KARISHMA BHANU S

• Supported campus‑wide migration from legacy Cisco switches to Cisco Catalyst 9000 platforms across access and distribution layers.
• Participated in planning and execution of large‑scale network refresh projects, including hardware replacement, IOS‑XE upgrades, and migration windows.
• Assisted with deployment and operational support of Cisco SD‑Access, leveraging centralized policy and segmentation models for secure, scalable access.
• Configured and maintained Cisco ISE to enforce 802.1X authentication, RADIUS/TACACS+ authorization, and role‑based access control.
• Performed comprehensive campus network assessments, topology documentation, and upgrade readiness reviews to ensure infrastructure reliability and compliance.
• Configured and troubleshot OSPF, BGP, EIGRP, VLANs, STP/MSTP, HSRP, and inter‑VLAN routing within multi‑tier enterprise environments.
• Supported core, distribution, and access switching architectures designed for high availability and minimal downtime.
• Automated repetitive configuration and monitoring tasks with Ansible and Python to improve operational efficiency.
• Provided Tier 2/3 support for LAN, WAN, and wireless connectivity issues across production healthcare environments under strict change‑control requirements.
• Collaborated with security, wireless, and server teams during network cutovers to minimize user impact and meet SLA commitments.
• Managed configuration standards, diagrams, inventory, and change documentation to maintain audit readiness and compliance with healthcare IT policies.
• Conducted network vulnerability scans, patching, and remediation in collaboration with cybersecurity teams to ensure HIPAA and security compliance.
• Monitored network performance using tools such as Cisco Prime, SolarWinds, and DNAC for proactive fault detection and capacity planning.
• Contributed to disaster‑recovery planning and testing to maintain business continuity during outages or infrastructure migrations.

• Reduced WAN/MPLS operational costs by 20% through SD-WAN modernization and vendor optimization.
• Improved cross-region latency by 28% by implementing high-speed cloud interconnects across AWS, Azure, and GCP.
• Achieved 99.99% uptime for critical EMR systems by optimizing F5 load balancing, firewall high-availability (HA), and failover configurations.
• Increased operational efficiency by 35% through Terraform and Ansible automation, reducing rollout errors and deployment time.
• Delivered zero audit findings across HIPAA, PCI-DSS, ISO 27001, and NIST 800‑53 compliance reviews.
• Enhanced network visibility and proactive monitoring with ThousandEyes, SolarWinds, and Splunk, improving mean time to resolution (MTTR).

Cisco DNA Center | Cisco Catalyst 9000 | Cisco ACI | SD‑WAN (Cisco Viptela, Silver Peak) | VMware NSX | Palo Alto | FortiGate | Cisco ASA | AWS | Azure | GCP | Terraform | Python | Ansible | CI/CD | F5 BIG‑IP | Meraki | VoIP | SolarWinds | Nagios | ThousandEyes | Nessus | Splunk | Microsoft Sentinel | Visio | Lucidchart

• Engineered and deployed Cisco, Juniper, and Arista networking platforms (switches, routers, firewalls, VPNs) to support enterprise production and service provider operations.
• Led data center migration from Cisco to Arista VXLAN, ensuring minimal downtime, scalability, and improved automation readiness.
• Designed and implemented Cisco Nexus architecture with VPC, VDC, VRF, OTV, and VSS to achieve segmentation and high availability at scale.
• Improved application performance using A10, F5, and ACE load balancers, delivering SSL offload, global traffic balancing, and optimized L7 routing.
• Automated configuration and deployment of 250+ Arista switches with custom Python and Ansible scripts, boosting provisioning efficiency by over 60%.
• Optimized BGP/MPLS routing across multiple ISPs to enhance redundancy, routing stability, and cross‑site resilience.
• Integrated Splunk, Elasticsearch, and Gigamon 420 for real‑time anomaly detection and packet‑level visibility, reducing RCA (Root Cause Analysis) time by 30%.
• Designed enterprise LAN/WAN architectures, IP addressing plans, and topology documentation using Visio and Lucidchart for seamless expansion.
• Managed Juniper MX/EX platforms for enterprise WAN routing, configuring BGP and OSPF for multi‑site redundancy.
• Implemented and maintained firewall and VPN policies using Palo Alto, Cisco ASA, Fortinet, and Check Point, securing traffic between geographically distributed environments.
• Worked with SOC and security teams to enforce Zero Trust access architectures with Zscaler ZIA/ZPA and Prisma Access.
• Developed Terraform‑ and Ansible‑based automation pipelines to standardize multi‑vendor configurations and simplify compliance audits.
• Supported HIPAA, PCI‑DSS, and ISO 27001 compliance through role‑based access reviews, documented change management, and security control audits.
• Led P1/P2 incident response sessions, handled RCA documentation, and coordinated recovery bridge calls for major outages.
• Mentored junior network engineers on automation practices, secure‑by‑default designs, and modern data center networking technologies.

Key Achievements

• Reduced data center downtime by 40% through seamless Arista VXLAN migration and phased cutover strategy.
• Increased deployment efficiency by 60% using Python and Ansible‑driven automation.
• Enhanced incident response and visibility by 30% with Splunk and Gigamon integration.

Environment:
Cisco Meraki | Cisco Nexus | Arista | Juniper MX/EX | Palo Alto | Cisco ASA | Fortinet | Check Point | A10 | F5 | Zscaler ZIA/ZPA | Prisma Access | Terraform | Python | Ansible | Splunk | Elasticsearch | Gigamon 420 | Windows Server 2019 | Active Directory | Visio

• Architected and deployed SD‑WAN and cloud‑native network solutions to optimize data flow and improve user experience across distributed banking environments.
• Implemented multi‑cloud connectivity across AWS, Azure, and GCP using Terraform and Ansible, standardizing configuration and ensuring policy compliance.
• Built and maintained Kubernetes clusters integrated with Istio service mesh, securing internal microservices communication and improving fault isolation.
• Configured and managed Next‑Generation Firewalls including Palo Alto and Fortinet FortiGate, enforcing segmentation and compliance for financial applications.
• Deployed and operationalized Zscaler ZIA/ZPA to secure remote workforce connectivity and accelerate the bank’s Zero Trust adoption.
• Directed migration from legacy data center infrastructure to Cisco ACI‑based SDN, reducing operational overhead and enabling scalable, policy‑driven networking.
• Upgraded the enterprise backbone to 100 Gbps, improving data replication speeds and supporting high‑availability trading and transaction systems.
• Optimized Arista EOS switches and routers to enhance throughput and maintain deterministic latency across branch and data center networks.
• Used Cisco DNA Center for network automation, visibility, and assurance, minimizing manual configuration drift.
• Improved wireless coverage and reliability with Cisco Meraki and Mist Cloud, tuning RF profiles and optimizing user mobility.
• Supported Cisco WLC 5520/9800 controllers for access point onboarding, 802.1X authentication, and wireless security optimization.
• Integrated Cisco Stealthwatch and ThousandEyes telemetry for proactive fault detection, visibility, and faster incident resolution.
• Developed and tested disaster recovery procedures for branch and data center connectivity to ensure business continuity.
• Automated provisioning with Python, reducing configuration errors and deployment time.
• Partnered with information security and audit teams to align infrastructure with PCI‑DSS, FFIEC, ISO 27001, and NIST 800‑53 standards.

Key Achievements

• Reduced WAN operational costs by 18% through SD‑WAN modernization and vendor optimization.
• Improved infrastructure resiliency via 100 Gbps backbone and ACI‑based SDN deployment.
• Increased automation efficiency by 30% with Terraform, Ansible, and Python workflows.
• Maintained consistent audit readiness with zero compliance deviations.

Environment:
SD‑WAN | Cisco ACI | Arista EOS | AWS | Azure | GCP | Terraform | Ansible | Kubernetes | Istio | Palo Alto | Fortinet FortiGate | Zscaler ZIA/ZPA | Cisco DNA Center | Cisco Stealthwatch | ThousandEyes | Python | Cisco Meraki | Cisco Unified Communications | NFV Platforms

• Supported implementation and configuration of enterprise network infrastructure across multiple data centers and branch offices.
• Designed and deployed LAN/VLAN architectures, STP, EtherChannel, and trunking frameworks to ensure redundancy and high availability for business‑critical systems.
• Configured and migrated F5 BIG‑IP GTM/LTM appliances from Cisco ACE, optimizing load balancing, SSL offload, and global traffic management.
• Maintained and optimized Palo Alto firewalls and Cisco ASA 5540 platforms, implementing VPN, ACL, and security policy enforcement.
• Delivered Layer 2/Layer 3 operational support for 2,000+ users, including troubleshooting DNS/DHCP, file/print servers, and access issues.
• Managed secure remote and administrative access using Blue Coat Proxy and Avocent ACS TACACS+, ensuring proper identity and access controls.
• Worked with senior engineers to document network topologies, perform capacity reviews, and standardize deployment procedures.
• Assisted in monitoring device health and bandwidth utilization to proactively resolve performance bottlenecks.

Key Achievements

• Reduced network downtime by 25% by designing redundancy and failover strategies across WAN and ISP circuits.
• Improved overall network security posture through strengthened VPN configurations, ACL enforcement, and firewall policy optimization.

Environment:
F5 BIG‑IP (GTM/LTM) | Cisco Nexus 5000/7000 | Palo Alto | Cisco ASA 5540 | Blue Coat Proxy | Avocent ACS 6004 | Juniper NSM/ISG

• Configured HSRP, EtherChannel, and port channels on Cisco Catalyst 6500/7600 switches to improve redundancy, uptime, and Layer 2 resiliency in enterprise networks.
  
• Led data center migration projects across access, distribution, and core layers, coordinating cutovers and validation to ensure seamless transitions with minimal downtime.
  
• Managed Cisco ASR 9000 (IOS‑XR) routers and optimized routing using RIP, OSPF, EIGRP, MPLS, and policy‑based routing for scalable WAN connectivity.
• Upgraded and enforced ACLs on Cisco ASA 5510 firewalls to strengthen perimeter security and control inbound/outbound traffic flows.
  
• Supported IPv6 migration initiatives using NAT64, DS‑Lite, and DNS64, enabling dual‑stack readiness and coexistence of IPv4/IPv6 services.
• Provided L2/L3 troubleshooting for network upgrades, virtualization platforms (VMware ESXi, Hyper‑V), and storage connectivity to maintain application availability.

Key Achievements

• Improved network resilience by 30% through high‑availability designs and STP tuning (BPDU Guard, PortFast, UplinkFast) across campus and data center environments.
  
• Enabled future‑ready operations by driving IPv6 adoption across WAN and data center networks using industry‑standard transition mechanisms.

Environment:
Cisco IOS‑XR | Cisco ASA 5510 | Cisco IP Communicator | Cisco Catalyst 6500/7600 | VMware ESXi | Microsoft Hyper‑V