Summary
Overview
Work History
Education
Skills
Certification
Work Availability
Timeline
Generic
Susmitha Idikuda

Susmitha Idikuda

Orlando,FL

Summary

Extensive experience in networking and security, including hands-on experience in providing network installation, network integration, network support, end-point security, and analysis for a broad range of LAN/WAN/MAN communication systems. Hands-on experience on implementation and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether Channel, STP, RSTP and MST. Implementation of HSRPand VRRP for Default Gateway Redundancy. Hands-on experience with Cisco 2960, 3650, 3750, 3850, Cat 4500X, Cat 6500, Cat 6880, and Cat 9K series switches in an enterprise environment. Experience Installing, configuring, and troubleshooting Nexus 2K, 3K, 5K, 7K, and 9K in the datacenter. Thorough with VPC, VDC and FEX. In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Addressing and Subnetting, ARP, VLSM, TCP/IP, MPLS, NAT, ACL, DHCP, and DNS. I worked on Zscaler and Bluecoat proxies. Experience with PAC file, Access Policies for Web traffic, Log feeds to SIEM, Arc Sight, Policies for Internet WEB security based upon location, User ID, Department, AD group, etc. I worked on Cisco IOS for configuration & troubleshooting of routing protocols: OSPF, EIGRP, RIP, and BGP v4. Hands-on experience in configuring and supporting site-to-site and remote access Cisco IPsec, VPN solutions using ASA/PIX firewalls, Cisco AnyConnect and VPN clients. Responsible for Palo Alto and Cisco ASA firewall administration across global networks. Experience the Palo Alto 5K series firewalls. I worked on URL Filtering, SSL Forward Proxy, SSL Decryption, APP ID, and Threat ID on Palo Alto Firewalls. Working knowledge and demonstrated experience on the PAN-OS 6, 7.1, and 8.0 versions: PA 220, PA 820, PA-2K, PA-3K and PA-5K firewalls. Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration. I worked on Application load balancing with Cisco ACE, F5 LTM, GTM, APM, Citrix NetScaler, and A10. I worked on both software and Hardware load balancers. I am well versed with TCP, UDP, Http/Https, SSL, tcpdump, cur and TCL scripting for iRules. Hands-on experience on F5 LTMand GTM series like 6400, 6800, and 8800 for corporate applications and their availability. Experience on Virtual Servers, Pools, Persistence, iRules, Listener IP’s, WideIP’s, SSL, HTTP and TCP headers. I worked on Application traffic security with WAF, F5 ASM, F5 APM for Authentication, Citrix NetScaler’s for ICA proxy, Citrix VDI, Microsoft Office 365, Azure AD, AWS, Zscaler cloud-based proxies, Cisco IronPort proxies and Blue Coat. Experience with end-point Security, DLP, Threat analysis, Tuning, Assessment, Risk Analysis, Security Breach investigations and patching, and vulnerability testing. Experience with ALIEN VAULT, SEIM, N-CENTERAL, ORION, SONIC FIREWALL’S, WATCHGURD, and McAfee/Norton Virus Protection Utilities. Experience in Penetration Testing using manual/automatic tools Providing Technical help to customers on various issues of Symantec Endpoint Protection. Implementation of Symantec Endpoint Protection. Advanced Security Analytics and Endpoint Detection and Response solutions. Experience with industry-recognized SIEM solutions such as NITRO, Splunk, Force point and many other tools. Advanced Security Analytics and Endpoint Detection and Response solutions. Expertise in National Institute of Standards and technology Special Publication (NIST SP) documentation. Experience with HITRUST, HIPPA, PCI and IRS Pub. 1075 Regulation requirements and documenting policies and procedures. Demonstrated ability to work within matrixed resources in a team environment. Possesses strong organizational, time management, and diplomacy skills. Experience in Network intrusion and Intrusion detectionandprevention systems and firewalls. Experience with the process of identifying appropriate controls to comply with security policies and regulations. Experience with threat and vulnerability management tools that include commercial and open source. Experience with MacAfee and other SIEM tools for log analysis and threat management analysis. Providing Technical help to customers on various issues of Symantec Endpoint Protection. Implementation of Symantec Endpoint Protection. Responsible for network equipment maintenance and deployed upgrades to customers. Experience working with multiple vulnerability platforms like Rapid 7, Nessus, Tenable, and IBM Detailed knowledge and hands-on experience in configuring and troubleshooting Layer 3 Interior Gateway Routing protocols such as Link-State routing protocols (OSPF and IS-IS), Distance Vector routing protocols (RIPv1, RIPv2 and EIGRP), and Exterior/Path-vector routing protocols (BGP). Experience in testing Cisco routers and switches in laboratory and deploying them on-site production. DMZ zoning& configuring VLANs,routing, and NATs with the firewalls as per the design. I configured BGP/OSPF routing policies and designsand worked on implementation strategies for the expansion of the MPLS VPN networks. Implemented DMVPN for remote site connectivity. Experience with mGRE tunnels, NHRP tunnels, and IPSEC tunnels. Experience with Junos Pulseand Cisco AnyConnect SSL VPN Solutions. Hands-on experience and demonstrated knowledge on Software-Defined Networking (SDN)and SD-WAN. Experience with Cisco ACI on Creating VXLAN’s, VTEPS, VNID’s, EVPN, Bridge Domains, Tenants, Application profiles, contracts, etc on ACI. Thorough understanding of Spine-Leaf Architecture. SD-WAN experience deploying NFV and SD-WAN platforms (Flex Ware, VeloCloud, Silver Peak, Viptela). Demonstrated ability to work with technical and non-technical staff to identify user requirements and translate them into technology-based solutions. Working knowledge of testing practices and troubleshooting procedures associated with network support. Demonstrated ability to interpret and apply regulatory standards and technical specifications. Exposure to multiple ticketing tools, workflows, and monitoring tools that include ServiceNow, Jira, Remedy, SolarWinds, Wireshark, NetCool, Whatsup Gold, SNMP v2c and V3.

Overview

5
5
years of professional experience
1
1
Certification

Work History

Sr. Network Engineer (Data Center Routing, Switching, Firewalls, Wireless, ISE)

Cummins
07.2023 - Current
  • Working Knowledge and demonstrated experience on Cisco and Alcatel-lucent equipment in an enterprise environment
  • worked on the configuration and installation of Cisco Nexus 3K, 5K, and 7K series switches
  • worked on the configuration of VPC (Virtual Port Channel), VDC (Virtual Device Context), and FCOE in Nexus 5K and 7K series switches
  • Integrating Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x Experience with the configuration of Nexus 2000 Fabric Extender (FEX) for the Nexus 5K to connect servers and storage devices
  • worked on the configuration of Cisco 6500 VSS in Distribution layer of the Data center network
  • worked and was responsible for managing VPN systems for site-to-site and remote access
  • worked on the installation and configuration of Cisco ISR 800, 1000 series and ASR 1000 series routers
  • Working knowledge and demonstrated experience on the implementation of Quality of Service (QoS) through Shaping, Policing, Diffuser, Priority Queuing, QoS Tools, and QoS Algorithms
  • Hands-on experience on the automation framework using Python scripting
  • Managing and configuring Aruba Wireless devices and Cisco Access Points
  • Policy review, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk
  • worked on the URL filtering and upgrade of Palo Alto firewall from PAN-OS 7.1 to PAN-OS 8.0
  • worked on the configuration of DMZ, PAT, SSL Encryption, and App-IDs on the Palo Alto firewall
  • worked on the migration from Cisco ASA to the Palo Alto firewall and the configuration of user IDs, app IDs, SSL encryption, URL Filtering, Policies, Zone Protection, High Availability, and Certification Management
  • Migration and implementation of Palo Alto Next-Generation Firewall series PA-500, PA-3060, PA-5060, PA-7050, and PA-7080 from Cisco PIX and ASA
  • Palo Alto Firewall troubleshooting and policy change requests for new IP segments that either come online or that may have been altered during various planned network changes on the network
  • Worked on BGP routing protocol, configuring BGP sessions and troubleshooting on Nexus 2K, 5K, 7K, Juniper MX-960 routers and cisco ASR routers
  • worked on the Inflobox DNS Traffic control, DHCP, and IPAM for the Network control; I worked on the implementation of Domain Name Service and BIND
  • worked on Infobox to update the DNS host and A records to assist with the migration Security configuration on Wireless LAN using protocols PEAP and EAP-FAST
  • Assigning RADIUS and TACAS for new deployments in production environment
  • AAA for users to implement changes on production devices Assisted in rolling-out Cisco Identity Services Engine (ISE) for network administration & admission control
  • Involved in configuring ISE endpoint profiling policies and enforcing them in the network
  • Designed perimeter security policy, Implemented Firewall ACL's, allowed access to specified services, and Client VPN technologies, including Cisco's VPN client via IPSEC
  • Maintain, Upgrade, and Implement improvements to the VMware ESXI infrastructure
  • Great exposure to SDN and network virtualization technologies like Cisco ACI
  • Migrated VMs across hosts within a HA cluster to perform maintenance tasks on ESXI hosts
  • Deployed VMs from Templates and customized the necessary configurations
  • Created clones from existing VMs and worked on migration of VMs during the server upgrade
  • Responsible for implementing, configuring, and maintaining vulnerability and compliance scanning tools such as Qualys guard, Rapid7 and Tenable
  • Conduct scheduled and ad hoc application and system scans, researching and analyzing vulnerabilities, identifying relevant threats, making corrective action recommendations, and summarizing and communicating findings effectively by using Rapid 7 Insight VM
  • Generate scheduled and ad-hoc reports for different vulnerability scans using Rapid 7 Insight VM and Tenable Nessus
  • Work with Splunk enterprise to identify and address emerging security threats using continuous monitoring, alerting, and analytics
  • Work with Splunk for searching and reporting modules knowledge objects, administration, dashboards, clustering, and forwarder management
  • Manage operational monitoring of equipment capacity and utilization and evaluate the need for upgrades; develop methods for gathering data needed to monitor hardware, software, and communications network performance
  • Implement changes on switches, routers, load balancers (F5 and CSS), and wireless devices per engineer’s instructions and troubleshoot any related issues
  • Worked towards the key areas of the project to meet SLA’s and ensure business continuity
  • Involved in meetings with engineering teams to prepare the configurations according to the requirement
  • Working with different teams to gather information for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker
  • Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT reference material, and interpret regulations
  • Creating change tickets according to the scheduled network changes and implementing the changes.

Network Engineer

Goldman Sachs
04.2022 - 05.2023
  • worked on 2900, 3900, and 7613 Routers, implemented OSPF and BGP, and performed route filtering and route manipulation by applying distribute-lists, route-maps & offset lists
  • Translating Cisco IOS Route maps to Cisco IOS XR Routing policies
  • Configuring HSRP between the 3845 router pairs of Gateway redundancy for the client desktops
  • upgraded the IOS on the ASA 5550and 5585 and have done IOS upgrades on Cisco routers and switches
  • Involved in the configuration and implementation of Composite Network models consisting of Cisco7600, 7200, and 3800 series and ASR 9K and GSR 12K routers and Cisco 2950, 3500, 3550, 3750, 5000, and 6500 Series switches
  • Mutual redistribution of OSPF and BGP routes using route maps for WAN optimization
  • Configuring VLAN, STP, VSTP, and SNMP on EX series switches
  • Working Knowledge and demonstrated experience with the Cisco Firepower Next Generation Firewall (NGFW)
  • worked on the configuration of VPN tunnels for the DMVPN and remote access on the Cisco ASA firewall
  • worked on the configuration of QoS, URL filtering, and other features on the Cisco ASA firewalls
  • Creating objects and groups, updating access-lists on Check Point Firewall, applying static, and hiding NAT using smart dashboard
  • Experience working with migration from 4500 series devices to 6500 Series switches in Campus deployments at Core and Distribution Layers
  • Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitoring the Sync status for tasteful replication of traffic between active and standby member
  • Provided tier 3 support for Check Point and Cisco ASA Firewalls to support customers; Backup and restore of checkpoint and Cisco ASA Firewall policies
  • Monitoring Traffic and Connections at Checkpoint and ASA Firewall
  • Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls
  • I worked with team on the migration from Citrix NetScaler to F5 Load Balancer
  • Experience in deployment and troubleshooting F5 Load Balancer: Includes BIGIP Series 5050V, 10000V, 8900, 6900, and 3900
  • Demonstrated experience with BIG-IP environment utilizing the GTM, LTM, APM or ASM
  • Hands-on experience on F5 BIG-IP LTM 11.2, F5 BIG-IP GTM, F5 BIG-IP APM and F5 BIG-IP ASM
  • Experience with configuring virtual server and load balancing in F5 Networks BIG-IP LTM
  • worked on F5 Load Balancer for managing F5 LTM Application Load Balancing
  • worked on the implementation of Inflobox DNS, DHCP, and IPAM (DDI) for the network
  • Assisted Voice team in the configuration of Cisco Unified Communications Manager (CUCM)
  • Hands-on experience with the working of protocols such as SIP, RTP, RTSP, IGMP, and IP Multicast for supporting the Voice, Data, and Video networks
  • Assisted the networking team on the installation of 7800, 6900, and 3900 series IP phones
  • Assisting offshore teams located in India in upgrades, VLAN configurations, in troubleshooting layer 3 issues and routing protocol issues, mostly BGP
  • Moved Core switches and several non-Cisco devices under strict deadlines without compromising the existing parameters to maintain network functionality
  • Upgrading system images on Nexus 5k and 7k multi-layer switches using kick-start and FTP servers
  • worked on the configuration of BGP and advertisement of routes to the ISP network.

Network Engineer

Epsilon
03.2019 - 01.2021
  • Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services
  • Helped in designing and implementation of VLAN for the new users
  • Installation and Configuration of various types of Personal Computers and Printers
  • Installation of different operating systems on Intel based PC's
  • Troubleshooting of personal computers
  • Online Support to customers concerning their computer problems
  • Replace branch hardware with new 2851 routers and 2960 switches
  • Implemented WLAN Aruba Wireless Access Points and its Controllers at various corporate sites fort 11n Infrastructure and its legacy technologies
  • Experience in working with Cisco Nexus 5000 series switches for data Centre
  • Diagnose, Troubleshoot, and resolve service issues related to VoIP telephony platforms and applications
  • Configured OSPF on CISCO devices with multiple routing processes and redistributed them
  • Tested and hands on experience in multi area OSPF topologies
  • Configured VLANs with 802.1q tagging
  • Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.

Education

Bachelor of Technology -

INDIA

Master of Science - CYBER SECURITY

Webster University
St Louis, MO
03.2022

Skills

  • Network Configuration: Advanced switch/router configuration Cisco IOS access list, Route redistribution/propagation, IPv4, IPv6
  • Routing Protocols: RIP, IGRP, EIGRP, OSPFv2, OSPFv3, IS-IS, BGP v4, MP-BGP
  • WAN Protocols: HDLC, PPP, MPLS, DS1, DS3, OC3, T1 and T3 lines, SONET OC3-OC192, SDH, POS, and PDH
  • Circuit-switched WAN: T1/E1 – T3/E3/OCX (channeled, Fractional & full)
  • Security/Firewall Technologies: Cisco FWSM/PIX/ASDM, Palo Alto, Cisco ASA Firepower, Checkpoint, IDS/IPS, Blue Coat proxy server, Standard/Extended ACLs, Port Security, DHCP Snooping, and IP Source Guard (IPSG)
  • Cisco Routers: Cisco ISR-1000, ISR-4000, ASR-1000, ASR-9000, ASR-5500, Meraki vMX 100; Juniper T4000, MX10, MX40, ACX2200, ACX5000
  • Redundancy and management: HSRP, VRRP, GLBP, RPR, NSF/NSR, STP, Wireshark, SolarWinds, SNMP
  • Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonet (POS)
  • Layer 2 technology: VLAN, VXLAN, HSRP, VRRP, GLBP, STP, RSTP, PVST, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)
  • Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)
  • Switches: Cisco Catalyst 3650, 3850, 6500, 6880, 9k series; Nexus 2k, 3k, 5k, 7k, 9k; Juniper EX3300, EX4600, EX4300, EX3400
  • Load Balancers: F5 LTM, GTM, BIG-IP, iRules
  • Network Management and Monitoring: Wireshark, Infobox, Cisco Prime, Security Device Manager (SDM), Cisco Works; TCP Dump and Sniffer; SolarWinds Netflow Traffic Analyzer; Network Performance Monitor (NPM)
  • Cloud Computing and Automation: Azure AD, AWS, Python, Ansible, and TCL
  • Operating Systems: Cisco IOS, JunOS, Microsoft XP/Vista/7, Windows Servers 2003/2008, Windows MS-Office, Microsoft project server 2013, macOS, Linux (Kali, RedHat, Ubuntu)

Certification

  • Cisco Certified Network Associate R&S (CCNA)

Work Availability

monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Timeline

Sr. Network Engineer (Data Center Routing, Switching, Firewalls, Wireless, ISE)

Cummins
07.2023 - Current

Network Engineer

Goldman Sachs
04.2022 - 05.2023

Network Engineer

Epsilon
03.2019 - 01.2021

Bachelor of Technology -

Master of Science - CYBER SECURITY

Webster University

Similar Profiles

CREATE PROFILE
Susmitha Idikuda