Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Yashaswini Aitha

Senior Network & Security Engineer

Summary

Progressive Network and Security Engineer with 8.3 years of hands-on experience supporting complex enterprise, data center, and cloud environments across US and India clients. Proven expertise in deploying and managing multi-vendor firewalls (Palo Alto, Fortinet, Check Point, Cisco Firepower), securing WAN and SD-WAN infrastructures, and operating large-scale routing and switching environments. Strong background in Cisco ACI, Nexus, EVPN/VXLAN, F5 load balancing, and cloud networking across Azure and AWS. Adept at automation using Python, Terraform, and Ansible, improving operational efficiency and reducing configuration errors. Demonstrated ability to collaborate across security, cloud, and DevOps teams to deliver secure, scalable, and highly available network solutions while continuously enhancing security posture through advanced threat prevention, endpoint protection, and access control technologies.

Overview

8
8
years of professional experience
2
2
Certifications

Work History

Sr. Network Security Engineer

Bank of America, USA
01.2025 - Current
  • Implemented Palo Alto PA-5430, PA-5450, and PA-5280 firewalls with User-ID and App-ID features to enforce granular access control and enhance overall network security.
  • Deployed Palo Alto PA-3430 and PA-3440 firewalls and performed troubleshooting using the ACI Dashboard to efficiently resolve connectivity and configuration issues.
  • Configured automated firmware upgrades for Palo Alto PA-850 and PA-820 firewalls using Palo Image, reducing downtime and minimizing manual effort.
  • Handled Fortinet FortiGate 1000F and 1800F firewalls to enable secure remote access via IPSec VPN for distributed teams.
  • Used Fortinet firewalls with advanced threat protection to proactively prevent zero-day attacks and improve overall security.
  • Familiar with Cloudflare configuration for global content delivery and API security to optimize application performance.
  • Performed Cisco Nexus switch provisioning using Python scripts on Nexus 9300 and 9400 series, improving implementation speed and reducing configuration errors.
  • Exposure to Azure ExpressRoute setup for dedicated cloud connectivity with low latency and high reliability.
  • Supported Azure Application Gateway to secure web applications and implement Web Application Firewall (WAF) policies.
  • Handled Cisco ASR router configuration on ASR 9922, 9906, and 9901 series with BGP and OSPF to maintain stable WAN connectivity.
  • Worked with other teams on Cisco 9200 and 9300 switches with STP, RSTP, and VLAN configurations for efficient LAN operations.
  • Combined ACI EVPN with VXLAN routing to improve inter-VXLAN communication and multi-tenant support.
  • Contributed with other team members to automate device configuration using Terraform, standardizing setups and reducing errors.
  • Applied Ansible to automate device configuration, enhancing network setup, minimizing errors, and improving efficiency.
  • Utilized Cisco ISE with Meraki MS-250 and MS-350 switches for access control and VXLAN segmentation, with expertise in centralized Meraki wireless management.
  • Involved in deploying and tuning multiple endpoint protection platforms (Symantec Data Loss Prevention (DLP) and Crowdstrike).
  • Enhanced CI/CD workflows by automating pull request vulnerability checks via GitHub Dependabot, reducing developer workload and patching cycles.
  • Created DNS and DHCP automation workflows using Infoblox to increase network reliability and reduce manual effort.
  • Used F5 Load Balancer iSeries (2000i, 5000i, 7000i) to perform SSL offloading and optimize application traffic performance.

Network Security Engineer

ADP
01.2022 - 07.2024
  • Configured Palo Alto PA-3410, PA-3430, and PA-3440 firewalls with Strata Cloud to centralize policy orchestration, simplify management, and enhance overall network security.
  • Managed Palo Alto PA-1410 and PA-1420 firewalls using the ACI Dashboard for unified operations, enabling efficient monitoring and troubleshooting.
  • Deployed Palo Alto PA-460 and PA-450 firewalls with Palo Image for rapid device onboarding, reducing manual configuration time and ensuring consistent policy enforcement.
  • Performed Cisco Firepower FTD 2110 and 2130 configuration with IPS and IDS to enable real-time traffic monitoring and proactive threat prevention.
  • Combined Arista 7800R3 and 7500R3 switches to build scalable data center networking and added additional switches in the secondary data center to expand capacity.
  • Worked with the team to implement SD-WAN (Viptela) vManage for centralized orchestration of WAN devices and improved branch connectivity.
  • Contributed with other team to configure SD-WAN (Viptela) vBond for secure device onboarding and seamless connectivity across branch locations.
  • Created Python scripts for network automation, enabling faster and more consistent configuration across multiple devices.
  • Handled Cisco ISR 4221 and 4461 router configurations with BGP and OSPF to maintain stable WAN routing and optimize traffic flow between sites.
  • Managed Cisco 4500 and 6500 switches with STP, RSTP, and VLANs to maintain efficient LAN operations and prevent network loops.
  • Working with Cisco Meraki MX-64 and MX-84 firewalls, MS switches, and MR wireless series for centralized management, monitoring, and simplified administration across multiple sites.
  • Used Cisco ISE integrated with Meraki and VXLAN to enforce unified access control policies for wired and wireless users.
  • Exposure to Cisco ISE configuration for EVPN integration to support scalable network segmentation in data centers.
  • Created automated DNS and DHCP workflows using Infoblox to improve reliability and reduce administrative overhead.
  • Analyzed AWS CloudWatch metrics to monitor network performance, proactively detect issues, and optimize cloud resources.
  • Supported AWS Direct Connect setup with Route 53 private hosted zones to ensure secure and reliable cloud connectivity.
  • Handled F5 Load Balancer (BIG-IP) 2000 and 5000 series configurations for application health monitoring, SSL offloading, and traffic optimization to ensure high availability.

Network Engineer

Honeywell
05.2019 - 12.2021
  • Implemented Checkpoint R75.10 and R77 firewalls to provide secure remote access and ensure protection of enterprise network traffic.
  • Configured Checkpoint R80.10 and R81 firewalls for advanced malware protection, enhancing overall network security and threat mitigation.
  • Worked with FortiGate 200F and 1000F firewalls for network segmentation to enhance security between different departments.
  • Experienced with OSPF, BGP, HSRP, and VRRP on Cisco 2900 and 3900 routers for efficient routing and high network availability.
  • Used Splunk Search Processing Language (SPL) and Regular expressions to filter Firewall logs AIX TCP/IP DCT team works on Security Vulnerability issues, customer reported PMRs, internal defects and features on TCP components. Work on new enhancements includes FRS, Design Doc and coding.
  • Designed to maximize the pace, dependability, and scalability of vital processes and services by using excess capacity in NetScaler deployments.
  • Implemented AWS security solutions, including VPCs, security groups, network ACLs, and AWS Identity and Access Management (IAM) policies.
  • Worked closely with DevOps team to ensure secure deployment of applications and infrastructure using AWS services and best practices.
  • Configured troubleshoot and manage HA (cluser) and IPSec, SSL, VPN checkpoint for network security and redundancy.
  • Configuring Nexus 2000 Fabric Extender FEX which acts as a remote line card module for the Nexus 5000.
  • Working on Cisco ACI, NxOS and IOS, other SDN products Tiered Domains, QoS, data center network design, cloud infrastructure design and management, OSPF, BGP, VLAN trunking.
  • Involved in Configuration of various Cisco Routers & L2/L3 Switches and implementing OSPF and BGP on the routers.
  • Configured CISCO based routing EIGRP, OSPF and BGP, HSRP, VRRP, route redistribution etc., VRF in routers and switching, VLAN implementation, STP, TVP, Access lists, L3 Switching etc.
  • Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involved new wan links.
  • Utilizing Silver Peak's included evaluation and analysis to ensure that issues are promptly identified and resolved, including monitoring and updating data on internet access and security.
  • Developed unique Solar Winds reports and charts for tracking network operation in the moment and analysing it continuously.
  • Contributed with the team to configure Cisco switches with MSTP and VLANs, ensuring stable LAN operations and preventing network loops.

Network Admin

BlueCloud Softech
09.2017 - 04.2019
  • Implement network & policy changes, domain changes with 3rd parties, write technotes after resolving complex issues, assist in licensing issues, service delivery.
  • Implement, investigating and troubleshooting traffic and user access, log management, tune devices to get utmost performance eliminating vulnerabilities and install new security patches.
  • Configured BGP routes to enable ExpressRoute connections between on premise data centres and Azure cloud.
  • Managed TCP/IP-based services and applications, including HTTP, FTP, and SMTP, ensuring reliable operation and integration with network infrastructure.
  • Configured and managed routing protocols such as OSPF, BGP, RIP, EIGRP to optimize network performance, enhance redundancy, and ensure efficient data routing.

Education

Master of Science - Cybersecurity And Information Assurances

Missouri University
Saint Louis, MO
05.2001 -

Skills

Cisco Platform: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series)

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Switching Protocols: VTP, STP, RSTP, MST, VLANs, ISL, 8021q, EtherChannel, PaGP, LACP, Trunks, VDC

Routing Protocols: RIP, IGRP, EIGRP, OSPF, BGP, IS-IS, HSRP, VRRP, GLBP, MPLS (LDP/TDP), MP-BGP

Monitoring Tools: SolarWinds, Wireshark, NetScout, Netflow, Spectrum, PRTG, QRadar, Cisco Works, Infoblox

Wireless Technologies: Cisco WLC (4100, 5508, 5520, 5706), Cisco APs (1552, 1260, 2600, 3600, 3700), Aruba APs (225, 260, 275, 335, 515, 534, 535, 567), Controllers (3000, 7210, 7240, 620, 650, 6000, 7230), Meraki, Ekahau, AirMagnet, ISE, ClearPass, MSE, NCS Prime

Operating Systems: Cisco IOS, Cat-OS, Nexus-OS, Cisco CLI, Linux, Unix, Ubuntu, Windows, VMware Secure, Terminal Server

Authentication & Communication: TACACS, RADIUS, Digital Certificates, ARP, Wi-Fi, WiMAX, CDMA

Firewalls: PaloAlto (PA-3000, PA-3200, PA-5050, PA-5260, PA-5280), CheckPoint (6000, 7000), Fortinet FortiGate, Juniper SRX

Certification

Cisco Certified Network Associate

Timeline

Sr. Network Security Engineer

Bank of America, USA
01.2025 - Current

Network Security Engineer

ADP
01.2022 - 07.2024

Network Engineer

Honeywell
05.2019 - 12.2021

Network Admin

BlueCloud Softech
09.2017 - 04.2019

Master of Science - Cybersecurity And Information Assurances

Missouri University
05.2001 -
Yashaswini AithaSenior Network & Security Engineer