Summary
Overview
Work History
Education
Skills
Languages
Affiliations
Timeline
Generic
DEVESH BHAT

DEVESH BHAT

Bengaluru

Summary

Results-driven Network Engineer with 8+ years of experience in firewall administration, VPNs, Zscaler (ZIA/ZPA/ZDX), and network optimization. Skilled in designing and managing secure, high-performance, cost-effective network infrastructures. Proven ability to troubleshoot complex issues, ensure business continuity, and deliver innovative technical solutions in enterprise environments.

Overview

8
8
years of professional experience

Work History

Network Security Specialist Client: IMF

LTIMindtree
Banagalore
07.2023 - Current
  • Configured and managed Zscaler Internet Access policies, including URL filtering and firewall rules.
  • Administered ZIA and ZPA platforms for over 10,000 users across multiple regions.
  • Investigated security incidents by analyzing ZIA logs and applying corrective measures.
  • Tuned ZIA configurations to enhance performance and reduce latency globally.
  • Block malicious or risky websites, and monitor threats and malware detections.
  • Handle user internet access issues, review logs and alerts, and support audits and compliance checks.
  • Conducted security audits and implemented compliance controls to ensure adherence.
  • Developed application and network rules to secure traffic and minimise unauthorised access incidents.
  • Performed end-user experience troubleshooting through ZDX monitoring.
  • Configured forwarding profiles and SSL inspection to secure internet traffic effectively.
  • Configure ZIA Cloud Firewall (FWaaS) rules.
  • Manage source/destination, ports, protocols, and application rules.
  • Implement location-based and user-based firewall policies.
  • Deploy, configure, and manage ZDX digital experience monitoring, including policies, probes, and integration with Client Connector.
  • Monitor performance and troubleshoot issues affecting user experience, networks, and apps.
  • Correlate performance metrics to root causes (e.g., device, WAN, ISP).
  • User device performance (CPU, memory, connectivity).
  • Design, configure, and maintain ZPA access policies that determine who can access which internal applications (least-privileged access).
  • Monitoring and troubleshooting of ZPA connectivity.
  • Utilized ZIA dashboards and logs to monitor user activity, generate compliance reports, and identify anomalies.
  • Administered the ZIA platform, managing Super Admin and custom roles for secure access control.
  • Configured advanced security policies (SSL inspection, DLP, firewall) to safeguard enterprise traffic.
  • Collaborated with IT and compliance teams to align ZIA policies with regulatory requirements.
  • Produced detailed reports on user activity, threat detection, and policy enforcement for leadership review.
  • Set up real-time monitoring and alerting for suspicious activities using Azure Monitor and Azure Sentinel, leading to proactive threat detection and response.
  • Led incident response efforts for firewall-related security events, analyzing logs, and adjusting firewall rules to mitigate threats quickly.
  • Successfully deployed Azure Firewall across [number] of Virtual Networks, providing scalable and centralized network security.
  • Implemented threat intelligence-based filtering, blocking known malicious IP addresses and enhancing overall security.
  • Designed, deployed, and managed Azure Firewall to protect critical cloud resources across multiple Virtual Networks.
  • Upgrade and maintain OS, Modules and plugins version to a well-supported level.
  • Creating objects, different types of NAT, Access list, security policies in Palo Alto firewall as per the business requirement.
  • Upgradation of Firewall device by following the path and reviewing the release notes and taking backup of configuration as per the standards.
  • Troubleshoot connectivity issue by checking logs, Monitor, taking packet captures for rectifying Policies Issues.
  • Configuration and Troubleshooting IPSEC VPN site to site connectivity.
  • Thorough understanding and configuration experience on GlobalProtect, zone protection, DoS protection policies, URL filtering, and routing.
  • Policy creation and subnet/client addition on a policy to allow/deny access as per requirement on firewall.
  • Providing technical suggestions and recommendations for optimizing network infrastructure.
  • Creating objects for new Subnets and adding them to security policies at firewall as per the requirement.
  • Creating NAT policies (Source NAT/Destination NAT), and routing for providing communication.
  • Devices Hands-On: Palo Alto PA-5410, PA-5420, PA-4690.
  • Having knowledge working on Checkpoint Rs 88.20 and creating the policies in the firewall and LDAP authentication also.
  • Network Security & Threat Monitoring: App-ID, User-ID, Content-ID, intrusion prevention, and malware protection.
  • Knowledge of working in checking the Deep Capture Packets in the checkpoint.
  • Monitored security systems and identified potential threats to ensure safety.

Senior Network Security Engineer

SLK Software
Bangalore
09.2022 - 05.2023
  • Expert-level knowledge of configuring and troubleshooting IPsec VPN tunnels for connectivity between site-to-site and remote, local locations.
  • strong knowledge of advanced firewall features like GlobalProtect, NAT policies, security policies, policy-based forwarding, URL filtering, and packet capture.
  • Configuring the IPsec site-to-site VPN and proxy ID in the Palo Alto firewall.
  • Networking and security engineering with strong hands-on experience in network and security appliances.
  • Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama’s version 10.2.2-h1 centralized management appliance.
  • Renew the certificate in all the Palo Alto firewalls, as well as Panorama.
  • Designed, implemented, and managed Palo Alto Next-Generation Firewalls in enterprise environments.
  • Configured security and NAT policies using App-ID and User-ID for least-privilege access.
  • Managed site-to-site IPsec VPNs for branch and data center connectivity.
  • Configured Threat Prevention, WildFire, DNS Security, and URL Filtering.
    Administered high availability (active/passive) firewall clusters.
  • Performed firewall rule review, optimization, and periodic cleanup.
  • Integrated firewall logs with SIEM tools for monitoring and compliance.
  • Provided L2/L3 support and coordinated with Palo Alto TAC for complex issues.
  • Prepared SOPs, runbooks, and technical documentation.
  • Managed VPN connectivity and basic firewall rule administration.
  • Performed troubleshooting for connectivity and performance issues.
  • Participated in change management and incident resolution.
  • Supported LAN/WAN infrastructure, including routers, switches, and firewalls.
  • Manage and implement work with Cisco SD-WAN to check the configuration in VEdges, VSmart, VManage, and VBond.
  • Troubleshooting Cisco switches 3850 (Stack Switches), Cisco Catalyst 9200 Series, Cisco Catalyst 9300 Series.
  • Password reset to all the Vedges in the Cisco SD-WAN, and certificate renewal in all the Vedges.
  • Expert-level working knowledge of infrastructure, such as Cisco Meraki, access points, and Cisco WLC.
  • Monitored network traffic for suspicious activity and potential security threats.
  • Collaborated with IT teams to ensure compliance with industry regulations and standards.
  • Directed vulnerability assessments or analysis of information security systems.

Senior Network Support Engineer

TEKSYSTEMS SERVICES
Bangalore
04.2021 - 08.2022
  • Network Performance Management: Handle performance issues, implement configuration changes on routers, and coordinate with vendors when issues originate externally.
  • Monitoring and Troubleshooting: Proactively monitor, troubleshoot, and configure network-related activities to ensure compliance with defined SLAs.
  • Firmware & iOS Upgrades: Perform firmware upgrades on Cisco routers and switches to resolve iOS-related bugs.
  • MPLS & Internet Circuits: Troubleshoot and configure MPLS and Internet circuits for both existing and new sites.
  • Routing Protocols: Configure and troubleshoot routing protocols, including EIGRP, RIP, and OSPF, in production environments.
  • Quality of Service (QoS): Implement and troubleshoot QoS configurations to optimize network performance.
  • Wireless Infrastructure: Maintain Cisco Wireless LAN Controllers (WLC) 3850, 8540, and 2504; configure, and troubleshoot access points via Cisco Wireless Controller and Cisco Prime.
  • Security & Vulnerability Management: Utilize Rapid7 and Qualys to identify and remediate vulnerabilities in switches, routers, and other network devices.
  • Collaborated with cross-functional teams to implement network enhancements.
  • SD-WAN Administration: Manage Prisma SD-WAN, including link flapping issues, and monitoring device health status.
  • Monitored network performance using advanced diagnostic tools and systems.
  • Assisted in the deployment of new networking technologies and solutions.
  • Monitored and maintained network performance, including routers, switches, firewalls, wireless access points, and load balancers.
  • Implemented network security measures, including VPNs, access control lists (ACLs), and firewalls to protect data and systems.
  • Implemented, tested, validated and maintained networking services according to solution designs.
  • Conducted regular maintenance checks to ensure optimal operation of the network infrastructure.
  • Developed documentation for network configurations and troubleshooting procedures.
  • Provided technical support for network issues across multiple client environments.
  • Implemented network monitoring tools to identify and troubleshoot connectivity issues.
  • Corrected network faults and malfunctions to restore connectivity to individual users and entire facilities.
  • Provided technical support for network infrastructure and connectivity issues.
  • Ensured compliance with industry standards in network security protocols.
  • Configured and maintained routers, switches, firewalls, and other network devices.
  • Performed system upgrades to ensure compatibility with new technologies.
  • Configured routers, switches, firewalls and other hardware to deploy and manage LAN, WAN and wireless networks.
  • Designed, implemented, and maintained local area networks (LANs) and wide area networks (WANs) across multiple locations.
  • Utilized network management tools for monitoring, configuration management, and issue resolution.
  • Maintained positive working relationship with fellow staff and management.
  • Evaluated local area network (LAN) and wide area network (WAN) performance data to verify availability and speed, identifying network problems.
  • Imaged OS and software deployments throughout system and addressed implementation concerns.
  • Received and prioritized support requests to maximize resource utilization.

Network Engineer

Microland
Bangalore
07.2019 - 04.2021
  • Responsible for maintaining and supporting the overall network infrastructure to ensure high availability and performance.
  • Troubleshot and resolved issues on Cisco Catalyst 3850 stack switches, Catalyst 9200, and 9300 series switches.
  • Administered and supported Cisco ASA Firewall and SonicWall Firewall, including policy verification and connectivity troubleshooting.
  • Managed Cisco Wireless LAN Controllers (WLC 3850, 8540, and 2504), and supported enterprise wireless infrastructure.
  • Configured and maintained Cisco access points, including Cisco WAP 321 and Cisco WAP 150.
  • Monitored network health using the PRTG Network Monitoring Tool, and analyzed logs from network devices for proactive issue detection and resolution.
  • Designed network configurations for optimized performance and security.
  • Implemented troubleshooting procedures to resolve connectivity issues efficiently.
  • Configured routers and switches for seamless data transmission across networks.
  • Conducted regular network assessments to identify vulnerabilities and risks.
  • Developed incident response plans to address potential security breaches.
  • Configured and maintained firewalls to protect network infrastructure.
  • Monitored network traffic for suspicious activity and potential threats.
  • Conducted regular firewall audits to ensure compliance with security standards.
  • Evaluated new firewall technologies and recommended upgrades as needed.
  • Investigated suspicious network activity to identify possible threats or vulnerabilities.
  • Analyzed log files from firewalls, intrusion detection systems, and other security devices.
  • Evaluated current system architecture against emerging threats and identified areas of improvement.
  • Managed user accounts, permissions, privileges, authentication protocols, encryption keys.
  • Worked closely with IT teams to ensure that all changes were properly documented.
  • Implemented software tools to assist in threat detection, prevention and analysis.
  • Evaluated performance indicators to assess security control quality.

Network Support Engineer

Rooman Technologies
Bangalore
09.2017 - 04.2019
  • Troubleshot and maintained network connectivity issues across office and lab environments to ensure smooth day-to-day operations.
  • Planned and implemented network infrastructure setup for new branch offices, including routing, switching, and connectivity design.
  • Configured and managed Check Point Firewall policies, allowing website access based on business requirements and security guidelines.
  • Planned, configured, and maintained network labs for CCNA Routing & Switching training, including routers, switches, and topology design.
  • Exceeded customer satisfaction by finding creative solutions to problems.
  • Recognized by management for providing exceptional customer service.
  • Utilized advanced technical skills and expertise to troubleshoot complex problems and implement solutions.
  • Completed day-to-day duties accurately and efficiently.
  • Operated routers to ensure efficient data and package flow.
  • Monitored system performance to identify and resolve issues promptly.
  • Implemented safety measures to protect equipment and personnel during operations.
  • Communicated effectively with cross-functional teams to support overall logistics efforts.
  • Configured, tested and maintained routers, switches and related network devices.
  • Maintained up-to-date knowledge of applicable security threats and vulnerabilities associated with router technology.
  • Developed backup plans for redundant routing paths in case of failure or outage.
  • Determined shipping methods, routes or rates for materials to be shipped.
  • Performed periodic maintenance of routers including firmware upgrades and patching.
  • Identified potential areas of risk within the network environment and provided solutions to mitigate those risks.
  • Provided technical support for network issues across multiple client sites.

Education

Bachelor of Technology - Computer Technology

Mewar College of Engineering
Rajasthan
07-2017

Skills

  • Firewall management
  • VPN configuration
  • Firewall administration
  • Zscaler administration
  • Network security
  • Security audits
  • Threat monitoring

Certifications

  • PCNSE, Palo Alto Networks: PAN00194586
  • CCNA Security (210-260): Cisco ID: CSCO13419920
  • Azure Networking (AZ-700): 238E6925740FE80B
  • Azure Security Engineer (AZ-500) - 1F2F442737CC6B94
  • Zscaler Certified Administrator (EDU-200): 79ada014-86de-4a02-951e-98a2de8c27c4
  • Zscaler Digital Transformation Engineer (EDU-202): In progress
  • ZDX Operationalization (EDU-310): In progress

Languages

English
Advanced (C1)
C1
Hindi
Proficient (C2)
C2

Affiliations

Cricket and swimming: Promote teamwork, discipline, and physical fitness.

Timeline

Network Security Specialist Client: IMF

LTIMindtree
07.2023 - Current

Senior Network Security Engineer

SLK Software
09.2022 - 05.2023

Senior Network Support Engineer

TEKSYSTEMS SERVICES
04.2021 - 08.2022

Network Engineer

Microland
07.2019 - 04.2021

Network Support Engineer

Rooman Technologies
09.2017 - 04.2019

Bachelor of Technology - Computer Technology

Mewar College of Engineering
DEVESH BHAT