Sai Babu Lakkamraju
Greenville,South Carolina
Summary
Network Security professional with 13 years of technical, functional, and operational experience in the areas of network security and virtualization. I have experience in configuring, maintaining, troubleshooting, and hardening routers, L3 switches (Cisco), and Fortinet switches. Experiences in installing, configuring, maintaining, troubleshooting, and hardening firewalls. Have experience in configuring, troubleshooting, and upgrading ESXi 5.1 to 8.0. Have experience in configuring, upgrading, and troubleshooting ESXi, vCenter HA, DRS, and vSAN. Having experience in configuring and troubleshooting IGP routing protocols OSPF and ISIS, and EGP routing protocol BGP. Having experience in configuring and troubleshooting site-to-site VPN tunnels and SSL VPN (web-based and client-based). Experiences in configuring and troubleshooting NAT and PAT. Have experience in configuring a centralized log server to monitor critical logs in the network using Graylog and SIEM. Experience in deploying Vulnerability assessment (VA) to analyze the live traffic and mitigate risk in network using Tools like Nessus, and OpenVAS. Have experience in troubleshooting network-related issues with Wireshark setup, NPS for Radius AAA in Active Directory for network devices. Experience in configuring networking on vSphere standard switches and distributed switches. Possess an exceptional ability to move, motivate, and fascinate people around me. Set up secure remote access system (XONA) outside Controls network and apply controls to access internal resources in a secure data flow.
Overview
14
14
years of professional experience
1
1
Certification
Work History
lead engineer
qUEST-GLOBAL
01.2020 - Current
- Attended CKOM understanding scope of project requirements and prepare required Bill of materials and released in to internal Released tool for Sourcing
- Design & configure Network architecture and apply network security controls based on the project scope
- Configure & troubleshoot Network Firewalls, Routers, L3 switches, Industrial standard switches, Thin Clients (Dell & HPE) & Thick Clients (Dell & HPE) Working on hardening devices (Firewalls, Routers, switches & HMI) in handover process
- Install ESXI on BareMetal Hardware (Dell & HPE) and Create required Virtual machine as per the project requirements and added Hosts server to Vcenter and enable HA and Stretch Cluster
- Upgrading ESXI Hosts & Vcenter to latest validated version
- Implement NAC, Trillex EPO, SEM (Security Event Manager), Nozomi (IDS), Cat tools, Splunk, Ivanti patch management to updated patches on End windows machines
- Setup site to Site VPN tunnels, and SSL VPN based on project Scope
- Setup Xona for remote operations Implementing Nesses VA Scan utility for VA assessment in network
- Implementing Routing protocols (OSPF, IS-IS , RIP and BGP) based on the project scope
- Working on Migrating Virtual Machine between Server in HA, clone Virtual machines, adding additional hard disk storage and RAM resources as per the project scope
- Troubleshoot invalid Virtual machine on VMKernal level Resolving Vsan storage & High Availability related issues
- Working on OT network protocols like Modbus, GSM, OPC (UA, AE, DA), IEC, DNP3 & all IT network protocols
- Working on MacAfee SIEM ESM gives real time visibility to all activity in Network & systems, used to find out unknown activity and mitigate
- Configure SPAN & RSPAN for IDS (Nozomi) to mirror real time data flow used to find out vulnerabilities in network develop & maintain Vulnerability assessment (VA) tools Like OpenVAS & Nessus use to analysis the live traffic and mitigate malware & threats in system
- Working on NPS for Radius in Active Directory for user base authentication to connect network devices
- Install & configure NTP time Server (Meinberg, Microsemi) in to network for time Sync inside ESP
- Support customer Outages on Network & Base line security related
- Working with NPI team to understanding new offering products & Guidelines for execution
- Attending customer calls to understand the scope of project execution
- Executing customer witness team in test stand facility and explain project scope & validation & test cases validation
- Handel network Security Inductions sessions for new hires.
Sr NETWORK administrator
konylabs
01.2017 - 01.2020
- Worked on FortiGate FG-600c, FG-401E, FG-310B & FG-101F & FG- 60F Cisco Firepower 5545, 5515 & 1000 series & palo alto
- Worked on cisco switches 9200, 4500 & 2960 Worked on Routers 4331 & 1940 Create Policies & Access Lists to restrict unauthorized access to inside network from external attackers Create and apply Web filtering profiles to internal users based on user’s roles to access external resources using Websense Proxy Physical Appliance
- Configure & troubleshoot Site to Site IPsec VPN tunnels between sites to allow specific resources bases on the scope
- Configure & troubleshoot SSL VPN user’s profiles for internal users who want to access internal resources when they are in outside network
- Worked on Ruckus Wireless Zone director’s for WIFI users to monitor signal strength & detect rogue devices and prevent malicious activities
- Worked on NPS for Radius in Active Directory on MAC base authentication to connect WIFI & LAN
- Install & setup TACACS, Nagios Core, Zabbix, Cacti & PRTG for Network devices monitoring & bandwidth monitoring
- Complete quarterly firewall reviews to company security standards Troubleshoot Date to Date network related issues based on user’s ticket with in ETA
- Preparing reports like bandwidth utilization, device & network uptime, syslog, IDS logs, change management & risk analysis report (weekly & monthly)
- Execute weekly backup for all network devices & critical devices Provide technical training for internal team on new scope of work
- Attend weekly & monthly review meeting with top management to understand the network issues & future upgrade and implementation.
Team lead – NOC (network operations center)
RANDSTAD
05.2012 - 01.2017
- Lead a team of 12 members
- Attended review meeting with different teams and understanding network related issues & concerns in real time in ground level
- Design & implement network architecture for new location based on inputs from top management
- Build and configure Esxi 5.1 in Dell M1000E blade servers Evaluate and monitor all IDS and IPS appliances Complete quarterly network devices reviews to company security standards Working on VMware vSphere, Creating Virtual Machines, Migrating Virtual Machine between Server in HA, clone Virtual machines Install, Configure & troubleshoot Cisco, 3 COM, Huawei, Volkteck switches Implement L2Vc & VSI in MPLS Implement LACP between two trunk core switches Configure & troubleshoot BGP between two Internet service providers Configure, troubleshoot VLANS in switches Troubleshoot backbone links (STM-4) communicating with respective service providers Monitor network devices using Nagios, Whatsupgold, SolarWinds Everest Monitor bandwidth utilization using MRTG graph and escalate issues to L3 level if any Perform network device health check periodically Interacted with end users understand issue and provide online support to resolve the issues.
system/netwok administrator
Arcade-infocom
09.2010 - 05.2012
- Lead a team of seven members in which three members are dedicated to system/Network related issue & four members are dedicated to guest calls Install, Configure & troubleshoot switches & routers and other network peripherals like printers & scanners Configure VLANs & inter-VLAN routing communication in L3 switches Troubleshoot internet links with the help of Service providers Monitoring bandwidth utilization with help of MRTG, PRTG graphs and SolarWinds Prepare & follow change management & technical documentation in time of planned outages Create and manage user administration and access control documentation
- Planning activities for team motivation
- Troubleshoot day-to-day network & system related issues
- Preparing network architecture drawing in Visio tool
Education
Bachelor in electronics -
JAWAHARLAL nehru technological UNIVERSITY, HYDERABAD, india
05.2010
Skills
- SIEM
- MacAfee Enterprise security Manager
- Splunk
- Firewalls
- Cisco ASA
- Cisco Firepower
- FortiGate
- Palo Alto
- Routers
- Cisco
- Allied Telesis
- Switches
- HP
- Fortinet
- Virtualization
- VMware ESXi Hypervisor
- IPS / IDS
- Nozomi NSG-L-250
- Nozomi NSG-L-100
- Security Management
- McAfee policy Orchestrator (McAfee ePO)
- Corporate Anti-virus solutions
- McAfee
- Endpoint Management
- Data Loss Prevention
- McAfee DLP Endpoint administration
- Web Filtering solution
- Websense/Forcepoint
- Vulnerability assessment (VA) tools
- OpenVAS & Nessus
- Patch Management
- Ivanti
- Network devices Management
- SolarWinds Kiwi CatTools
- Whatsup Gold
- PRTG
- Cacti
- Secure Remote Acccess
- XONA
- Log Analyzer
- FortiAnalyzer 300G & 800G
Certification
- COMPTIA SECURITY plus (CREDENTIAL ID: COMP001022312716)
- CCNP 350-401 (CREDENTIAL ID: CSCO14561385)
- Vmware Certified ASSOCIATE (CREDENTIAL id: vmw-01214161z-00377213)
- Fortigate certified network security
- Completed CISSP course
Hobbies and Interests
- Theater
- Environmental conservation
- Travel
Timeline
lead engineer
qUEST-GLOBAL
01.2020 - Current
Sr NETWORK administrator
konylabs
01.2017 - 01.2020
Team lead – NOC (network operations center)
RANDSTAD
05.2012 - 01.2017
system/netwok administrator
Arcade-infocom
09.2010 - 05.2012
Bachelor in electronics -
JAWAHARLAL nehru technological UNIVERSITY, HYDERABAD, india
Similar Profiles
JOHN E. MATTHEWSJOHN E. MATTHEWS
Vice President and Head, Global Commercial Solutions at Quest-GlobalVice President and Head, Global Commercial Solutions at Quest-Global
Sureshkumar KunaSureshkumar Kuna
Technical Lead at Quest-GlobalTechnical Lead at Quest-Global
Lokesh DevarajuLokesh Devaraju
Senior Engineer at Quest GlobalSenior Engineer at Quest Global
Jessica AllenJessica Allen
FANS Area Manager at Greenville County SchoolsFANS Area Manager at Greenville County Schools
Doug DentDoug Dent
TWA Claim Specialist - Auto Reinspection at State FramTWA Claim Specialist - Auto Reinspection at State Fram