Feb '20 Hyderabad, India Excelled in quickly diagnosing and resolving complex network issues affecting users, ranging from connectivity problems to performance degradation, significantly reducing the mean time to resolution. Skilled in network routing and switching techniques, with extensive experience in EIGRP, BGP, OSPF, and implementing multicast and unicast solutions. Proficient in configuring and troubleshooting Cisco routers and switches (ACI, IOS-XE, NX-OS, IOS-XR, Cisco DNA), ensuring seamless network operations. Developed and led a cross-functional team to provide 24/7 support for critical network issues, using Slack and ServiceNow for efficient issue tracking and communication. This initiative improved user satisfaction ratings by 30%. Implemented a structured approach to troubleshooting that involves comprehensive log analysis and simulation of network scenarios in a lab environment, leading to a 40% improvement in troubleshooting efficiency. Experienced with Aruba ClearPass for network access control and Aruba Wireless systems for enterprise wireless solu- tions. Spearheaded the deployment of OPManager and NetBrain for proactive network monitoring, enabling early detection of potential issues before they affect users. This strategy contributed to a 20% reduction in unplanned network downtime. Oversaw the configuration of network routers, switches, and firewalls, focusing on optimization for performance and secu- rity. This included advanced configurations such as port enabling, routing protocols setup, switch configuration, and fire- wall updates. Streamlined IP reservation processes and implemented dynamic allocation strategies to improve network flexibility. En- hanced security posture by updating firewall rules and configurations, leading to a reduction in security incidents by 35%. Led the successful rollout of new network technologies and the upgrade of existing systems, managing project timelines and ensuring deliverables met technical requirements and business goals. Created and maintained detailed network documentation, policies, and procedures, ensuring consistent standards across the network infrastructure. This effort facilitated quicker onboarding of new team members and provided a reliable refer- ence for ongoing operations and troubleshooting. Proficient with Microsoft Office 365 and Visio for documentation and network diagramming. Acted as a mentor to junior network engineers, providing training on best practices, troubleshooting techniques, and the use of network monitoring tools, contributing to a stronger, more knowledgeable team. Senior Executive Network Operation Engineer TATA Teleservices Limited Jun '16 Apr '19 Hyderabad, India Responsible for Configuring, Maintaining, Managing, and Troubleshooting CDMA DCN & CNMS network troubleshooting & Maintaining PAN India Cisco Routers, Switches, and Data Links. Responsible for Incident and Problem management. Analyze and troubleshoot incidents. Provide Level-2 support and troubleshooting to resolve issues of WIFI customer complaints. Monitor and perform testing of the WIFI systems, provide diagnostics for the network performance, and interface with customer NOC center for feedback on customer issues. Working on significant issues like slow speed, PCD, Authentication, and inability to access services. Remarkably, Working on the PAN India Project of TATA. Troubleshooting live issues on Cisco and Huawei products. Moni- toring and Health checks of DCN, CNMS Networks, Firewall & CDMA ICR, and ISP links for TATA DOCMO. Responsible for Networking/connectivity-related issues and troubleshooting CDMA DATA Customer issues. Serve as primary support operations by managing internal devices, performing analysis of alarms, and taking steps to re- store service. Provide correlation of multiple alarm conditions or tickets to identify root cause trouble resolution. Monitor and perform testing of the Wi-Fi systems, provide diagnostics for the network performance, and interface with the customer NOC center for feedback on customer issues. Troubleshooting various network issues with the help of IP reporter, MRTG, and private looking glass. Managing Trouble tickets through the Remedy tool. Technologies and protocols working on a daily basis include MPLS and IP VPN, Static, BGPv4, OSPF, EIGRP, RIP, and HSRP. Associate System Engineer Nokia Siemens Networks (Payroll under Quasar Telecom & UST Global) Jan '15 May '16 Pune, India Troubleshooting network issues and providing fault resolutions Monitor the Network Alarms in the monitoring system, creating tickets per the severity status. Coordinating with the Customers and Back-end team to resolve Circuit down, Latency, and Website issues. Ensuring all the complaints & requests are resolved within a Service Level Agreement Interpreting the verified statuses of the circuits/network devices and corresponding logs into the RT ticket created for in- ternal tracking. LAN security - DHCP snooping, dynamic ARP inspection. Ticket Management, Prioritizing and analyzing the events in the network Password or Corrupted Cisco IOS Recovery on Routers, Switches L1/L2 Troubleshooting the MPLS network and last-mile connectivity to the CE router. NOC Engineer Huawei Telecommunications (Payroll under Evolve Technologies Pvt. Ltd) Apr '14 Dec '14 Pune, India Working in CM (Configuration Management) Backbone Network Handling Feasibility of NDWDM, MDWDM & Tellabs network Provisioning of links on SDH and DWDM Networks and responsible for Network Expansion & Troubleshooting of Network-related faults & Customer related faults 1+1MSP creation for new Tie and trail re-routing & Path optimization of trails Provide RFO for errors occurring while link testing & Maintain SLA and RFO for the fiber cut and ISP issues Optical fiber network, Maintenance, Provisioning, Configuration, and Troubleshooting for OSN8800 & OSN7500 Troubleshooting the link failure from the field level, i.e., restoration, comprising optical fiber cable damage, equipment er- rors, and facility issues Coordination with the field team for any PE related to fiber & follow up on the pending issue and close the same. Troubleshooting the MPLS network and last-mile connectivity to the CE router. Technical Support Engineer GNS technologies Jun '12 Feb '14 Pune, India Delivered personalized computer problem diagnostic sessions for users, achieving a 95% accuracy rate in issue identifica- tion and solution recommendations based on root cause analysis, enhancing overall user experience and loyalty. Managed and documented up to 50 customer queries daily, tracking and analyzing trends to identify recurring issues for proactive resolution. Identified common trends and underlying problems within call logs, improving troubleshooting efficiency and leading to a 15% decrease in escalation rates. Updated and maintained self-help documents to enable customers to troubleshoot common technical issues independently, resulting in a 25% decrease in support ticket volume. Closed fault tickets accurately and efficiently by recording fault incident time, fault clearance time, and root cause analysis details, maintaining an accuracy rate of 98%. Keywords: sthree information technology container edition ffive logistics execution South Dakota Wisconsin