Chirag Jain

• Lead Cloud Network Engineer brought on to modernize the environments Network Infrastructure by designing and implementing a centralized, multi-region hub-and-spoke architecture
• Designed and built multi-account, multi-region landing zones with modular Terraform IaC, enabling secure and repeatable VPC buildouts for internal teams via CI/CD pipelines.
• Implemented hub-and-spoke architecture using Transit Gateway with segmented route tables to control east-west traffic between spoke VPCs and across regions, enforcing compliance boundaries.
• Centralized shared infrastructure including VPC endpoints and AWS PrivateLink in network VPCs to simplify access to core services and improve security posture.
• Established centralized egress architecture using TGW appliance mode, routing outbound traffic through regional firewall VPCs with IDS/IPS integration, eliminating per-VPC NAT Gateway sprawl
• Built a centralized ingress architecture leveraging a combination of Cloudflare, Cloudfront and AWS WAF for secure, consistent traffic filtering and Bypass prevention

• Lead Network Architect and Engineer for the design and deployment of Kenvue’s multi-region Cloud Networks in AWS and Microsoft Azure, employing advanced Infrastructure as Code (IAC) practices through Terraform
• Implemented Cloud Backbone Native constructs such as AWS CloudWAN and Azure Virtual WAN to establish centralized network connectivity across diverse regions in North America, EMEA, and ASPAC. Defined routing policies enabling Network Segmentation across Business Units for Production/Non-Production Traffic
• Led design and deployment of Azure Network environments in China, adhering to regional regulations while providing Premium Internet Access services via Zscaler alleviating application performance issues due to restrictions of the Great Firewall in China
• Established Cloud Network Engineering DevOps processes, utilizing Terraform along with CI/CD pipeline tools like Jenkins and AWS CodeBuild to automate provisioning of network infrastructure, which helped in streamlining the onboarding process for new applications by 60% through automated team vending with ServiceNow
• Engineered On-Prem Data Center connectivity to multi-cloud regions through Hosted Direct Connect Connections and Express Route Circuits via Equinix Fabric Cloud Exchange facilitating high availability and redundancy
• Designed and Implemented Centralized Ingress and Egress Architecture for Regional Network Traffic Patterns using Cloud Native AWS and Azure Network Firewalls, ensuring compliance with cyber security policies
• Carried out IPv4 CIDR planning in alignment with Regional Summaries using AWS IPAM and Infoblox for IP Address management and automation of IP space allocation for Application VPCs and VNETs
• Established and maintained version control using Bitbucket, ensuring integrity of the repositories and enforcing deployment best practices within the DevOps workflow

• Team Lead for cloud technology environments such as AWS & Microsoft Azure
• Responsible for building and maintaining Freedom's Cloud Network in AWS by carrying out tasks such as CIDR planning, VPC and Routing Tables creation, providing connectivity to On-Prem environments via Direct Connects
• Responsible for deploying and managing native Application and Network load balancers in AWS along with A10 load balancers for On-Prem applications
• Developed Cloud Disaster Recovery solution to provide VPC redundancy incase of region failure in AWS by using Appranix
• Responsible for deploying HA Virtual Palo Alto Firewalls in AWS to ensure VPN connectivity for 9000 employees working from home
• Re-architected Freedom's AWS Cloud Environment by migrating network connectivity to AWS Transit Gateways, providing centralized connectivity management and building foundation for connectivity to other cloud platforms such as Microsoft Azure, Google Cloud etc.
• Spearheaded the deployment of a fully meshed virtual Network in Microsoft Azure by utilizing Express Routes and redundant VPN tunnels to AWS Cloud
• Deployed and managed Network connectivity to MuleSoft Cloud via VPC peering as well as configuration of load balancers within the environment
• Established and maintained Network connectivity to VMWARE Software-Defined Data Center Solutions and IBM Cloud by utilizing cloud aggregation routers provided by Equinix

• Performed daily management and deployment of Network devices such as Cisco ASA firewalls, Cisco user and core switches, Cisco routers including software upgrades and configuration changes
• Subject Matter expert for Palo Alto firewalls, managed project to deploy firewalls in 50+ remote offices building IPSEC tunnels to Data Center VPN Firewalls along with deploying access management policies
• Managed project to re-ip remote sites in order to utilize IPSEC GRE tunnels to provide network redundancy
• Utilized Network Monitoring tools such as Statseeker, LiveAction, Qradar, solarwinds to analyze and troubleshoot network performance
• Developed and maintained network diagrams and documentation for all environments
• Maintained and troubleshot live production network services in the event of outage, performance, or functionality issue

• Developed a mobile Network in a box to be deployed in remote locations providing network redundancy via dual ISP configuration as well as wired and wireless connections
• Provided day to day support for Server and Network Troubleshooting
• Responsible for the AWS Cloud server provisioning and working with VMware to configure and install servers
• Managed Active Directory services along with configuring and managing intrusion detection and prevention

Responsibilities included facilitating the transfer of IT technologies and Client assets, MPLS connections, DNS Servers and Mail Exchanger records from Lucidity Consulting Group after merger.