Bhuvanesh Bheemaiah

Sr Data Network Engineer

Email : [email protected] || Phone : +1 248 832 4929

PROFESSIONAL SUMMARY:
• I have experience in Providing reliable, Scalable and secure solutions for complex enterprise Data Center environments
by designing, implementing and Administration of Routing, Switching, firewall security, Wireless technologies, automa-
tion using python scripting and simple programming.
• Experience in managing SDN solutions such as Cisco ISE, Cisco ACI, APIC-EM, prime platforms.
• Expertise with Installing, configuring, and troubleshooting of Checkpoint Firewalls (NG R55, NGX R65, R70, R75, R77,
Cisco ASA Firewall series 5505, 5510, 5512-X , Palo Alto Firewall series PA-500, PA-800, PA-2050, Juniper SRX
340/1400.
• Implemented Security Policies, ACLs, IPS, IDS, configuring AAA on TACACS+ & RADIUS servers, Cisco, Juniper,
Palo Alto and Fortigate Networks.
• Installation and managing F5 BIG-IP load balancing GTM, ASM, APM series like 6400, 6800, 8800.
• Configuration and management of site-to-site VPN tunnels using IPSEC, SSL technologies and deployment of MPLS
Layer 3 VPN, DMVPN, MPLS Traffic Engineering, and MPLSQOS.
• Implemented Wireless Technologies IEEE 802.11a/b/g/n, Cisco and Meraki, Aruba Wireless Access Points and Wireless
LAN Controllers Cisco WLC, WCS, NCS.
• Experienced in Configuration and troubleshooting of Dynamic routing protocols OSPF, BGP, EIGRP over Cisco
ASR1000, 1001, 9K, ISR 4331, 4451,Cisco 7200, 3800, 3600, 2800, 2600,1800 and Juniper MX960, MX480.
• Expertise in Configuration of VLANS using Nexus and multi-layer Switches and supporting STP, RSTP, PVST, RPVST
troubleshooting of inter-VLAN routing and VLAN Trunking (802.1Q).
• Experience in installations and configuration of Cisco Nexus 9K,7K, 5K, 2K Series and Cisco catalyst 6500, 4500, 3750,
3500, 2900, Aruba 3810, 5400 series switches in a production environment.
• Expertise with Ethernet, cabling, IPv4 addressing, subnetting, VLSM, multicasting, ARP, NAT, VLAN, STP and VTP.
• Good Understanding of TCP/IP, OSI model and expertise in Handling the network infrastructure of LAN/WAN, VLAN,
WLAN, DNS, DHCP, TACACS, RADIUS, SSH, DNS, HTTP/HTTPS, FTP, TFTP, SMTP, DHCP, LDAP and SNMP.
• Expertise with RCA Root Cause Analysis for layer1/layer2/layer3 critical network issues and troubleshooting.
• Experienced in implementing virtual spaces VMware vSAN, NSX, ESXi, MS HyperV and Cisco Hyperflex.
• Experience using Microsoft suite like Word, MS Visio, Excel, PowerPoint, MS Exchange and experience with Linux,
Bash scripting, python, and pearl.

SKILL SET:
• Hardware: Cisco (Nexus9k/7k/5k/2k, CSR1000v, ISR4K, ASR9K, CAT3850/9300, ASA 5585/5525), Juniper
(MX960, MX80, SRX 340/1400, EX4300/4500/4600, QFX 5100, 5110), Fortinet (600D, 3000D), Aruba 3810,
5400 Palo Alto (PA ),F5 BIG-IP (2800, 5800), Citrix ADC (MPX, SDX, VPX).
• Routing Protocols: IGP (OSPF/EIGRP/IS-IS/RIP-v2/Static), EGP (BGP/MP-BGP), Policy Based Routing, Multicast,
PIM.
• LAN/WAN Protocols: Ethernet (802.1Q/802.3ad/VLAN/PVLAN/STP/RSTP+/MST/VTP/SPAN/VCF/ vPC/Fabric
Path/VXLAN/IGMP/OTV), WAN (MPLS/LDP/L3VPN/VPN/VPLS), Frame relay.
• Network Services: DHCP, DNS, QoS, IPV4, IPV6, SMTP, HTTP, TCP/IP, UDP, HTTPS, FTPS, NTP.
• Cloud Technologies: Azure, AWS, SD-WAN (Cisco Viptela), SDN
• High Availability: HSRP/VRRP, LACP/PAGP, Link Aggregation Groups (LAGs), Redundant Trunk Groups (RTGs),
vPC, GRES, NSR, NSB, Virtual Chassis, VSS/Stack wise, BFD, IP SLA, ISSU.
• Network Security: IPsec/VPN, AAA, RADIUS, TACACS+, Cisco ISE, IPS/IDS, DHCP Snooping, ARP Inspection,
IP Source guard, NAT, Storm Control, Websense (Proxy).
• Network Analysis: Wireshark, TCP Dump, Dump cap, Netscout, Omni peek, Splunk, Gigamon taps, Vulnerability
Scan-Nessus, IP360
• Management Systems: PRTG, SNMPc, Netflow, Sflow, Solar Winds, Open Compare, NSM (Juniper), Panorama
(Palo Alto), MDS (Checkpoint), CSM (Cisco), Fortimanger/Fortianalyzer, Cisco FMC, Infoblox, Citrix GSLB, Ansible
Tower, Citrix Endpoint Management.
• Operating System: Cisco IOS/NX-OS/XR/XE, Almac, JunOS, FortiOS, PAN-OS, TMOS [F5], MS Windows, Linux.
• Ticketing Tools: JIRA, Footprints, Service Now, Remedy, Citrix, and Confluence.

PROFESSIONAL CERTIFICATIONS:
• Cisco Certified Network Associate (CCNA)
• Cisco Certified Network Professional (CCNP)
• Solutions Architect – Associate (AWS)
• AWS Certified Cloud Practitioner

PROFESSIONAL EXPERIENCE:
First Republic Bank || May 2023 – Present
Sr. Data Network Engineer
Responsibilities:
• Configuration of network routers, switches, access control lists, address translation, tunneling, and standard routing
protocols.
• Participate in reviews of current network processes, change, and build procedures. Translate to network automation
projects.
• Work with other developers to design and implement features in support of established security and acceptance criteria.
• Developing Python Scripts to Automate network Device configurations, performing validation and upgrades using net-
work libraries (netmiko, Paramiko, napalm).
• Configuring and managing Palo Alto, Juniper vSRX and Fortinet Virtual firewalls in Juniper NFX series KVM.
• Configured templates, device groups and created policies using APP-id, user-id on Panorama and pushed them into Palo
Alto firewalls.
• Responsible for implementing the Palo Alto to mitigate DOS, DDOS, attacks using Dos Protection, Threat Prevention
and Data Filtering.
• Configured SSL VPNs on Palo Alto firewalls for secure site-to-site VPN connectivity.
• Deployed Active/Passive modes of High Availability (HA) with Session and Configuration synchronization on multiple
Palo Alto firewall pairs. Knowledge on the application of Active/Active HA mode.
• Managed Palo Alto firewalls utilizing panorama and constantly ensured software upgrades and content.
• Configured and deployed F5 Big-IP LTM for distributing inbound traffic to the servers.
• Implemented SSL termination on LTM and renewed SSL certificates and customized I rule for cookies persistency.
• Deployed F5 Big-IP LTMs and implemented weighted round robin policy to balance the load.
• Configured & troubleshooted Virtual Servers, I Nodes, Pools, and customized I Rules on BIG-IP F5 LTM Load balancers
for traffic management.
• As a L2 and L3 engineer, responsible for Troubleshooting network support issues and Performance related issues.
• Upgraded Cisco 3900, 4500 series Router IOS Software and Catalyst 4500, 6500 series switch configurations.
• Extensive use of switching and routing protocols EIGRP, OSPF, BGP, MPLS, VRF, QoS, NAT, Multicast, VPN/IPSEC,
Tagging/communotces, prefix-list, route-map, WAN traffic engineering, policy-based routing , VLAN, STP, HSRP/
VRRP, DHCP, DNS.
• Experience in Cisco platforms ASR1002, 3845, 2921, 891, 819, 2960X, 2960XR, 9300, 9500, Nexus
• Research network automation industry trends and automation tools. Develop and document standards and provide train-
ing to others.
• Build and maintain CI/CD pipelines to ensure code quality and maintain ability source code management systems,
version control tools and developing web services.
• Participate in agile concepts such as daily stand-up meetings, task tracking boards, design and code reviews, automated
testing, continuous integration and deployment.
• Partner with Business units to ensure solutions will operate at scale without issue and create visualizations for data col-
lected from networking devices for quick interpretation and notification.
• Working in a Linux environment and has a working knowledge of basic Linux commands/utilities,
• Proficient in Network automation/orchestration experience using Python, Ansible, YAML and asynchronous
programming

Chevron Corporation, Houston, TX || July 2022 - May 2023

Network Site Reliability Engineer
Responsibilities:
• Experience working with Azure Storage, Azure vnet peering, Private endpoints, Azure Network Security Groups, route
tables (UDR) Designed VNets and subscriptions to confirm to Azure Network Limits.
• Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets.
• Exposure to Virtual machines and cloud services in the VNets to the Internet using Azure External Load Balancer
• Creating and Managing Virtual Machines in Windows Azure and setting up communication Network
• Security Groups (NSG).
• Worked on Azure Cloud Administration tasks such as creating Affinity Groups, Storage Accounts, Site - Site
• VPN, ExpressRoute, DNS servers.
• Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP, address blocks, DNS
settings, and security policies and routing.
• Exposed Virtual machines and cloud services in the VNets to the Internet using Azure External Load Balancer.
• Configured VNets and subnets private and public facing Azure load balancers etc. as per the project requirement.
• Configured wireless security by Design and implementing Cisco ISE and Aruba Clear Pass at the data center.
• Deployed Cisco Wireless Controller 8540, 5520 3504, cisco Aironet 1570 Series, Aruba 330 series, 501 wireless client
bridges, 7220, 7010 Mobility Controllers.
• Configuration of WLAN including 802.11 standards, Lightweight and Autonomous systems, WPA, PEAP.
• Perform WLAN and RF site surveys to Cisco's Enterprise accounts in addition to planning, design, implementation, and
optimization services for Wireless Mesh and 802.11 WLAN networks.
• Deploy, configure, Manage, and support Aruba wireless controllers, Cisco Meraki Ap’s adding them to the networks,
adding static Ip's, Installing them to individual clinics Globally.
• Configuring new sites with WLAN and Aruba Wireless APs (AP-205,225, 303, 515) and enabling port security using
Aruba clear pass.
• Design and configured Palo Alto 5560 in failover mode, created security policies and profiles.
• Palo Alto Firewall Upgrade and integration. Migrated existing PA220 to PA850 Ha Pair. Policy Management
and Project Driven Product Enhancements.
•
• Design and Configure a redundant solution of F5 BIG IP using 3900,4000 and 6400 series, configure VIPs, Pools, HTTP
proiles,SSL profiles, Irules Health monitor.
• Design and configure a redundant solution of firewalls in a multi-vendor firewall environment using Checkpoint R77,
Palo Altos 5050 and 5060 and ASA 5585-X
• Created firewall security policies in a multi vendor firewall environment to meet securityand company policy require -
ments.
• Troubleshoot and resolve complex connectivity issues using tools like TCPdump,wireshark,traceroutes,pings etc
• Configured EIGRP, OSPF and BGP routing policies, IP access filter policies and designs and implemented strategies for
the expansion of the MPLS VPN networks on Cisco 2900, 3900, ISR 4451, ISR4351 devices across locations and
datacenters.
• Implemented BGP Multi hop for Load Balancing and preventing SPOF utilizing parallel lines and Configured BGP Mul-
tihoming connecting two different service providers.
• Configured Route-Reflectors to troubleshoot BGP issues related to customer route prefixes
• Configured Nexus 2K, 5K, 7K, 9K Basic Interface Parameters, Layer 2 Interfaces, Layer 3 Interface, Bi-directional For-
warding Detection, Port Channels, VPCs, IP Tunnels, Q-in-Q VLAN Tunnels
• Provided technical support in terms of upgrading, improving, and expanding the network.
• Experience on adding, authenticating and authorizing monitoring devices Cisco ISE Cisco prime and DNAC.

Del Monte Foods, Gurgaon INDIA || July 2019 – Dec 2021

Network Security & Operation Engineer
Responsibilities:
• Designed and developed serviceability modules for High Availability architecture and implementation for IWAN using
ELK stack. Integrated DMVPN phase-1, Phase-2, Phase 3 into IWAN to support multi endpoint redundancy in intelligent
WAN.
• Deployed Cisco Intelligent WAN (IWAN) in both Hybrid and Dual-ISP branches to provide an increase in bandwidth ca-
pacity, security, and reliability.
• Design WAN solution using the AutoVPN technology with Cisco Meraki MX security appliances including DC to DC
failover and Cisco Viptela SD-WAN capabilities.
• Assist and troubleshoot Cisco Meraki solutions remotely including 802.11a/b/g/n/ac Wireless networks, Wireless VOIP
protocols, and wireless mobility.
• Deploying Network Devices on AWS VPCs Configured CSR 1000V routers and implemented EC2 instances on cloud
data center environment.
• Re-designed Network for Branch Relocation, Connect workstation, servers, etc. Rack and stack Pre-configured new
hardware and connect the circuits. Work with Carrier to test and turn-up circuits and built MGRE tunnels.
• Perform IOS upgrades and configuration on cisco ASR1000v & ISR4451, 4351 routers, catalyst switches 3560, 3850 and
cisco ASA 55XX series.
• Configured Cisco ISE, Cisco APIC-EM (IWAN) and deployed CSR1000v, Cisco ISR, Cisco ASR and Viptela Virtual
Routers.
• Configuring Viptela devices on VMware and creating device and feature templates on vManage required for SD-WAN
implementation.
• Installing, Configuring, and deploying Cisco Network Hardware Cisco ISR G2/ASR routers, Viptela Virtual Routers
Cisco Wireless Access Points from scratch over SD-WAN and fixing them with various modules like Gig card, VPN
SPA Card, T1-WIC.
• Involved with VPN architectures —Site to Site, Cisco AnyConnect Client (IPSEC/SSL), DMVPN.
• Co-ordinate with ISP / Carriers and commissioned and decommissioned serial T3 circuits and replace with MPLS circuits
from carriers ATT, Verizon, NTT, Century Link or Level 3. the circuits as per client requirement.
• Involved in design and implementation of client’s network migration. Deployed and configured Meraki Wireless Access
points (MR33, MR42, MR45, MR74), and Cisco AIR device.
• Configured Standalone HA Configurations, Multi-Context, Transparent Mode, NAT, ACL, IPS Configuration of Next-
Gen Features, DMZ on Sophos SG and XG Firewalls.
• Supported end user Software-defined, multi-tenant data center network cisco ACI (Application Centric Infrastructure)
(4.X Series), APIC technologies.
• Provide Design solutions for (legacy) Cisco Nexus 3-tier data center architecture as well as (modern) Cisco ACI leaf-
and-spine architecture

Teradata, Hyderabad INDIA|| August 2018 – July 2019

Network Deployment Engineer
Responsibilities:
• Deploying multi-vendor networking infrastructure in core, distribution, aggregate and access layer networking devices
supporting Retail Services, Direct Customers, AWS Services and Data Center Environments.
• Deployment of KNOX 7772(Almac) Encryption devices (Amazon’s custom) between Border, Backbone, L7 edge net-
works prod and Ec2 fabrics and deployed encryption keys.
• Analyze the Network bandwidth usages, latency and Packet losses on monitoring tools: AWS Dashboard, Net vane, Net-
work Health Service.
• Expertise in Re-Design, deploy, manage and maintain multi-vendor, multi-protocol data center, backbone, and edge net-
works.
• Deployment and management of AWS services including Virtual Private Cloud (VPC), Route 53, Transient Gateway,
ELB, EBS, EC2, S3.
• Performed OS upgrades on Juniper MX450, MX920, Cisco ISR4451, 4351 Routers during production maintenance win-
dows.
• Allocation of IP Addresses using IPAM.
• Configured BGP Multihoming connections with different service providers. Monitor the connectivity status of BGP,
OSPF, EIGRP protocols between access layer and core layers links.
• Performing configuration changes in BGP attributes: Weight, Local Preference, MED and Extended Communities.
• Troubleshooting on slow network connectivity issues, routing issues involves OSPF, BGP, ISIS, LACP, RSVP and iden-
tifying the root cause of the issues.
• Implemented, Design and maintenance of core IP/MPLS Networks and DHCP & DNS services, Troubleshooting MPLS,
MP-BGP, QoS, frame relay and general Ip operations.
• Monitor peak data traffic patterns on the Uplinks on the core and Distribution SFP links for any possible errors and
bandwidth throttling causing network outage.
• Performing Root cause Analysis for at Layer 1/ layer2 / layer3 using tools: link service, Mobius, Johnny5 between Back-
bone, and LBE devices.
• Implemented auto-check policy using python / Jinja/ Perl scripts and implemented Network Automation Workflows
(Daryl, Alfred, Hercules, blade runner) for Policy changes over amazon GIT Repository and deploying batches on edge
devices.
• Created Data sheets for migration links, validate cabling, created Yaml files, generated CRs for changes, prepare and exe-
cute Change Management using MCMs.
• Write and review code, develop documentation (Amazon Wiki) and capacity plans, taking escalations and involved in
handling major incidents towards resolution.

BNP Paribas, Mumbai INDIA || Dec 2017 to May 2018

Network Engineer (Operations)
Responsibilities:
• Migration from Cisco ASA 55XX firewalls to Palo Alto firewalls platforms PA 5K, 4K, 3K Configured ACL, NAT and
PAT policies.
• Key contribution includes troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP,
OSPF.
• Implemented IP addressing, Sub-netting, VLANs, DNS/DHCP Services for different types of networks within LAN and
Data Centers.
• Configured routing protocols such as OSPF, EIGRP, RIP, and Static Routing on Cisco routers. (4000, 3000, 2600, 2500),
Maintained redundancy with HSRP.
• Helped with time to time upgrade network connectivity between branch office and regional office with multiple link
paths and routers running HSRP, EIGRP in unequal cost load balancing to build resilient network.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing STP and RSTP on Catalyst switches.
• Installation and configuration of Cisco Catalyst Series (3750, 4500, 6500); Nexus (2K, 5K, 7K), Aruba 3810, 5400
switches series switches.
• Worked with the different types of cables such as Coaxial cable, optical fiber cable, twisted pair cables depending on the
physical layer, topology, and size.
• Testing the Network hardware in Lab Environments, documented HLD & LLD Information using Confluence to provide
reliable solutions for enterprise networks as per customer needs.

EDUCATION :
• B.E in Electronics and Computer Sciences - Visvesvaraya Technological University
• Masters in Computer Sciences - Christian Brothers University.