Senior Network Engineer

Ankur
Professional with over 14 years of hands-on expertise in network architecture, design, implementation, and
troubleshooting across multi-vendor environments. Specializing in Cisco, Palo Alto, Juniper, Aruba, and HP
networking technologies, excels in designing and deploying highly available, secure, and scalable network
infrastructures for enterprise and global customers. Proficient in advanced network protocols, multi-vendor
integrations, network security, SD-WAN, and cloud networking, with a deep understanding of network architecture.

Technical Skills

Networking Devices:
 Cisco Routers: ISR 800, 1800, 1900, 2800, 2900, 3700, 3800, 3900, 7200 Series, ASR1K, ISR4K
 Cisco Switches: Catalyst 2900, 3500, 3700 / 3700-X, 6500 Series, 9300, 4500, Nexus 4K, 5K
 Firewalls: Cisco ASA (5500/5500-X, FTD), Palo Alto (PA Series), Zscaler
 Wireless: Cisco WLC, AP 2800/3800, Meraki, Aruba

Routing & Switching:

 Advanced knowledge of Routing Protocols: BGP, OSPF, EIGRP, RIP, Static Routing, MPLS, HSRP, VRRP, GLBP,
MP-BGP, DMVPN, GRE
 Expertise in Layer 2 Switching: VLAN, VTP, Port Channel (EtherChannel), Spanning Tree Protocol (STP, RSTP,
BPDU Guard, Port Security), Inter-VLAN Routing (SVI, Router-on-Stick)
 Advanced Routing Solutions: Multi-homing BGP, MPLS VPNs, DMVPN (Single/Dual Hub/Spoke), QoS, Traffic
Engineering
 High-Availability: VSS (Virtual Switching System), STP tuning for loop-free topology, Redundancy protocols
(HSRP/VRRP/GLBP)
 Network Virtualization: Network Function Virtualization (NFV), Virtual Routing and Forwarding (VRF), VXLAN

Network Security:
 Firewalls: ASA (5500/5500-X), Palo Alto, Juniper SRX – configuration, policy management, and
troubleshooting
 VPNs: Site-to-Site, Client VPN (AnyConnect, SSL), IPSec, GRE, DMVPN, IPsec VPNs with IKEv2
 Network Security Protocols: IPSec, SSL VPN, NAT/PAT, Security Context, VPN Failover, and Redundancy
 Security Best Practices: Firewall Rulebase Configuration, Zone-based Policy Firewall (ZPF), Secure Routing
and Switching Design, ACLs
 IDS/IPS: Palo Alto Threat Prevention, Cisco FirePOWER, Zscaler Threat Intelligence
 Segmentation & Isolation: VLANs, Private VLANs, Micro-segmentation, Network Segmentation for
compliance

Cloud & SD-WAN:

 Cloud Connectivity: – Direct Connect, Site-to-Site VPN, Hybrid Cloud Architecture, SD-WAN integrations
 SD-WAN: Design and deployment with vendors such as Viptela, Cisco, Palo Alto, and Fortinet
 Cloud Networking: Multi-cloud network architectures, SDN (Software Defined Networking)

Network Management:
 Monitoring & Optimization: SNMP, NetFlow, IP SLA, NTP, Syslog, and SolarWinds NPM for network health
and performance
 Network Automation & Scripting: Python, Ansible for automated network configuration, backup, and
compliance tasks
 Network Performance: Load Balancing, WAN Optimization (Riverbed, Cisco WAAS), WAN Acceleration
 Documentation: Detailed HLD, LLD, Configuration Templates, Site-to-Site Network Designs, Disaster
Recovery Plans
Senior Network Engineer

Troubleshooting & Incident Management:

 Advanced Troubleshooting: Layer 2/3 network issues, VPN troubleshooting, and multi-vendor integration
problems
 Incident Management: Experience in resolving network incidents under SLAs, including MPLS, QoS, and VPN
connectivity issues
 Vendor Collaboration: Working closely with service providers (ATT, Verizon, Tata, Reliance) for fault isolation
and escalation management

Summary

Working as Senior Network Consultant (Jan, 2021 – Till Now)

Worked as Senior Network Engineer (Jan, 2017 – Dec, 2020)
Worked as Network Engineer (Jan, 2015 – Dec, 2016)
Worked as Network Support Engineer (Feb, 2011 – Dec, 2014)

 Architecting scalable, resilient, and secure LAN/WAN network infrastructures for large enterprise
environments, ensuring optimal performance and reliability across multiple global locations. This includes
designing high-level and low-level network plans, along with producing detailed configuration
documentation for large-scale implementations.
 Ensuring high availability and fault tolerance through the design and implementation of robust network
systems, aligning with business continuity and disaster recovery strategies.
 Configuring and troubleshooting dynamic routing protocols like BGP, EIGRP, and OSPF to ensure seamless
inter-site communication and efficient routing of network traffic.
 Tuning routing protocols for enhanced performance, optimizing network paths, and maintaining redundancy
across sites to reduce downtime.
 Implementing VLANs to segregate network traffic, ensuring efficient communication between different
segments of the network.
 Configuring and managing Inter-VLAN Routing, Router-on-Stick, and EtherChannel technologies to enhance
redundancy and load balancing across Layer 2 and Layer 3 network layers.
 Deploying and maintaining secure site-to-site and remote access VPNs (IPsec, DMVPN, AnyConnect) to
ensure secure communication between remote sites and users. Troubleshooting VPN connectivity issues,
ensuring optimal security policies are applied to protect data in transit.
 Managing and configuring next-generation firewalls (NGFW) like Cisco ASA and Palo Alto to secure the
network perimeter. This includes configuring access control lists (ACLs), network segmentation, VPN tunnels,
and troubleshooting firewall-related issues to ensure that security policies are enforced.
 Leading the design and implementation of SD-WAN technology to optimize WAN performance, enhance
security, and simplify network management. This includes integrating SD-WAN with existing network
infrastructure, configuring WAN optimization, and addressing performance issues during SD-WAN
deployments.
 Architecting secure and scalable network solutions to integrate on-premises networks with cloud
environments Configuring cloud-based VPNs and firewalls to ensure secure connectivity between on-
premise infrastructure and cloud-based resources.
 Providing in-depth troubleshooting for network issues across L2/L3 layers, resolving problems related to
routing anomalies, connectivity issues, hardware failures, and network performance degradation.
Collaborating with service providers to resolve WAN-related issues within SLAs, managing network incidents
effectively.
 Implementing redundancy protocols like HSRP, VRRP, and GLBP to ensure high availability for critical
network devices. Configuring redundancy at both the routing and switching layers to minimize downtime
and ensure service continuity.
Senior Network Engineer

 Creating and maintaining up-to-date documentation for network designs, configurations, security policies,
and troubleshooting guides. Ensuring consistency in configurations and streamlining network operations.
 Providing guidance and training to junior network engineers on network design principles, security best
practices, and troubleshooting techniques. This is fostering a culture of technical excellence and helping
develop the skills of team members.
 Managing vendor relationships and coordinating with service providers to resolve network connectivity and
performance issues. Troubleshooting MPLS link failures and ensuring optimal service delivery from ISPs.
 Overseeing the firmware upgrade process for networking devices like routers, switches, and firewalls. This
includes testing new firmware versions, planning upgrades to minimize downtime, and performing hardware
replacements (RMA) as necessary to maintain network integrity.
 Managing critical, high, and medium-severity network incidents, ensuring timely resolution within SLA
timelines. Leading change implementation processes such as creating change plans, executing changes, and
ensuring smooth transitions during new site deployments or network upgrades.

Education
 Completed Bachelor of Technology (Computer Science and Engineering)