Vinod Kumar
Certified Senior Network Engineer
Summary
Network Engineer with over 6 years of experience in designing, implementing, and optimizing large-scale networks for enterprise, data center, and cloud environments. Expert in routing and switching protocols, including OSPF, and BGP, as well as security solutions using Palo Alto Firewalls, Cisco ASA, Checkpoint, and Fortinet. Skilled in network automation with Python and Ansible, and experienced in managing cloud infrastructure (AWS, Azure, GCP). Known for delivering resilient network architectures and driving end-to-end automation, contributing to increased uptime, reduced operational overhead, and secure multi-cloud enablement.
Overview
7
7
years of professional experience
3
3
Certifications
Work History
Sr. Network Engineer
Alaska Airlines
07.2025 - Current
- Configured Opengear ZPE/OM consoles and OOB modems for remote access and device management.
- Installed and tested Juniper Mist & Cisco WAPs, created new stations, and validated SSID coverage.
- Racked, stacked, labeled, and upgraded firmware on Cisco Catalyst 2960X/9200/9300 and Juniper EX series switches; configured PDUs.
- Deployed and managed Fortinet firewalls (80F/100F/400F/81F) via FortiManager, performed HA failover testing, and pushed policy updates.
- Installed Cradlepoint LTE modems and FortiExtenders to provide site redundancy and remote connectivity.
- Configured VLANs, trunks, and validated end-to-end L2/L3 connectivity with remote teams during cutovers.
- Handled high-priority business-critical sites, ensuring minimal downtime during migrations.
- Managed Infoblox IPAM for DHCP scopes, DNS records, and IP allocations with proper documentation.
- Automated switch configurations using Ansible Tower, and monitored network health with SolarWinds and Forescout.
- Processed change requests through Cherwell/Ivanti, configured TACACS+/RADIUS, and documented cabling diagrams and IP schemas for handoff.
Sr. Network Engineer
Avanade Inc.
02.2024 - 07.2025
- Managed full-site network deployments across Europe-based enterprise locations, coordinating remotely with smart hands for racking, patching, and cabling while handling switch/firewall provisioning and end-to-end staging.
- Configured Cisco Catalyst 9300 and 9500 series switches as access and core devices, implementing VLAN segmentation, EtherChannel uplinks, HSRP redundancy, and L3 SVIs in line with customer LLD documentation.
- Deployed Silver Peak SD-WAN edge appliances, assigning business intent overlays, configuring tunnel failover logic, and validating DIA breakout paths to ensure optimized application steering.
- Upgraded and maintained Cisco ISR 1100/4000 and Catalyst 8300 routers, aligning licensing, updating IOS-XE firmware, and validating static/dynamic routing behavior during deployment.
- Provisioned and supported Palo Alto PA-850 and PA-5200 firewalls, developing and deploying App-ID–based policies, NAT rules, and segmentation zones using Panorama; later contributed to policy migration and cloud control transition to Strata Cloud Manager.
- Assisted with BGP route propagation and next-hop reachability validations between branch firewalls and Azure Virtual Network Gateways, addressing failover inconsistencies and routing loop concerns.
- Handled Aruba wireless access point deployments (AP-515 & AP-635) at sites in London and US supporting SSID builds, VLAN tagging, and ClearPass onboarding for secure access control.
- Collaborated with Ekahau planning teams and local site techs for RF survey alignment, assisting with AP mounting, controller VLAN mapping, and trunk port configuration to ensure seamless wireless coverage.
- Integrated Panorama with Azure-hosted firewalls, troubleshooting IPsec tunnel drops, validating static route paths, and ensuring phase-1/2 negotiation aligned with Azure IP schemas.
- Participated in rulebase optimization and HA validation, reviewing Panorama-managed templates to remove stale rules, clean unused objects, and test session sync for high availability.
- Monitored site health via SolarWinds and LogicMonitor, tuning SNMP thresholds for interface errors, BGP session drops, and firewall session spikes across distributed infrastructure.
- Deployed Zscaler Private Access (ZPA) for secure, agent-based access to internal applications without traditional VPNs, enhancing remote access posture in line with zero-trust principles.
- Collaborated with Azure network teams to validate cloud-to-site routing, enforce Network Security Group (NSG) policies, and support VNet-to-on-prem tunnel configurations during go-live phases.
- Documented IP schemas, routing topologies, and firewall NAT policies in detailed LLDs using Visio and Excel, maintaining alignment with Avanade’s enterprise deployment and change management standards.
- Coordinated Zscaler policy integration with Azure and NGFW stack, aligning security posture across both cloud and on-prem, and troubleshooting user traffic misrouting or DNS resolution issues tied to ZIA/ZPA.
Network Infrastructure Engineer
McDonald's Corporation
03.2022 - 01.2024
- Provisioned Cisco Catalyst 2960X and 9200 switches across retail sites, configuring VLANs, trunk ports, and inter-VLAN routes to support point-of-sale, guest Wi-Fi, and back-office devices.
- Configured static and dynamic routing on branch routers using OSPF for internal pathing and static routes for external MPLS or DIA handoff.
- Deployed and managed Meraki MX84/MX250 security appliances, establishing Auto VPN and configuring DHCP, NAT, and firewall rules tailored to retail use cases.
- Implemented port security, storm control, and BPDU guard on access switches to harden retail branch access layers against misconfigurations and loop events.
- Used the Meraki Dashboard and Cisco Prime Infrastructure for day-to-day monitoring, firmware rollouts, and template-based provisioning across hundreds of geographically dispersed stores.
- Used Terraform to automate Meraki and GCP VPC provisioning, enabling standardized templates for branch firewall connectivity and basic access control policies.
- Supported basic Python scripting for log parsing and port tracking during remote site deployments.
- Assisted in end-to-end SSID setup and onboarding of Meraki MR42/MR76 wireless access points, including SSID segmentation, VLAN tagging, and WPA2-Enterprise authentication.
- Supported RADIUS authentication for wireless users by integrating Meraki SSIDs with Active Directory groups, enabling secure WPA2-Enterprise onboarding across retail stores.
- Helped configure TACACS+ authentication on Cisco switches and Meraki appliances, enforcing centralized login and role-based access control for network administrators.
- Assisted in validating VMware vSphere networking setups for branch sites, ensuring VLAN tagging, vSwitch configurations, and uplink stability for virtual machines.
- Worked directly with smart hands technicians across U.S. regions to coordinate switch installs, AP mounting, and cable validation during overnight store upgrades.
- Responded to and resolved incidents via ServiceNow, including port shutdowns, native VLAN mismatches, IP conflicts, and DHCP relay misconfigurations.
- Configured NAT and PAT rules to allow internal devices access to cloud-hosted applications while maintaining security controls and reducing IP usage.
- Maintained IP address schemas, tracking static IP reservations, DHCP scopes, and subnet boundaries across corporate and guest networks.
- Assisted with remote site cutovers, verifying WAN connectivity, switch stacking, and VLAN propagation between distribution and access layers.
- Participated in change windows and configuration validation, documenting port maps, switch port configs, and connectivity diagrams in Visio.
- Supported basic Layer 3 troubleshooting, validating gateway reachability, ARP entries, and ICMP responses between retail clients and core services.
NOC & Firewall Support Engineer
Kinecta Federal Credit Union
01.2021 - 02.2022
- Supported day-to-day network operations for 20+ locations, working with Cisco ASA firewalls to apply basic NAT policies, access control rules, and troubleshoot connectivity between internal VLANs and external services.
- Handled L2/L3 switch configurations on Cisco Catalyst 2960 and 3850 series devices, including port provisioning, VLAN tagging, and trunk/port-channel management during access layer escalations.
- Performed basic configuration checks and troubleshooting on Cisco ISR 2900 and 4000 series routers, focusing on interface issues, static routes, and routing table verification during failover scenarios.
- Responded to ServiceNow tickets involving VPN drops, DHCP lease issues, and ACL misconfigurations, maintaining clear communication with internal teams and escalating where necessary.
- Assisted with F5 BIG-IP load balancer operations by validating backend server health, disabling/enabling pool members during app updates, and supporting application routing requirements.
- Assisted with Check Point firewall rule-base management via SmartConsole, applying policy changes, updating security zones, and pushing incremental policy installations to remote branch firewalls during scheduled maintenance windows.
- Monitored and responded to Smart Event alerts for traffic drops, unauthorized access attempts, and IPS signature matches, coordinating with security teams to analyze logs and adjust threat prevention settings.
- Supported site-to-site VPN setups on Check Point appliances, reviewing phase 1/2 configurations, troubleshooting tunnel stability using SmartView Tracker, and validating encryption domains during cross-site connectivity testing.
- Used SolarWinds NPM and NetPath for daily monitoring, helping detect latency, high CPU loads, or interface errors before they impacted branch productivity.
- Worked with Wireshark to isolate packet loss, duplex mismatches, or routing loops, especially during late-night maintenance windows and branch-level outages.
- Maintained up-to-date network documentation, including port maps, subnet lists, and device inventories, ensuring faster troubleshooting and smoother onboarding of new engineers.
Network Administrator
Sungard Technology Services
10.2018 - 12.2020
- Performed racking and stacking of Cisco Catalyst 2960/3750 switches and ISR routers during branch expansions and hardware refreshes, ensuring physical layout matched rack elevation diagrams and power standards.
- Assisted with structured cabling and patch panel setup, labeling and terminating CAT6 cables, verifying link lights, and ensuring port documentation aligned with port maps.
- Used PuTTY and Tera Term for console access and basic CLI operations such as password resets, VLAN creation, and port configurations under guidance from senior engineers.
- Created and assigned VLANs, configured access/trunk ports, and implemented port security policies to support segmented user access and VoIP deployments.
- Helped monitor switch and router performance via CLI commands (show vlan, show interface status, ping, traceroute), reporting anomalies or port errors for escalation.
- Supported Cisco ASA firewall operations, including IPsec tunnel monitoring and basic NAT rule updates during remote branch setups and testing phases.
- Provided basic Windows Server 2016 support, managing user accounts in Active Directory, handling shared folder permissions, and assisting with domain join operations.
- Maintained accurate records of equipment deployment, cable routes, and configuration snapshots in Excel, helping ensure proper documentation during audits or troubleshooting.
Education
Master of Science - Computer Science
Campbellsville University
Campbellsville, KY 05.2001 -
Skills
Network Design & Optimization: Cisco Nexus/Catalyst, Juniper EX/QFX/MX, Palo Alto, ASA, F5, SD-WAN, MPLS, VXLAN, EVPN
Cloud Infrastructure: AWS, Azure, GCP, Hybrid Cloud, VPC Peering, Transit Gateway, CloudFormation
Security & Firewall Management: Palo Alto, Cisco ASA, Checkpoint, Fortinet, VPN, Zero Trust, 8021X
undefinedCertification
Cisco Certified Network Professional (CCNP) – Routing and Switching
Technical Skills
- Routers & Switches: Cisco (Nexus 2k, 3k, 5k, 7k, 9k, Catalyst, ASR, 800, 1800, 2900, 3900), Juniper (EX, MX, PTX, M Series), Palo Alto, Fortinet, Meraki, Checkpoint, F5 BIG-IP
- Firewalls & Security: Palo Alto PA-Series, ASA, Checkpoint (R81.10), Fortinet (FortiGate), Juniper SRX, Cisco ISE, ZTNA.
- Cloud Services: AWS (VPC, EC2, S3), Azure (VNet, Load Balancer), Google Cloud (GCP), Hybrid Cloud Networking.
- Protocols: BGP, OSPF, EIGRP, RIP, IS-IS, VXLAN, EVPN, MPLS, L2VPN, TCP/IP, DNS, SNMP.
- Automation & Scripting: Python, Bash, Ansible, Terraform, GitLab CI/CD.
- Network Management: Wireshark, SolarWinds, NetFlow, HP OpenView, Nagios, Cisco Works,pyt ServiceNow, Zabbix, NetScout.
Timeline
Sr. Network Engineer
Alaska Airlines
07.2025 - Current
Sr. Network Engineer
Avanade Inc.
02.2024 - 07.2025
Network Infrastructure Engineer
McDonald's Corporation
03.2022 - 01.2024
NOC & Firewall Support Engineer
Kinecta Federal Credit Union
01.2021 - 02.2022
Network Administrator
Sungard Technology Services
10.2018 - 12.2020
Master of Science - Computer Science
Campbellsville University
05.2001 -