Summary
Overview
Work History
Education
Skills
CAREER HIGHLIGHTS
Certification
Timeline
Generic

Teja Sai K

Network / Security Engineer

Summary

Results-driven Network Engineer with over 6 years of comprehensive experience in designing, deploying, and maintaining enterprise network solutions across data centers, healthcare, and hybrid cloud environments. Proven expertise in configuring and supporting Cisco IOS devices, including routers and switches (ISR1100, Catalyst 8500/9300X/9400X/9600), with a strong focus on hybrid WAN architectures, SD-WAN implementations, and secure VPN integrations using BGP, IPsec, and Azure Virtual WAN. Skilled in network design, testing, documentation, and ongoing network optimization, with a strong understanding of current networking technologies and protocols including OSPF, EIGRP, MPLS, and QoS. Adept at collaborating across IT teams and vendors to deliver cost-effective, reliable, and scalable network solutions that meet business requirements. Certified in CCNA, CCNP, and PCNSE, with solid knowledge of ITIL frameworks, network security best practices, and cloud connectivity (AWS, Azure, GCP).

Overview

7
7
years of professional experience
3
3
Certifications

Work History

Network Engineer

AT&T
01.2025 - Current
  • Configured and maintained Cisco ISR1100 and Catalyst 8500/9300X/9400X/9600devices via Cisco vManage 20.x, integrating Azure Virtual WAN over IPsec tunnelswith BGP-4 to enhance hybrid WAN reliability and reduce packet loss by 18%.
  • Collaborate with senior engineers and cross-functional teams to coordinate hybrid WAN deployments, troubleshoot performance issues, and ensure seamless project execution.
  • Configured and maintained Palo Alto PA-Series firewalls (PA-220, PA-3200, PA-5200) via Panorama, applying security policies, NAT rules, and VPN configurations.
  • Support Palo Alto PA-Series NGFW deployments with Panorama, configuring App-ID, WildFire, and User-ID policies that improve threat detection accuracy by 22%.
  • Administer Fortinet FortiGate 6000F firewalls integrating IPS and FortiClient EMS, maintaining high endpoint posture compliance.
  • Lead migration efforts from legacy DMVPN/IPsec VPNs to Versa FlexVNF and Silver Peak EdgeConnect SD-WAN platforms, increasing application throughput by 30% and lowering latency.
  • Configured and managed Cisco Viptela edge devices (ISR1100, Catalyst 8500) via vManage, including template deployment, BGP/OSPF routing, and IPsec tunnel setup.
  • Assisted in deploying Versa FlexVNF SD-WAN, onboarding branch appliances, and applying policy-based traffic steering for MPLS/DIA/LTE links.
  • Tune SD-WAN features including Forward Error Correction, Dynamic Path Control, and Bidirectional Forwarding Detection, enabling sub-second failover and minimizing network downtime by 14%.
  • Monitored WAN performance using vAnalytics and Versa Director, proactively identifying high-latency circuits and escalating critical issues.
  • Automate tenant, VRF, and bridge domain provisioning in Cisco ACI multi-pod fabric and Arista EOS multi-switch environments leveraging APIC REST APIs and Python scripting, accelerating deployment speed by 23% and reducing errors.
  • Configured and troubleshoot Layer 3 routing on ACI L3Outs and multi-vendor switches (Cisco Nexus, Juniper MX960, Arista 7280R), optimizing routing convergence and reducing latency by 15%.
  • Used JunOS CLI to troubleshoot routing adjacency, interface errors, and traffic drops in high-throughput environments.
  • Assisted in Versa FlexVNF SD-WAN deployments, onboarding branch appliances, applying traffic steering policies, and optimizing MPLS/DIA/LTE links.
  • Assisted in Cisco SD-Access fabric deployments via DNA Center and Cisco ISE, implementing TrustSec scalable group tags and dynamic segmentation policies, increasing security compliance by 19%.
  • Managed SD-Access underlay protocols (BGP, IS-IS, LISP) to ensure seamless endpoint mobility and maintain 98% successful roaming rates.
  • Integrated Aruba ClearPass with RADIUS authentication and role-based access control, enhancing security for staff and guest wireless networks.
  • Configured TACACS+ on Cisco ISE for role-based CLI access and audit logging, reducing unauthorized access attempts by 18%.
  • Supported deployment and management of F5 BIG-IP ASM/APM/LTM/GTM and Citrix NetScaler ADC appliances for load balancing, SSL offloading, and web application firewall protection.
  • Performed SSL certificate installations, renewals, and cipher suite updates to maintain compliance with security standards.
  • Developed automation scripts using Python, Ansible, Netmiko, and NAPALM integrated with Jenkins CI/CD pipelines, reducing manual errors by 28% and accelerating network configuration deployment.
  • Automated DNS and DHCP record management using Infoblox IPAM REST APIs and Ansible playbooks, streamlining IP address allocation and reducing manual workload by 40%.
  • Developed and maintained Terraform configurations to provision cloud networking resources in AWS, Azure, and GCP.
  • Supported hybrid cloud connectivity with AWS Transit Gateway, Direct Connect, Azure Traffic Manager, and DDoS Protection, maintaining 99.8% uptime.
  • Assisted in configuring Google Cloud Platform Shared VPCs and firewall policies to improve secure inter-project communications by 14%.
  • Assisted deployment of Dell EMC PowerSwitch S5248F-ON ToR switches, configuring VLANs, LACP port-channels, and BGP peering to enhance data center throughput by 12%.
  • Supported VMware NSX-T logical routing and distributed firewall policies, improving virtual network segmentation and overall security posture.
  • Utilized SolarWinds NPM and NetFlow Traffic Analyzer for multi-vendor network monitoring, configuring SNMPv3 and syslog forwarding to reduce incident response time by 22%.
  • Author and maintain detailed network documentation and topology diagrams using Atlassian Confluence and Microsoft Visio; manage RFCs and change controls in ServiceNow with full ITIL compliance.
  • Configured Cisco Meraki MR wireless APs and MX security appliances, managing VLAN-tagged SSIDs and resolving client connectivity issues, reducing support tickets by 15%.
  • Assisted wireless planning and RF analysis using Ekahau Site Survey Pro and Sidekick, achieving 97% Wi-Fi coverage and capacity in clinical and enterprise environments.
  • Performed RF site surveys and coverage validation using Ekahau to optimize AP placement and signal performance.
  • Monitored wireless network health and client connectivity via Aruba Central and on-premise management tools.
  • Implemented enterprise-wide QoS policies on Cisco Catalyst, Nexus, and Arista switches to prioritize voice and video traffic, improving call quality metrics by 19%.
  • Configured voice VLANs and DHCP Option 150 scopes for Cisco IP phone registration and Cisco Unified Communications Manager (CUCM) integration, reducing call registration failures by 20%.
  • Lead the installation, testing, and provisioning of Cisco IP phone systems across enterprise sites, integrating with CUCM via DHCP Option 150 for seamless voice registration and call routing.
  • Participated in VoIP infrastructure upgrade projects, including firmware updates and QoS policy validations, enhancing voice and video communication reliability.
  • Conduct field validation and post-deployment testing of telephony systems, including dial tone verification, VLAN tagging checks, and voice path assurance.
  • Monitor and troubleshoot multi-vendor network environments, collaborating with cross-functional teams to maintain optimal network performance and service levels.
  • Participate in Change Advisory Board meetings, documenting network changes and ensuring compliance with company policies and ITIL best practices.

Network Security Engineer

UHG/OPTUM
01.2024 - 12.2024
  • Designed, deployed, and managed Palo Alto PA-Series (PA-220 to PA-7080) and VM-Series firewalls across on-prem and cloud environments, ensuring high-availability and zero downtime during migrations and configured App-ID, SSL Decryption, and GlobalProtect VPNs, reducing security incidents by 15%.
  • Configured and optimized App-ID, User-ID, Content-ID, SSL decryption, and advanced threat prevention policies, reducing malware incidents by over 20%.
  • Implemented GlobalProtect VPN with multifactor authentication (LDAP, RADIUS, SAML), enabling secure remote access for 1,000+ users.
  • Centralized management using Panorama 10.x, streamlining policy deployment, logging, and compliance reporting across multi-site deployments.
  • Led firewall migration projects from Check Point, Cisco ASA, and Fortinetto Palo Alto, ensuring seamless cutover and security posture enhancement.
  • Led migration from Check Point R80.20 to Cisco ASA and Arista EOS, ensuring zero downtime during policy transitions.
  • Directed migration from Symantec Blue Coat ProxySG to Zscaler ZIA/ZPA, implementing Zero Trust Architecture.
  • Managed BlueCat Address Manager (BAM) and BlueCat DNS/DHCP Servers (BDDS) to support critical healthcare applications, EHR systems, and medical devices.
  • Integrated Splunk with Palo Alto firewalls, Blue Coat ProxySG, and F5 appliances for real-time threat correlation and network visibility.
  • Configured URL filtering, SSL interception, and content filtering policies to block malicious sites and enforce HIPAA-compliant web usage.
  • Maintained IP Address Management (IPAM) for segmented healthcare VLANs, ensuring compliance with HIPAA and internal security policies.
  • Configured Arista 720XP/750 series switches/firewalls, deploying IKEv2 VPNs, NAT, and AnyConnect SSL VPNs.
  • Assisted in deploying and maintaining Cisco ACI Multi-Pod fabric to support critical healthcare applications and EHR systems.
  • Integrated Cisco ACI with VMware vCenter for automated endpoint group assignments and workload mobility.
  • Assisted in deploying and managing Cisco DNA Center for centralized LAN/WLAN automation, configuration, and monitoring across hospital campuses.
  • Integrated Arista EOS with Microsoft AD and RSA SecurID for 802.1X EAP-TLS NAC, segmenting IoMT devices using TrustSec-like policies.
  • Deployed Aruba ClearPass 6.11 and Cisco ISE 3.x for 802.1X authentication, endpoint compliance, and dynamic segmentation.
  • Deployed A10 Thunder TPS 4435 with aFleX rules to mitigate SYN flood DDoS attacks.
  • Managed F5 BIG-IP LTM/GTM i5800 (v16.x), configured ASM modules to mitigate OWASP Top 10 risks.
  • Automated SSL certificate renewals using TCL iRules, Ansible, and HashiCorp Vault.
  • Automated firewall and switch configurations using Ansible 2.12, Netmiko, and NAPALM across 100+ devices.
  • Implemented policy-based automation for VLAN assignments, ACLs, and QoS to prioritize EHR, VoIP, and medical imaging traffic.
  • Developed Python scripts with Palo Alto XML API and Splunk REST API for real-time threat detection.
  • Automated provisioning of tenant, VRF, and bridge domains using Arista CloudVision APIs on 7280R/7500R.
  • Used CloudVision and JSON APIs for proactive traffic monitoring and resolution.
  • Authored runbooks, Visio diagrams, and mentored engineers on Zero Trust, Ansible, and Palo Alto.
  • Built VPCs and virtual networks in AWS, Azure, and GCP using Terraform, cutting provisioning time by 35%.
  • Provisioned AWS Direct Connect Gateways with BGP peering and IKEv2 for hybrid cloud access.
  • Tuned AWS Route 53 with latency-based failover and managed Network Load Balancers for HA.
  • Implemented SD-WAN (Silver Peak) using Arista 7280R, built IPsec tunnels to Azure Virtual WAN, improving reliability by 25%.
  • Deployed Silver Peak / Aruba EdgeConnect EC-XS with Orchestrator 9.x, applying FEC, DPC, and QoS.
  • Configured and maintained site-to-site IPsec VPNs on Cisco ASA, Palo Alto, Fortinet, and Versa SD-WAN platforms to securely connect remote clinics, data centers, and cloud environments.
  • Applied IKEv2/IPsec policies, including encryption (AES-256), hashing (SHA-256), and DH groups, to meet HIPAA and internal security standards.
  • Migrated sites from DMVPN to SD-WAN (Silver Peak) with integrated firewall/VPN, increasing throughput by 20%.
  • Implemented OSPFv2, BGP, MPLS, and sham-links on Arista and Juniper routers for WAN optimization.
  • Managed Aruba 300/500 Series APs via AirWave and Mobility Master; optimized ARM and ClientMatch.
  • Used Ekahau Site Survey and heatmap analysis to plan, validate, and optimize wireless coverage for high-density medical and IoT devices.
  • Conducted predictive and validation surveys using Ekahau Pro and Sidekick for Wi-Fi coverage.
  • Resolved enterprise DNS/DHCP issues, ensuring 99.99% uptime.
  • Participated in on-call rotations, resolving P1/P2 hybrid-cloud incidents within SLA.

Network Support Engineer

Websoft Technology PVT LTD
07.2018 - 07.2023
  • Optimized VLAN segmentation, inter-VLAN routing, and 802.1Q trunking on Cisco Catalyst 3560, 3750, and 4500 Series switches, improving network segmentation and reducing security incidents by 20%.
  • Configured Layer 2 technologies including VLAN trunks, EtherChannel, and Spanning Tree Protocol (STP), enhancing LAN stability and reducing downtime by 15%.
  • Implemented root bridge election, port priorities, and path cost adjustments to optimize traffic flow in multi-switch topologies.
  • Troubleshooted and configured routing protocols (EIGRP IPv4/IPv6, OSPFv2/v3, static routes), improving route convergence time by 30% and maintaining 99.9% network uptime.
  • Configured HSRP/VRRP for gateway redundancy and high availability in mission-critical environments.
  • Documented routing topologies,configurations, and standard operating procedures for operational readiness and compliance audits.
  • Resolved WAN issues involving BGP route reflectors on Cisco Nexus 7000 switches and deployed DMVPN, securing site-to-site communications for 150+ remote locations.
  • Deployed Cisco ASA 5500 series firewalls with SSL and IPSec VPNs, supporting secure remote access for 1,000+ users and reducing unauthorized access attempts by 35%.
  • Implemented NAT, ACLs, and firewall logging, enforcing security policies that decreased network breaches by 25% and enhanced resource access monitoring.
  • Configured AWS Security Groups, Network ACLs, and Azure Traffic Manager, ensuring cloud service availability and secure hybrid connectivity.
  • Supported VMware vSphere and NSXvirtualized environments, maintaining 99.95% uptime and enabling cloud VPN solutions for remote workforce.
  • Configured Citrix NetScaler Gateway with MFA, troubleshooting VPN traffic issues and improving performance by 20%.
  • Managed enterprise wireless networks, resolving 2.4 GHz and 5 GHzconnectivity issues and deploying 802.1X EAP/PEAP authentication, reducing unauthorized wireless access by 30%.
  • Utilized SolarWinds, NetFlow, Wireshark, and Splunk for multi-vendor network monitoring and troubleshooting, proactively resolving network bottlenecks and incidents.
  • Monitored OSPF, RSTP, EIGRP, and BGP protocols using SolarWinds NCM, maintaining 99.9% network availability through proactive issue resolution.
  • Conducted protocol analysis and traffic monitoring with Wiresharkand Splunk, identifying bottlenecks and improving performance by 15%.
  • Administered DNS and DHCP services, troubleshooting name resolution issues and ensuring 99.99% uptime for critical network services.
  • Troubleshot DNS resolution issues, latency problems, and recursive/forwarding configuration errors.
  • Documented DNS architectures, change requests, and operational procedures for compliance audits and disaster recovery readiness.
  • Managed DHCP serviceson platforms including BlueCat, Infoblox, and Windows Server DHCP, ensuring reliable IP address allocation for wired, wireless, and IoT/medical devices.
  • Troubleshooted IP allocation failures, scope exhaustion, and option misconfigurations in enterprise networks.
  • Troubleshooted SNMP communication failures, authentication errors, and inaccurate data reporting.
  • Provided hands-on installation, racking, stacking, and cabling for network devices, accelerating deployment timelines by 25%.
  • Assisted in configuring and maintaining site-to-site IPsec VPN tunnels on Cisco ASA, Palo Alto, and Fortinet devices to connect branch offices and partner sites.
  • Monitored VPN tunnel status and basic performance metrics using firewall dashboards and SolarWinds.
  • Took initiative in troubleshooting and resolving network incidents under supervision, consistently meeting SLA targets and escalating complex issues appropriately.
  • Assisted in provisioning and configuring network resourcesin AWS, Azure, and GCP, including VPCs, subnets, route tables, and security groups.
  • Supported deployment of VPN gateways and IPsec tunnels to connect on-prem networks with cloud environments.
  • Helped configure load balancers (AWS ELB/ALB, Azure Load Balancer) for high availability of applications.
  • Documented cloud configurations, IP allocations, and connectivity diagrams for internal knowledge sharing.
  • Created clear network documentation and standard operating procedures, improving team efficiency and reducing onboarding time for new staff.
  • Managed daily network issues and requests using ServiceNow, ensuring timely resolution and adherence to SLAs.

Education

Master of Science - Information Technology and Management

Eastern Illinois University
05.2001 -

Skills

Networking Protocols: BGP (MP-BGP, EVPN, BGP-4), OSPFv2/v3, EIGRP (IPv4/IPv6), IS-IS, MPLS (Segment Routing, L3VPN), HSRP, VRRP, GLBP, STP (RSTP, MST), LACP, 8021Q, VPC, VDC, MLAG

Switches: Cisco Nexus Series (9500, 9300 NX-OS), Cisco Catalyst Series (9600, 9400, 9300X, 8500, 3750, 3560, 4500), Arista (7280R3, 7500R3), Juniper QFX5220, QFX5130, Dell EMC PowerSwitch S5248F-ON

Routers: Cisco ISR Series (ISR1100, ISR4331), Cisco ASR 9001/9903, ASR 1000 Series, Juniper MX10008, MX204, PTX10008

Wireless: Cisco Catalyst 9800 WLC & DNA Center, Cisco Meraki MR56, MR46, MR36, Aruba Mobility Controllers & APs (AP-515, AP-635), WPA3-Enterprise, Ekahau AI Pro, Aruba ClearPass 611

Firewalls: Palo Alto Networks (PA-5440, PA-7080, VM-Series, PAN-OS 11x, Panorama), Cisco ASA (5525-X, 5545-X, Firepower 9300/4200 FTD), Fortinet FortiGate 6000F (FortiOS), Check Point R8120, A10 Thunder TPS 4435, Symantec Blue Coat ProxySG, Zscaler ZASE (ZIA, ZPA)

Load Balancers: F5 BIG-IP (iSeries, VELOS, v17x, LTM, GTM, DNS), Citrix NetScaler ADC (MPX, VPX), Azure Load Balancer, AWS Gateway Load Balancer (GWLB), Akamai Ion CDN, Kona Site Defender WAF

undefined

CAREER HIGHLIGHTS

  • Specialized in configuring and managing next-generation firewalls including Palo Alto PA-3200/5000/VM-Series, Cisco ASA 5525-X/5545-X, and Arista firewall solutions, leveraging App-ID, SSL Decryption, and GlobalProtect VPN to secure sensitive healthcare PHI networks.
  • Led complex firewall migrations from Check Point R80.20 to Cisco ASA and Arista platforms, ensuring seamless policy translation and zero downtime, maintaining continuous protection of critical systems.
  • Developed automation skills implementing Ansible and Python scripts to standardize multi-vendor network configurations (including Arista EOS), reducing manual errors by 30% and accelerating deployment speed.
  • Optimized hybrid cloud networking and resource provisioning including BGP-4, OSPFv2/v3, and EIGRP on Juniper MX960, Arista 7280R, and Cisco Nexus 9000 switches, optimizing hybrid cloud traffic flow.
  • Proficient in configuring Cisco ACI multi-pod fabrics and Arista EOS multi-switch fabrics, automating tenant, VRF, and bridge domain provisioning using APIC REST APIs and Arista CloudVision APIs, significantly accelerating data center deployments.
  • Facilitated seamless WAN connectivity leveraging MPLS, DMVPN, and hybrid WAN architectures integrating VPN, cloud connectivity, and advanced traffic engineering to optimize performance and resilience.
  • Collaborated with cross-functional teams deploying Arista-based solutions for remote site connectivity, integrating with cloud environments under SDN principles to enhance network scalability and reliability.
  • Implemented dynamic path control and advanced WAN routing policies on Arista EOS platforms to improve network resilience and ensure consistent application delivery across healthcare sites.
  • Managed advanced security protocols including 802.1X EAP-TLS authentication with Cisco ISE and Aruba ClearPass for endpoint posture compliance and TrustSec-based network segmentation, reducing unauthorized access.
  • Maintained and supported enterprise wireless infrastructure, configuring Aruba and Cisco Meraki APs, performing site surveys using Ekahau, and optimizing Wi-Fi coverage for critical healthcare environments.
  • Administered load balancing and web application firewall solutions with F5 BIG-IP and Citrix NetScaler appliances, improving application uptime and mitigating OWASP Top 10 vulnerabilities.
  • Experienced with hybrid cloud networking, automating AWS, Azure, and GCP network resource provisioning via Terraform, Infoblox IPAM automation, and ensuring highly available, HIPAA-compliant connectivity.
  • Troubleshot complex network issues using Wireshark and SolarWinds NPM/NTA, proactively identifying bottlenecks and improving network performance and availability.
  • Implemented QoS policies on Cisco Catalyst, Nexus, and Arista switches prioritizing voice and video traffic, improving communication quality and reducing call registration failures in Cisco Unified Communications Manager (CUCM).
  • Developed proficiency in managing TACACS+ and RADIUS for secure device access control, ensuring audit compliance and reducing unauthorized CLI access.
  • Authored comprehensive network documentation, topology diagrams, and maintained ITIL-compliant change management records using Confluence, Visio, and ServiceNow.
  • Gained hands-on experience with data center technologies including VMware vSphere and NSX for virtual network segmentation and security policy enforcement.
  • Implemented and optimized Arista EOS automation workflows using CloudVision Portal and eAPI, improving network configuration consistency and reducing manual intervention.
  • Led network segmentation and micro-segmentation projects leveraging Arista EOS features and VMware NSX integration, enhancing security posture for critical healthcare applications.

Certification

Cisco Certified Network Associate (CCNA)

Timeline

Network Engineer

AT&T
01.2025 - Current

Network Security Engineer

UHG/OPTUM
01.2024 - 12.2024

Network Support Engineer

Websoft Technology PVT LTD
07.2018 - 07.2023

Master of Science - Information Technology and Management

Eastern Illinois University
05.2001 -

Similar Profiles

CREATE PROFILE
Teja Sai KNetwork / Security Engineer
Profile built at Zety.com