Cristian Manzanares
Heredia
Summary
A highly skilled Network Security Engineer with extensive experience in securing and automating enterprise networks. Expertise includes Palo Alto, Sonicwall, Checkpoint, Azure Cloud, and Cisco networking. Proficient in managing firewalls, VPNs, incident response, and network automation. Adept in Microsoft 365 support (Exchange, SharePoint, Teams) and handling Azure infrastructure components like Virtual
Machines, Storage, Virtual Networks, and VPN Gateways. Strong background in Storage Area Networks, cloud migration, and network security, managing complex projects for global clients, and designing CI/CD pipelines in DevOps environments improving infrastructure efficiency, security, and resilience while collaborating with stakeholders at all levels. Hardworking and passionate job seeker with strong organizational skills. Ready to help team achieve company goals.
Overview
10
10
years of professional experience
Work History
Azure Cloud Engineer
SoftwareCraft
05.2025 - Current
- ++ Key Responsibility +++
- Containerization and Orchestration using Docker and Azure Kubernetes Service (AKS).
- Developed and deployed a Node.js web application using Docker containers and managed its orchestration using Azure Kubernetes Service (AKS).
- Containerization: Containerized a Node.js application using a custom Dockerfile. Built and tested the Docker image locally to ensure functionality before deployment. Pushed the Docker image to Azure Container Registry (ACR) for storage and version control.
- Azure Kubernetes Service (AKS): Set up an AKS cluster and integrated it with Azure Container Registry for seamless deployment. Create Kubernetes manifests (Deployment, Service) for deployment and load balancing of the application on the AKS cluster. Configured Kubernetes to scale the application using multiple replicas for high availability.
- Tools/Technologies: Docker, Azure Kubernetes Service (AKS), Azure Container Registry (ACR), Kubernetes.
- +++ VM Migration: +++
- Azure Database for Microsoft SQL. Database Migration.
- Managed continuous integration and delivery (CI/CD) pipelines using Azure DevOps for efficient deployment processes.
- Cost estimation and calculators.
- Migration Strategies, Lift-and-Shift.
- +++ Other integration Tools: +++
- RMM and ticketing system experience in a high-paced MSP environment (ConnectWise, Autotask, N-Able).
Professional Services Consultant
Pericon Solutions
09.2024 - 04.2025
- Reference 60808065
- Working as a Network Security Engineer, Network Infrastructure Design, and Build.
- Hands-on experience in deploying, designing, and performing network segmentation, configuring, and supporting monitoring tools such as Nagios, Zabbix, and PRTG, SolarWinds.
- Hands-on experience with VoIP and call centre on Asterisk PBX Issabel, SBC), call centre inbound and outbound call reports, statistics, system setup.
- Cisco Catalyst, Nexus, Arista vEOS, Aruba HP switches, and PowerEdge (R730xd, R740xd NVMe, R740xd) servers, IOS-XR, NC5500, ASR9K, CRS, and IOS-XE based platforms.
- VMware ESXi versions 6.x, 7.x, and 8.x, as well as vCenter administration; Aruba switches; MikroTik routers; Juniper (vSRX-NG, vSRX3.0, Apstra, vMX, VRR).
- Migrated legacy VLAN-based datacenters to VXLAN/EVPN (Arista) with zero downtime, improving scalability and traffic segmentation. Deployed Arista 7000/7200 series switches spine-leaf roles, leveraging MLAG and VXLAN for active-active redundancy.
- Cloning data centres, such as mirrors and RAID 1-0 setups.
- Working with FortiGate 60E and 200E firewalls to secure the company network, enhance security, and identify vulnerabilities on the network.
Palo Alto Network Security Engineer
Movate
11.2022 - 08.2024
- Company reference: 83268737
- Worked as a Network Security Engineer in designing, implementing, and managing enterprise security solutions. Proven expertise in Palo Alto Networks technologies, including Next-Generation Firewalls (NGFW), Panorama, URL Filtering, GlobalProtect VPN, WildFire, and threat prevention modules. Adept at analyzing security risks, maintaining high network uptime, and aligning security posture with organizational compliance goals.
- Deployed and maintained Palo Alto Next-Generation Firewalls across multiple data centers and branch locations.
- Managed and optimized security policies in Panorama for over firewalls, reducing rulebase complexity.
- Designed and implemented secure remote access using GlobalProtect VPN for remote users.
- Integrated firewalls with SIEM for real-time log analysis and threat hunting.
- Enabled and tuned threat prevention features including Antivirus, Anti-Spyware, Vulnerability Protection, and DNS Sinkhole.
- Implemented SSL decryption policies to enhance visibility into encrypted traffic, ensuring compliance with internal security standards.
- Coordinated firmware upgrades and security patching for all firewalls in accordance with change management procedures.
- Monitored security events and alerts generated by Palo Alto firewalls and correlated them with other logs in Splunk.
- Responded to incidents such as malware detection, blocked IPs, unauthorized access attempts, and DDoS indicators.
- Assisted in migration of legacy firewalls (e.g., Cisco ASA, CheckPoint, Fortinet) to Palo Alto NGFW platforms, including configuration and cutover testing.
- Working with implementation with Palo Alto Prisma Access and Prisma Secure Browser solutions.
- Configure, and deploy Prisma Access solutions, ensuring optimal integration with existing infrastructure.
- Familiarity with compliance standards such as ISO 27001.
- Participated in internal audits and provided evidence of firewall compliance with ISO 27001 controls.
- Automation using Rest APIS, JSON, YAML, Python & Ansible with Palo Alto & Panorama.
- Maintained robust security posture by regularly updating security policies and procedures.
- Optimized network performance through effective monitoring and troubleshooting of security devices.
- Efficiently resolved high-priority incidents through thorough analysis of relevant logs and system data.
Senior Network Engineer
Cisco TAC Sykes
04.2017 - 01.2022
- Worked in the Voice and Data Center Nexus Switching team as a Tier 3 Engineer in installation, testing, implementation, design, and maintenance of enterprise Cisco Attendant Console, Cisco CUCM, Cisco Unity, Jabber, as well as Webex.
- Monitored network activities to quickly detect and resolve operational and security issues.
- Worked with Cisco ACI fabrics for enterprise datacenters, integrating multi-pod/multi-site architectures for high availability.
- Configure, deploy, and operate Cisco wired and wireless devices, and debug alarms, Syslog, SNMP traps, and Wireshark.
- Develop and implement network automation scripts using Python to configure, monitor, and troubleshoot Cisco networking devices (routers, switches, firewalls, etc.).
- Worked in the Routing and Switching team as a Level 2 Engineer, assisting with cases related to routing protocols, switching protocols, STP, EIGRP, OSPF, BGP, ACL, NAT, VLAN, VTP, LACP, HSRP, SNMP, and Nexus OS, VxLAN/EBGP.
- Monitored network activities to quickly detect and resolve operational and security issues.
- Deploy and manage Cisco SDN solutions such as Cisco SD-Access, Cisco Catalyst Center, and SD-WAN.
- Develop and implement network automation scripts using Python (Netmiko, Paramiko, Ansible, YANG) to configure, monitor, and troubleshoot Cisco networking devices (Routers, Switches, Firewalls).
- Utilize Cisco APIS (RESCONF, NETCONF) Use ncclient to Connect to NETCONF and automation framework to streamline network operations.
- Collaborate with network engineers to identify automation opportunities and improve network reliability, performance, and security.
- Deploy and manage Cisco SDN solutions such as Cisco Catalyst Center, and SD-WAN (vManage, vBond, vSmart and vEdge).
- Analyzing Linux (RedHat, CentOS, Ubuntu and troubleshooting different types of problems such as boot, hardware, storage, software, networking as well as performance and security issues.
Help Desk Agent
Hewlett Packard Enterprise
02.2016 - 04.2017
- In coordination with team members in India and New York, offering technical support and resolving issues in a timely manner, responding to calls and emails, and keeping track of records on technical issues.
- Documented support interactions for future reference, provided exceptional support by consistently meeting service level agreements and performance metrics.
- Used ticketing systems to manage and process support actions and requests.
- Provided Tier 1 IT support to non-technical internal users through desk side support services.
Education
AZ-104 Azure Administration DevSecOps/Kubernetes - DevSecOps/Kubernetes On Azure
SmartData
03-2025
CCNP Data Center Application Centric Infrastructur - undefined
O'Reilly
10.2024
Certificate of Higher Education Cybersecurity/Cloud Security (PCNSE)/Prisma SASE - undefined
Beacon Palo Alto - O'Reilly
05.2024
Certificate of Higher Education Bootcamp Automate/Security with AWS - undefined
INE/Udemy
03.2024
Certification - Kubernetes Administrator
O'Reilly
Heredia01.2024
The Complete Practical Docker Guide Hands-On - Docker Guide
O'Reilly
Heredia10.2023
Cisco Programmable Fabric With VXLAN, BGP EVPN - undefined
O'Reilly
09.2023
Certificate - Hands-On Cybersecurity Analyst SIEM SOC
Udemy
05-2025
High School Diploma -
Experimental Mexico
10-2011
Skills
- Cloud security control
- Firewall administration
- Operating systems expertise
- SQL database proficiency
- Security protocols comprehension
- Cybersecurity policy development
- Troubleshooting proficiency
- Problem-solving
- Azure Administrator/DevSecOps
- Terraform on Azure/Kubernetes and Docker
- Virtualization technology experience
- Network troubleshooting
- Network design
- Cloud computing concepts
- Cisco networking
- Linux bash scripting and Unix experience
- Python programming language
- Virtual private network usage
- SIEM tools familiarity
- Cisco Programmable Fabric with VXLAN, BGP EVPN, ACI
Languages
English
Spanish
Timeline
Azure Cloud Engineer
SoftwareCraft
05.2025 - Current
Professional Services Consultant
Pericon Solutions
09.2024 - 04.2025
Palo Alto Network Security Engineer
Movate
11.2022 - 08.2024
Senior Network Engineer
Cisco TAC Sykes
04.2017 - 01.2022
Help Desk Agent
Hewlett Packard Enterprise
02.2016 - 04.2017
CCNP Data Center Application Centric Infrastructur - undefined
O'Reilly
Certificate of Higher Education Cybersecurity/Cloud Security (PCNSE)/Prisma SASE - undefined
Beacon Palo Alto - O'Reilly
Certificate of Higher Education Bootcamp Automate/Security with AWS - undefined
INE/Udemy
Cisco Programmable Fabric With VXLAN, BGP EVPN - undefined
O'Reilly
AZ-104 Azure Administration DevSecOps/Kubernetes - DevSecOps/Kubernetes On Azure
SmartData
Certification - Kubernetes Administrator
O'Reilly
The Complete Practical Docker Guide Hands-On - Docker Guide
O'Reilly
Certificate - Hands-On Cybersecurity Analyst SIEM SOC
Udemy
High School Diploma -
Experimental Mexico
Similar Profiles
CRISTIAN MANZANARESCRISTIAN MANZANARES
Azure Cloud Engineer at SoftwareCraftAzure Cloud Engineer at SoftwareCraft
KATHERINNE SOLIS RODRIGUEZKATHERINNE SOLIS RODRIGUEZ
Account manager at Bill Gosling OutsourcingAccount manager at Bill Gosling Outsourcing
Sofia Rebeca Perez RojasSofia Rebeca Perez Rojas
Specialized Technician 6 at Organismo De Investigacion Judicial (OIJ)Specialized Technician 6 at Organismo De Investigacion Judicial (OIJ)
Raquel Ruiz QuesadaRaquel Ruiz Quesada
Project Manager at Hanson and Hanson Consulting GroupProject Manager at Hanson and Hanson Consulting Group
Suman UnnikatSuman Unnikat
Senior Systems Engineer (Azure Cloud Engineer) at Infosys LimitedSenior Systems Engineer (Azure Cloud Engineer) at Infosys Limited