Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

SANTOSH GAVVA

Aurora,CO

Summary

Dynamic Network Surveillance Engineer at DISH, adept at optimizing network performance and security through advanced technologies like Cisco ACI and Palo Alto firewalls. Proven track record in enhancing infrastructure reliability and user experience, while effectively collaborating with vendors. Strong analytical skills complemented by a results-driven approach to problem-solving. Committed job seeker with a history of meeting company needs with consistent and organized practices. Skilled in working under pressure and adapting to new situations and challenges to best enhance the organizational brand.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Network Survillence Engineer

DISH
Denver, CO
03.2024 - Current
  • Designed, deployed, and managed LANs, WANs, and wireless networks, ensuring seamless connectivity and high availability.
  • Configured and maintained network infrastructure, including routers, switches, firewalls, VPNs, and VoIP systems.
  • Monitored network performance and optimized bandwidth utilization to improve efficiency and reliability.
  • Managed network security solutions, including firewalls, IDS/IPS, and endpoint protection to safeguard organizational data.
  • Conducted system audits, network troubleshooting, and root cause analysis to minimize downtime and enhance performance.
  • Implemented disaster recovery and business continuity plans, ensuring data protection and service availability.
  • Performed server administration tasks, including managing Active Directory, DNS, DHCP, and email servers.
  • Designed and maintained VoIP phone systems, ensuring high-quality voice communications and minimal latency.
  • Collaborated with vendors and stakeholders to evaluate and procure networking hardware and software solutions.
  • Developed and maintained comprehensive network documentation, including topology diagrams and configuration records.
  • Provided technical support and training to end users, troubleshooting network and workstation issues effectively.
  • Applied best practices for network capacity planning, scalability, and future-proofing infrastructure investments.
  • Implemented Arista 7508R3, 7304X, spine switches 7280R3, and advanced features like VXLAN and LANZ.
  • Deployed spine-leaf architecture using Cisco ACI and Arista CloudVision, and implemented VPC and VDC with Cisco Nexus 9500, 9300, and 7700 series switches.
  • Cisco ACI with Nexus 9500, 9300, 7700, 7000, 5000, 3000, and Catalyst 9500/9300, 4500/4900, and ISR 4461, ASR 1001-HX routers.
  • Created contracts between EPGs and VMs during data center migrations in Cisco ACI environments.
  • Improved infrastructure security and agility using Cisco Tetration for application flow visibility and micro-segmentation.
  • Performed regression testing, performance analysis, and failover testing on Juniper SRX1500 series in a sandbox environment.
  • Implemented and configured Cisco Tetration and Cisco Email Security from scratch to enhance security posture.
  • Spearheaded the deployment of Prisma Access for secure and reliable remote access, supporting thousands of global users.
  • Configured security policies and optimized network performance to enhance user experience and security.
  • Leveraged Cisco DNA Assurance for proactive monitoring, network health analysis, and troubleshooting to ensure optimal performance and user experience.
  • Implemented and managed SD-Access through Cisco DNA Center, enabling secure segmentation and simplified policy management.
  • Troubleshot connectivity and hardware issues in Juniper vSRX and Contrail cloud environments.
  • Implemented and configured Versa SD-WAN for remote site connectivity, MPLS integration, and routing/application policies.
  • Worked on implementation of major projects like Juniper SRX firewall migrations in core mobility networks for multiple sites and zones (CORE-DMZ, EXN, ECB, CAZ, ISPAN, DST).
  • Utilized OpenFlow on Arista 7250X switches to monitor and optimize traffic flow.
  • Configured and managed Cisco Catalyst 9500, 9300, 4500 series, and Aruba 7200, 3600 series controllers and APs, as well as Cisco WLC 9800 Series, WISM2, and Ruckus APs.
  • Designed and deployed enterprise wireless solutions across corporate HQs, co-locations, and 100+ branch offices with distinct SSIDs using Cisco/Meraki solutions.
  • Configured and managed Palo Alto Networks (PA-5400 Series, PA-5200 Series) and Checkpoint Firewalls (Quantum Security Gateways) with App-ID, Threat-ID, URL Filtering, User-ID, and SSL Decryption.
  • Implemented network micro-segmentation and cloud security using Palo Alto, Fortinet, and VMware NSX.
  • Implemented Cisco Tetration and Cisco Email Security solutions from scratch to enhance security posture.
  • Managed multiple Palo Alto Firewalls using PANORAMA for centralized logging, reporting, and configuration management.
  • Configured Palo Alto firewalls to connect with WildFire for zero-day threat prevention and malware detection.
  • Securing the cloud and Virtual Network using Micro-Segmentation with Fortinet and Palo Alto Firewall.
  • Conducted firewall rule analysis, modification, and administration for enhanced security compliance and performance.
  • Addition/Deletion of Firewall Rules, Reviewing and Processing the ticket, Firewall Clean up, Virtual Servers, Certificate Creation/Renewals, Troubleshooting.
  • Deployed Cisco WSA S300, S170, and Bluecoat Proxy SG S400 for web filtering, data loss prevention, and inspection.
  • Implemented L4/L7 services and network micro-segmentation using Cisco ASA, Palo Alto virtual firewalls, and integration with ACI and Arista VXLAN fabrics.
  • Worked on F5 GTM, AFM, and ASM for protection against advanced DDoS attacks and other security threats.
  • Designed, built, and deployed F5 Big-IP load balancers (i5800, i7800, Viprion series) for enterprise-grade applications.
  • Provided Tier-II support and designed solutions for migrating applications from Cisco CSS to F5 Big-IP LTM.
  • Integrated Prisma Cloud across multi-cloud environments, ensuring continuous security and compliance monitoring.
  • Deployed and managed Prisma Cloud for continuous protection and compliance in AWS, Azure, and GCP environments.
  • Worked on F5 GTM, AFM, ASM and other F5 components to protect against advanced DDoS attacks.
  • Configured and managed Cisco Catalyst 9500, 9300, 4500 series, and Aruba 7200, 3600 series controllers and APs, as well as Cisco WLC 9800 Series, WISM2, and Ruckus APs.
  • Designed and deployed enterprise wireless solutions across corporate HQs, co-locations, and 100+ branch offices with distinct SSIDs using Cisco/Meraki solutions.
  • Deployed Aruba wireless infrastructure, including virtual controllers, clustered APs, and AirWave management for international sites.
  • Wireless 802.1X Deployment: Deployed Cisco and Aruba wireless 802.1X infrastructure, including Aruba switches, across enterprise networks.
  • Authored scripts using VMware PowerCLI and Windows PowerShell for capacity planning and virtualization infrastructure monitoring.
  • Designed and deployed enterprise wireless solutions across corporate HQs, co-locations, and 100+ branch offices with distinct SSIDs using Cisco/Meraki solutions.
  • Managed network changes, upgrades, and configurations in adherence to ITIL Change Management processes. Ensured risk mitigation and communication with stakeholders before executing changes.
  • Handled and prioritized network service requests following ITIL best practices. Delivered timely network provisioning, configuration, and troubleshooting services for end-users.
  • Implemented network micro-segmentation and cloud security using Palo Alto, Fortinet, and VMware NSX.

Network Engineer

Tech Mahindra
Hyderabad, India
09.2017 - 08.2021
  • Worked on F5 BIG-IP LTM and GTM modules, performing software upgrades, hotfix installations, and virtual server configurations.
  • Configured virtual servers, pool members, and health monitors, including URL redirection scripting on F5 LTM and GTM.
  • Managed Cisco ISE for authentication, monitoring, and troubleshooting of user-reported issues.
  • Configured Cisco ISE policies for non-profiling devices, allowing network access, and troubleshooting VPN-related issues.
  • Utilized Cisco Firepower Management Centre for rule management on internet devices, including addition, deletion, and modification of rules.
  • Designed and installed Cisco Firepower for application and URL filtering, threat prevention, and data filtering.
  • Implemented zone-based firewalling and security rules on Cisco ASA Firewalls.
  • Configured TACACS+, RADIUS, and LDAP in Cisco Firepower for secure authentication.
  • Managed Cisco ACI, configuring policies, tenant profiles, VMM domains, and association policies, including troubleshooting EPG-EPG security policies, LEAF Port policies, and route advertisements.
  • Troubleshot hardware, software, and network-related issues, including desktop responsibilities like software and hardware installations and configurations.
  • Installed and configured Palo Alto Next-Generation PA-3060 and PA-5060 firewalls, integrating IPS features to enhance Data Centre security.
  • Created, documented, and organized system configurations and cabling for Palo Alto Firewalls to support internet tools and tenant networks.
  • Implemented BGP routing with Single MPLS as failover for all corporate locations, providing redundancy in a multi-homed BGP network by tuning AS-path.
  • Implemented and proactively monitored MPLS (MPLS-VPN) and BGP technologies, including QoS (Layer 2 and Layer 3).
  • Performed hardware and code upgrades on Cisco, Dell, Riverbed, and Palo Alto devices, ensuring optimal network performance.
  • Provided production support for network issues, maintained ticket tracking, and followed escalation procedures for Layer 2 and Layer 3 issues.
  • Managed Palo Alto firewalls, including upgrades from version 6.1.5 to 6.1.10, and implemented Zone-Based Firewalling and security rules.
  • Managed F5 BigIP GTM/LTM appliances, including writing iRules, SSL offload, creating WIP and VIPs, and implementing F5 LTM for VIPs and Virtual servers.
  • Involved in the design, implementation, and troubleshooting of Check Point firewalls, including Check Point Provider-1 / VSX and NetScreen Firewalls.
  • Conducted security assessments and implemented features like network filtering, SSL, AAA, SNMP access lists, and HSRP authentication.
  • Implemented various F5 iRules, managed F5 Big IP GTM/LTM appliances, and provided load balancing solutions using F5 Load balancers.
  • Integrated F5 GTM pairs into existing groups, ensuring seamless traffic distribution across network resources.
  • Configured and deployed Cisco 2504 Wireless LAN Controllers and Fortinet-60D units, ensuring secure wireless access.

Education

M.S. - Information Systems

New England College University
Henniker, NH
04-2023

Skills

  • Firewalls
  • Palo Alto Networks
  • Checkpoint Firewalls
  • Cisco ASA
  • Routing Protocols
  • OSPF
  • BGP
  • IP SLA
  • Switching Technologies
  • Nexus
  • Cisco ACI
  • Catalyst 9500
  • Catalyst 9300
  • Catalyst 4500
  • VXLAN
  • LANZ
  • VTEPs
  • VNIs
  • Bridge Domains
  • EVPN
  • Communication Protocols
  • IPsec
  • SSL Decryption
  • SNMP
  • LDAP
  • RADIUS
  • TACACS
  • 8021X
  • Redundancy Protocols
  • HSRP
  • VPC
  • MPLS Layer 3 VPN
  • WAN Technologies
  • SD-WAN
  • VPN
  • ExpressRoute
  • Azure Virtual Network Gateway
  • LAN Technologies
  • VLANs
  • Spanning Tree Protocol
  • Wireless Technologies
  • Cisco Meraki
  • Aruba
  • Cisco WLC 9800 Series
  • Mesh APs
  • Wireless 8021X Authentication
  • Flex Connect
  • Load Balancers
  • F5 BIG-IP
  • IRules
  • SSL Offload
  • Cisco CSS
  • NEXUS Features
  • Vendor collaboration

Certification

  • Cisco Certified Network Associate (CCNA)

Timeline

Network Survillence Engineer

DISH
03.2024 - Current

Network Engineer

Tech Mahindra
09.2017 - 08.2021

M.S. - Information Systems

New England College University

Similar Profiles

CREATE PROFILE