CRISTIAN MANZANARES

• Working as a Network Security Engineer, Network Infrastructure Design, and Build.
• Hands-on experience in deploying, designing, and performing network segmentation, configuring, and supporting monitoring tools such as Nagios, Zabbix, and PRTG, SolarWinds.
• Hands-on experience with VoIP and call centre on Asterisk PBX (Issabel, SBC), call centre inbound and outbound call reports, statistics, system setup, system maintenance, Issabel IP PBX on public cloud, Ubiquiti switches, and Cisco wireless access points.
• Cisco Catalyst, Nexus, Arista vEOS, Aruba HP switches, and PowerEdge (R730xd, R740xd NVMe, R740xd) servers, IOS-XR, NC5500, ASR9K, CRS, and IOS-XE based platforms.
• VMware ESXi versions 6.x, 7.x, and 8.x, as well as vCenter administration; Aruba switches; MikroTik routers; Juniper (vSRX-NG, vSRX3.0, Apstra, vMX, VRR).
• Migrated legacy VLAN-based datacenters to VXLAN/EVPN (Arista) with zero downtime, improving scalability and traffic segmentation. Deployed Arista 7000/7200 series switches spine-leaf roles, leveraging MLAG and VXLAN for active-active redundancy.
• Cloning data centres, such as mirrors and RAID 1-0 setups.
• Working with FortiGate 60E and 200E firewalls to secure the company network, enhance security, and identify vulnerabilities on the network.

=> Company Overview: REFERENCE: 83268737

• Worked as a Network Security Engineer in designing, implementing, and managing enterprise security solutions. Proven expertise in Palo Alto Networks technologies, including Next-Generation Firewalls (NGFW), Panorama, URL Filtering, GlobalProtect VPN, WildFire, and threat prevention modules. Adept at analyzing security risks, maintaining high network uptime, and aligning security posture with organizational compliance goals.
• Deployed and maintained Palo Alto Next-Generation Firewalls across multiple data centers and branch locations.
  
• Managed and optimized security policies in Panorama for over firewalls, reducing rulebase complexity.
  
• Designed and implemented secure remote access using GlobalProtect VPN for remote users.
  
• Integrated firewalls with SIEM for real-time log analysis and threat hunting.
  
• Enabled and tuned threat prevention features including Antivirus, Anti-Spyware, Vulnerability Protection, and DNS Sinkhole.
• Implemented SSL decryption policies to enhance visibility into encrypted traffic, ensuring compliance with internal security standards.
  
• Coordinated firmware upgrades and security patching for all firewalls in accordance with change management procedures.
• Monitored security events and alerts generated by Palo Alto firewalls and correlated them with other logs in Splunk.
  
• Responded to incidents such as malware detection, blocked IPs, unauthorized access attempts, and DDoS indicators.
• Assisted in migration of legacy firewalls (e.g., Cisco ASA, CheckPoint, Fortinet) to Palo Alto NGFW platforms, including configuration and cutover testing.
  
• Participated in internal audits and provided evidence of firewall compliance with ISO 27001 controls.
• Automation using Rest APIS, JSON, YAML, Python & Ansible with Palo Alto & Panorama.
• Maintained robust security posture by regularly updating security policies and procedures.
• Optimized network performance through effective monitoring and troubleshooting of security devices.
• Efficiently resolved high-priority incidents through thorough analysis of relevant logs and system data.

•Worked in the Voice and Data Center Nexus Switching team as a Tier 3 Engineer in installation, testing, implementation, design, and maintenance of enterprise Cisco Attendant Console, Cisco CUCM, Cisco Unity, Jabber, as well as Webex.

•Monitored network activities to quickly detect and resolve operational and security issues.

•Worked with Cisco ACI fabrics for enterprise datacenters, integrating multi-pod/multi-site architectures for high availability.

•Configure, deploy, and operate Cisco wired and wireless devices, and debug alarms, Syslog, SNMP traps, and Wireshark.

Develop and implement network automation scripts using Python to configure, monitor, and troubleshoot Cisco networking devices (routers, switches, firewalls, etc.).

•Worked in the Routing and Switching team as a Level 2 Engineer, assisting with cases related to routing protocols, switching protocols, STP, EIGRP, OSPF, BGP, ACL, NAT, VLAN, VTP, LACP, HSRP, SNMP, and Nexus OS, VxLAN/EBGP

•Monitored network activities to quickly detect and resolve operational and security issues.

•Deploy and manage Cisco SDN solutions such as Cisco SD-Access, Cisco Catalyst Center, and SD-WAN.

•Develop and implement network automation scripts using
Python (Netmiko, Paramiko, Ansible, YANG) to configure,
monitor, and troubleshoot Cisco networking devices (Routers,
Switches, Firewalls)
• Utilize Cisco APIS (RESCONF, NETCONF) Use ncclient to Connect to NETCONF and automation framework to streamline network operations. Collaborate with network engineers to identify automation opportunities and improve network reliability, performance, and security. Deploy and manage Cisco SDN solutions such as Cisco Catalyst Center, and SD-WAN (vManage, vBond, vSmart and vEdge).

•Analyzing Linux (RedHat, CentOS, Ubuntu and troubleshooting different types of problems such as boot, hardware, storage, software, networking as well as performance and security issues.

• In coordination with team members in India and New York, offering technical support and resolving issues in a timely manner, responding to calls and emails, and keeping track of records on technical issues
• Documented support interactions for future reference, provided exceptional support by consistently meeting service level agreements and performance metrics.
• Used ticketing systems to manage and process support actions and requests.
• Provided Tier 1 IT support to non-technical internal users through desk side support services.