Summary
Overview
Work History
Education
Skills
Websites
Certification
Timeline
Generic

Jaya Saranya Kambaka

Network Engineer

Summary

Experienced Network Engineer specializing in the design, implementation, and management of enterprise, data center, and hybrid cloud networks, with a strong focus on network security and Zero Trust architectures. Hands-on experience across Palo Alto, Fortinet, Check Point, and Zscaler environments, implementing SASE-based solutions, threat prevention, and secure access controls in large-scale infrastructures.

  • Cloud and Hybrid Networking: Hands-on experience with AWS (Transit Gateway, Direct Connect, VPC Peering, Cloud NAT), Azure (Traffic Manager, DDoS Protection, Private Endpoints), and GCP (VPC), supporting secure hybrid connectivity between on-premises and cloud environments using IPSec VPNs, BGP-based routing, and segmentation policies.
  • Firewall and Security: Strong experience with Palo Alto (PAN-OS, Panorama), Fortinet, Cisco ASA, and Check Point firewalls, including IPSec/SSL VPNs, threat prevention, rulebase optimization, and centralized policy enforcement. Experience implementing Zero Trust and SASE architectures using Zscaler (ZIA, ZPA), along with network access control using Cisco ISE and identity-based policies.
  • Data Center and SDN: Experience with Cisco ACI (APIC), VXLAN, EVPN, and Multi-Pod architectures, supporting application-centric networking, micro-segmentation, and scalable multi-data center deployments.
  • SD-WAN and SASE: Experience implementing Cisco Viptela, Versa, and Meraki SD-WAN solutions with application-aware routing and SLA-based path selection, enabling WAN optimization and secure connectivity across distributed environments.
  • Routing and Switching: Strong knowledge of BGP, OSPF, EIGRP, MPLS, and DMVPN across Cisco, Juniper, and Arista platforms, with hands-on experience in VLANs, STP, EtherChannel, and redundancy protocols (HSRP, VRRP, GLBP).
  • Load Balancing and ADC: Experience with F5 BIG-IP (LTM, GTM) and Citrix NetScaler ADC, implementing load balancing, SSL offloading, persistence, and traffic management for high availability.
  • Network Automation: Proficient in Python, Ansible, Terraform, and REST APIs for configuration management, infrastructure automation, and cloud provisioning.
  • Wireless Networking: Experience with Cisco WLC and Aruba wireless solutions, including Wi-Fi 6 (802.11ax), 802.1X authentication, and wireless surveys using Ekahau.
  • Monitoring and Operations: Skilled in SolarWinds, Splunk, Wireshark, and Cisco DNA Center for monitoring, troubleshooting, and improving network observability, along with ServiceNow-based change management and incident handling.

Overview

4
4
Certifications

Work History

Network Engineer

Client: 1
  • Implemented Cisco SD-WAN using Viptela on Catalyst 8000 platforms, configuring centralized policies, application-aware routing, and SLA-based path selection to optimize traffic and ensure secure connectivity.
  • Deployed SD-WAN fabric using Viptela and Versa routers across distributed sites, improving WAN resiliency and secure connectivity.
  • Configured Cisco ACI (APIC 5.x) with VXLAN overlay and EVPN control plane, implementing micro-segmentation for granular access control across data center environments.
  • Integrated Cisco ACI with VMware vSphere 7.x and configured Multi-Pod architecture to support high availability, automated provisioning, and seamless multi-data center connectivity with improved failover.
  • Implemented Cisco SD-Access using Cisco DNA Center (DNAC 2.x) to automate segmentation, enhance security, and centralize policy enforcement across campus networks.
  • Configured and managed Palo Alto Networks firewalls (PA-5445, PA-7000) using Panorama (PAN-OS 10.x/11.x), implementing centralized policy management, rulebase optimization, and hit-count validation across enterprise environments.
  • Implemented Ansible automation for Palo Alto firewalls, reducing manual configuration efforts and minimizing deployment errors.
  • Deployed FortiGate 6000 NGFWs at network edge, configuring IPS, application control, threat prevention, and advanced security policies.
  • Integrated FortiClient with FortiGate and FortiManager to support centralized endpoint security, policy enforcement, and user access control.
  • Migrated Blue Coat to Zscaler (ZIA, ZPA), implementing SASE and Zero Trust architecture, configuring GRE tunnels, authentication, SSL inspection, and access policies.
  • Deployed Zscaler cloud proxies integrated with Azure AD SSO, enabling secure user authentication and policy-based traffic forwarding.
  • Configured Citrix NetScaler ADC for VDI and web applications, implementing load balancing, SSL offloading, persistence, health monitoring, content switching, and MFA integration.
  • Managed F5 BIG-IP (LTM, GTM) and Infoblox DDI, implementing DNS load balancing and traffic management for high availability across environments.
  • Automated DNS and DHCP provisioning using Infoblox NIOS APIs and Ansible, improving IP management efficiency and reducing manual errors.
  • Configured SolarWinds NetFlow Analyzer, Log & Event Manager (LEM), and Syslog-based monitoring to improve network observability, traffic visibility, and security event correlation.
  • Implemented Cisco ISE for network access control, enabling role-based access and integrating with Cisco Catalyst 9300 switches.
  • Troubleshot packet-level issues using Wireshark, analyzing logs and documenting network flows using Draw.io to support P1/P2 incident resolution.
  • Automated network and cloud operations using Python, Ansible, and REST APIs across AWS, Azure, and GCP environments, including VPC/VNet setup, routing, and security policies.
  • Implemented Infrastructure as Code (IaC) using Terraform to automate cloud deployments, ensuring scalability, compliance, and consistency.
  • Configured AWS Transit Gateway, Direct Connect, VPC Peering, Cloud NAT, and BGP-based routing, along with Azure Traffic Manager, DDoS Protection, VNets, and NSGs to support hybrid connectivity and secure cloud networking.
  • Implemented Site-to-Site IPSec VPNs between on-prem and cloud environments (AWS, Azure), ensuring secure connectivity with failover and reachability.
  • Managed cloud security using AWS Security Groups, Azure NSGs, and Private Endpoints, enforcing segmentation and Zero Trust access policies.
  • Configured BGP (EBGP/IBGP), route policies, redistribution, and optimized routing across Cisco, Arista, and ASR platforms, including EIGRP tuning and peering configurations.
  • Migrated Cisco switches to Aruba CX (8320, 8400, 6300, 6400) and deployed VSX-based HA solutions, integrating Aruba Central and ClearPass for secure and scalable network management.
  • Managed Aruba controllers, APs, and Wi-Fi 6 deployments, performing wireless surveys using Ekahau to optimize coverage and performance across high-density environments.
  • Configured STP security features, VTP authentication, VLANs, EtherChannel, GRE/IPSec tunneling, and supported VoIP deployments across enterprise networks.
  • Configured and supported Cisco Meraki MX and MS devices, integrating with Cisco Umbrella to enhance DNS-layer security across branch environments.
  • Executed network changes using ServiceNow ITSM, following MOP and CAB processes to ensure controlled and successful deployments.

Network Engineer

Client: 2
  • Configured extended ACLs on Cisco Catalyst 9300 switches to control traffic based on IPs, protocols, and ports, enhancing network security with granular access policies.
  • Implemented Layer 2 and Layer 3 networking across Cisco Nexus (9K, 7K, 5K), Catalyst (6500, 4500, 3850, 2960), and ASR platforms, including VLANs, 802.1Q trunking, STP, EtherChannel, and routing protocols (OSPF, EIGRP).
  • Configured application-centric policies and Cisco ACI tenants, bridge domains, and endpoint groups (EPGs) to enforce segmentation and optimize performance across data center environments.
  • Supported SD-WAN solutions using Cisco Meraki MX, Viptela, Versa, and Silver Peak, enabling automated failover for MPLS VPN and improving WAN resiliency and performance.
  • Monitored network performance using Cisco DNA Center (DNAC), leveraging AI-driven insights for proactive issue detection and operational optimization.
  • Migrated load balancers from A10 to F5 and managed F5 BIG-IP (LTM, GTM), including licensing, provisioning, module activation, firmware upgrades, and global traffic management for DR and failover.
  • Configured AWS Network Load Balancer (NLB) and Azure Internal Load Balancer, integrating with security groups and firewall policies to ensure secure and highly available traffic distribution.
  • Maintained multi-vendor firewall environments including Cisco ASA, Palo Alto (PA-220), Fortinet, and Check Point, configuring security policies, VPNs (IPSec/SSL), and intrusion prevention features.
  • Deployed and managed Check Point Security Gateway R80.40 and Cisco ASA 5500-X firewalls, implementing threat prevention, VPN services, and secure access controls.
  • Configured Palo Alto GlobalProtect and WildFire for secure remote access and threat detection, integrating MFA using Okta for enhanced security.
  • Implemented Blue Coat ProxySG secure web gateway, enabling web filtering, SSL inspection, and compliance policies across enterprise environments.
  • Configured DNS security using Infoblox Grid and BlueCat DDI, enabling threat intelligence feeds to protect against phishing, malware, and DNS-based attacks.
  • Integrated Cisco ISE with Active Directory and RSA SecureID, and configured RADIUS authentication using Aruba ClearPass for centralized authentication and authorization.
  • Configured Google Cloud VPCs with subnets, firewall rules, route tables, and private access to ensure secure cloud networking and traffic control.
  • Managed Aruba 300/500 Series wireless access points and Meraki WAPs to provide secure, high-performance wireless connectivity across enterprise environments.
  • Implemented redundancy protocols (HSRP, VRRP, GLBP) and configured routing protocols (BGP, OSPF, EIGRP) across Cisco and Juniper MX960 routers to optimize routing and ensure high availability.
  • Configured DMVPN with NHRP and IPSec encryption, along with Site-to-Site and SSL VPNs on Check Point firewalls, enabling secure connectivity across distributed branch networks.
  • Implemented network automation using Ansible, Python, and Terraform for configuration management and infrastructure provisioning, and monitored networks using SolarWinds NCM and Splunk for compliance and log analysis.

Network Engineer

Client: 3
  • Assisted in configuring and managing Palo Alto Firewalls (PA-220, PA-3200, PA-5200) using Panorama in enterprise environments, implementing IPSec VPNs, firewall rules, ACLs, and security policies across Palo Alto, Cisco ASA, and Check Point platforms.
  • Supported Site-to-Site, Remote Access, and SSL VPN connectivity on Cisco ASA and Check Point firewalls, helping with VPN migration and validating security policies using AES-256 and 3DES encryption.
  • Implemented Dynamic Multipoint VPN (DMVPN) using NHRP and IPSec tunnels across WAN environments to support secure hub-and-spoke connectivity.
  • Supported Level 3 troubleshooting activities for Cisco switches and Cisco ASA 5500 Series devices in production environments, validating BGP, OSPF, and ACL-related issues and assisting in resolving P1/P2 incidents.
  • Participated in deployment of Symantec Blue Coat ProxySG with Reporter in enterprise environments, supporting secure web gateway (SWG), web filtering, and SSL inspection for compliance.
  • Managed and maintained A10 Thunder ADC and F5 BIG-IP platforms in application delivery environments, supporting load balancing configurations and SSL/TLS offloading.
  • Assisted in configuring Cisco DNA Center in campus environments, supporting network automation and improving visibility across enterprise infrastructure.
  • Participated in Cisco ACI fabric deployments across data center environments, supporting application-centric policy configuration and service profile validation.
  • Implemented SD-WAN solutions (Cisco Viptela, Versa, Meraki) across branch and data center environments, assisting in WAN optimization and secure connectivity.
  • Configured BGP route policies and route reflectors on Juniper MX960 and Cisco Nexus 7000, while supporting OSPF summarization and EIGRP stub routing on Cisco ASR and Catalyst platforms.
  • Supported MPLS WAN environments and assisted in configuring Amazon Route 53 routing policies in cloud environments to support traffic optimization and failover.
  • Supported troubleshooting of network issues using EIGRP, OSPF, and BGP in production environments, and documented root cause analysis (RCA) findings to support incident resolution.
  • Maintained automation scripts using Python and Ansible, assisting in configuration validation and operational efficiency improvements.
  • Managed Wireless LAN Controllers (WLCs) in campus environments, supporting VLANs, VTP, EtherChannel, STP/RSTP/MST, and 802.1Q trunking on Cisco Catalyst switches.
  • Supported configuration of core services (DNS, DHCP, SNMP) and VoIP solutions using SIP Proxy servers, while monitoring network performance using Wireshark (Ethereal) and Splunk dashboards.

Education

Master of Science - Advanced Data Analytics

University of North Texas
USA

Bachelor of Technology - Computer Science

Jawaharlal Nehru Technological University
India

Skills

Cloud & Hybrid Networking: AWS (Transit Gateway, Direct Connect, Network Load Balancer, VPC Peering, Cloud NAT, Security Groups), Microsoft Azure (Traffic Manager, DDoS Protection, Load Balancer, Private Endpoints, Azure Network Security Groups (NSG)), GCP (VPC, Interconnect), VMware (vSphere, NSX, ESXi)

Switches: Cisco Catalyst Series (9400, 9300, 9200), Cisco Nexus Series (9500, 9300, 3000, 5000, 7700 [7706, 7710, 7718]), Cisco Meraki Series (MS390, MS250-48P), Arista 7000 Series

Routers: Catalyst 8500, 8300, 8200 Series Edge Platforms, ASR 9000 Series (9006, 9010, 9200), Juniper MX960, Arista 7800R Series, Cisco ISR 4000 Series, ISR 800, IR 1101

Wireless: Cisco WLC, 80211 a/b/g/n/ac/ax, 8021X Authentication, EAP/PEAP, Aruba ClearPass, Ekahau, Cisco ISE, Air Magnet, AirWatch (VMware Workspace ONE), Aruba Central, Cisco DNA Spaces

Firewalls: Palo Alto Networks (PA-2K, PA-3K, PA-5K, PA-7K Series), Cisco (Firepower, ASA 5500 Series), Fortinet (FortiGate 6000 Series), Symantec Blue Coat (ProxySG), Check Point Firewalls, Zscaler (ZIA, ZPA), SASE, Zero Trust Architecture

Load Balancers: F5 Networks (BIG-IP LTM, BIG-IP GTM), Citrix NetScaler ADC, Cisco (CSM, ACE), A10 Networks ADC, Azure Load Balancer (Cloud-native)

WAN technologies: MPLS, SD-WAN (Cisco Viptela, Versa, Meraki), DMVPN, L2VPN, L3VPN, VPLS, PPP, OC3, SONET

Websites

Certification

Cisco Certified Network Associate (CCNA)

Timeline

Network Engineer

Client: 1

Network Engineer

Client: 2

Network Engineer

Client: 3

Master of Science - Advanced Data Analytics

University of North Texas

Bachelor of Technology - Computer Science

Jawaharlal Nehru Technological University
Jaya Saranya KambakaNetwork Engineer