Network Engineer Resume Examples: 4 Templates for Enterprise, Cloud, Security, and NOC Roles

Contact: marcusreyes@email.com | (312) 555-0142 | Chicago, IL | linkedin.com/in/marcusreyes

Professional Summary

CCNP Enterprise-certified network engineer with 7 years of experience designing and managing LAN/WAN infrastructure for enterprise environments with 3,000 to 8,000 endpoints. Expert in BGP, OSPF, and MPLS across Cisco Catalyst, ASR, and Nexus platforms and Juniper EX/QFX series. Delivered a $2.1M campus network refresh across 12 sites with 99.97% uptime over 18 months post-migration.

Experience

Senior Network Engineer | Meridian Financial Group, Chicago, IL | 2020–Present

• Architected and deployed a dual-stack BGP route policy framework across 4 data centers and 3 colocation facilities, reducing unplanned outages by 41% and cutting mean time to restore (MTTR) from 47 minutes to 22 minutes.
• Led a 12-site Cisco Catalyst 9000 campus refresh replacing legacy 3560/3750 infrastructure; managed $2.1M project budget, delivered on schedule with zero data-loss migration events.
• Designed and implemented MPLS L3VPN topology connecting 6 branch offices to Chicago HQ, reducing WAN circuit costs by $180K annually over previous MPLS provider contract.
• Built Cisco ISE 3.0 NAC framework for 802.1X port authentication across 4,200 endpoints; eliminated 100% of unauthorized wired device connections within 60 days of rollout.
• Managed QoS policy for voice and video prioritization across 8,000-endpoint network; reduced VoIP MOS score complaints from 14/month to 2/month within 90 days.
• Mentored 2 junior network engineers; led internal BGP/OSPF lunch-and-learn series (6 sessions, 40 attendees).

Network Engineer | Accenture Network Services, Chicago, IL | 2017–2020

• Supported WAN infrastructure for 3 enterprise clients totaling 22 branch locations on Cisco ASR 1001/1002 routers; maintained 99.95% availability SLA across all client accounts.
• Deployed Juniper EX4300 access-layer switches at 2 client sites; configured VLANs, STP, VTP, and port security for 600-endpoint deployments each.
• Performed IOS-XE and Junos firmware lifecycle management for 80+ devices; zero production incidents attributable to maintenance windows.
• Troubleshot BGP route propagation issues causing inter-site latency spikes; root-caused to misconfigured MED attributes, resolved within 2-hour SLA.

Certifications

• Cisco CCNP Enterprise (ENCOR 350-401, ENARSI 300-410) | Cisco ID: CSCO14238771 | Issued Jan 2023 | Expires Jan 2026
• Cisco CCNA (CCNA 200-301) | Issued Mar 2019
• CompTIA Network+ (N10-008) | Issued 2017

Technical Skills

Routing and Switching: BGP, OSPF, EIGRP, MPLS L3VPN, STP/RSTP, VTP, 802.1Q, QoS (DSCP/CoS), VXLAN
Platforms: Cisco Catalyst 9000/6500/4500, Cisco ASR 1000/9000, Cisco Nexus 9000/7000, Juniper EX4300/QFX5100
Security: Cisco ISE 3.0, 802.1X NAC, ACLs, firewall policy review
Monitoring: SolarWinds NPM/NTA, PRTG, Cisco DNA Center, Wireshark, NetFlow
Automation: Python (Netmiko, NAPALM), Ansible, Cisco RESTCONF/NETCONF (early-stage)

Education

B.S. Information Technology | University of Illinois at Chicago | 2017

Contact: priya.nair@email.com | (415) 555-0219 | San Francisco, CA | linkedin.com/in/priyanair-cloud

Professional Summary

Cloud network engineer with 6 years of experience spanning enterprise LAN/WAN (CCNA) and AWS cloud networking (Advanced Networking Specialty). Architected and operates a hybrid multi-account AWS network serving 45 VPCs across 3 regions using Transit Gateway and Direct Connect, supporting 2,400 cloud workloads for a 900-person SaaS company. Deep expertise in BGP route policy over Direct Connect, SD-WAN overlay on AWS (Cisco Viptela), and network cost optimization reducing monthly data-transfer spend by 34%.

Experience

Cloud Network Engineer | Luminary SaaS, San Francisco, CA | 2021–Present

• Designed and deployed AWS Transit Gateway hub connecting 45 VPCs across us-east-1, us-west-2, and eu-west-1; centralized egress routing through a shared services VPC, reducing NAT Gateway costs by $62K/year.
• Architected dual AWS Direct Connect connections (10 Gbps each) with BGP failover from on-premises colocation to AWS; achieved 99.99% hybrid connectivity uptime across 18 months post-launch.
• Implemented Cisco Viptela SD-WAN overlay to extend on-premises MPLS fabric into AWS Transit Gateway, enabling consistent QoS policy across hybrid application traffic.
• Designed AWS Route 53 Resolver DNS architecture for split-horizon resolution across 12 on-premises domains and 8 private AWS hosted zones; resolved DNS resolution latency from 180ms to 4ms for internal services.
• Built AWS Network Firewall policy covering 2,400 workloads; integrated with Splunk Cloud for centralized traffic logging; reduced east-west inspection blind spots by 100%.
• Automated VPC and subnet provisioning via Terraform modules; reduced new environment provisioning time from 3 days (manual) to 4 hours (automated).

Network Engineer | Westbridge Consulting, Oakland, CA | 2018–2021

• Supported hybrid cloud connectivity for 4 enterprise clients migrating from on-premises Cisco ASR routers to AWS Direct Connect; managed BGP route advertisements across 6 Direct Connect virtual interfaces.
• Configured AWS VPC peering, security groups, and NACLs for 3 production environments; documented network topology for PCI-DSS audit readiness.
• Maintained SolarWinds NPM and PRTG monitoring for 200 on-premises devices while standing up CloudWatch network insights dashboards for parallel hybrid visibility.

Certifications

• AWS Certified Advanced Networking Specialty (ANS-C01) | Issued Sep 2023 | Expires Sep 2026
• AWS Certified Solutions Architect Associate (SAA-C03) | Issued 2021
• Cisco CCNA (200-301) | Issued 2018

Technical Skills

AWS Networking: VPC, Transit Gateway, Direct Connect, Site-to-Site VPN, Route 53 Resolver, AWS Network Firewall, PrivateLink, VPC Lattice
Hybrid Connectivity: BGP (AS-path, MED, community strings), MPLS handoff, SD-WAN (Cisco Viptela, VMware VeloCloud concepts)
IaC and Automation: Terraform (AWS provider), Python (boto3), AWS CloudFormation
Monitoring: CloudWatch, VPC Flow Logs, Splunk Cloud, AWS Network Manager
On-Premises (legacy): Cisco ASR 1000, Catalyst 9000, BGP/OSPF, SolarWinds NPM

Education

B.S. Computer Science | San Jose State University | 2018

Contact: jordan.kim@email.com | (212) 555-0387 | New York, NY | linkedin.com/in/jordankimsec

Professional Summary

Network security engineer with 8 years of experience in enterprise firewall management, Zero Trust architecture, and NAC implementation. CCNP Security and Palo Alto PCNSE certified. Manages a 6,000-endpoint environment secured by Palo Alto PA-5400 series firewalls with Panorama, Cisco ISE NAC, and Splunk SIEM integration. Led a company-wide Zero Trust Network Access (ZTNA) migration that reduced attack surface by 78% as measured by external pen test scope.

Experience

Network Security Engineer | Halcyon Capital Management, New York, NY | 2019–Present

• Architected and manages Palo Alto PA-5440 firewall cluster (Panorama-managed) protecting 6,000 endpoints across 4 offices and 2 data centers; wrote and maintains 4,200+ security policy rules with application-layer inspection (App-ID) and User-ID enforcement.
• Led 18-month Zero Trust Network Access (ZTNA) initiative using Palo Alto Prisma Access and GlobalProtect; eliminated implicit trust for 1,100 remote users, reducing pen-test-identified attack surface from 34 exposed services to 7.
• Deployed Cisco ISE 3.2 NAC for 802.1X wired and wireless authentication across all 4 office locations; achieved 100% endpoint posture compliance visibility within 90 days, eliminating 230 previously unauthorized devices.
• Integrated Palo Alto NGFW log streaming with Splunk SIEM (12,000 EPS); built 18 correlation rules for lateral movement detection; decreased mean time to detect (MTTD) for east-west threats from 96 hours to 4 hours.
• Managed Fortinet FortiGate 200F branch firewalls (6 locations) via FortiManager; automated policy backup and compliance auditing with FortiAnalyzer, achieving 100% SOC 2 Type II audit pass for network controls.
• Implemented BGP route filtering between untrusted internet peers and internal route reflectors; policy drops 98% of unauthorized route advertisements at the perimeter AS boundary.

Network Security Analyst | Citadel IT Services, New York, NY | 2016–2019

• Managed Palo Alto PA-3000 series firewalls for 3 financial services clients; performed quarterly firewall rule base reviews, removing 340 stale rules across 3 environments and reducing rule set complexity by 28%.
• Configured Aruba ClearPass NAC for 802.1X wireless authentication for a 1,500-user client campus; reduced unauthorized wireless associations from 80/week to zero.
• Responded to 47 network security incidents over 3 years; documented all root causes and remediation steps in ServiceNow; mean time to resolve (MTTR) averaged 3.2 hours.

Certifications

• Cisco CCNP Security (SCOR 350-701, SNCF 300-710) | Issued Aug 2022 | Expires Aug 2025 (renewal in progress)
• Palo Alto Networks PCNSE (Panorama, PAN-OS 11.0) | Issued Mar 2024 | Expires Mar 2027
• CompTIA Security+ (SY0-701) | Issued 2016

Technical Skills

Firewalls: Palo Alto PA-5400/PA-3000, Panorama, PAN-OS App-ID/User-ID/Threat Prevention; Fortinet FortiGate, FortiManager, FortiAnalyzer
Zero Trust and NAC: Palo Alto Prisma Access, GlobalProtect ZTNA, Cisco ISE 3.2, Aruba ClearPass, 802.1X wired/wireless
SIEM and Threat Detection: Splunk Enterprise Security, QRadar (concept), syslog pipeline architecture
Network Protocols: BGP, OSPF, IPsec VPN, SSL/TLS inspection, DNS security
Platforms: Cisco Catalyst 9000, Cisco ASR, CheckPoint (legacy), SolarWinds NPM

Education

B.S. Network Security | Pace University, New York | 2016

Contact: darius.thompson@email.com | (404) 555-0256 | Atlanta, GA | linkedin.com/in/dariusthompson-noc

Professional Summary

CCNA-certified NOC engineer with 4 years of 24x7 network monitoring and incident response experience for a managed services provider supporting 60 enterprise clients and 12,000 managed devices. Proficient in SolarWinds NPM/NTA, Nagios XI, PRTG, and ServiceNow ITSM. Reduced client average MTTR from 58 minutes to 31 minutes over 2 years through root-cause analysis workflow improvements and escalation protocol redesign.

Experience

NOC Engineer II | Nexwave Managed Services, Atlanta, GA | 2022–Present

• Monitors 12,000 managed network devices (Cisco, Juniper, HP Aruba) for 60 enterprise clients across SolarWinds NPM, PRTG, and Nagios XI; triages 80 to 120 alerts per shift, prioritizing by client SLA tier.
• Reduced client average MTTR from 58 minutes to 31 minutes by redesigning 12-step escalation runbooks; new runbooks adopted across 6-engineer NOC team within 30 days.
• Resolved 94% of Tier-1 and Tier-2 incidents without escalation to senior engineering in 2024 (up from 79% in 2022); documented 140+ resolution steps in ServiceNow knowledge base.
• Managed BGP session monitoring for 8 multi-homed clients; detected and responded to 4 BGP route flap events in 2023-2024, initiating carrier escalation and achieving path restoration within 22-minute average.
• Performed IOS-XE software upgrade coordination for 120 Cisco access-layer switches during quarterly maintenance windows; zero unplanned outages across 6 maintenance cycles.
• Trained and mentored 3 NOC Engineer I hires on triage procedures, SolarWinds dashboard configuration, and escalation protocol; all 3 achieved Tier-2 solo response qualification within 90 days.

NOC Technician | Crestview IT Solutions, Atlanta, GA | 2020–2022

• Monitored 1,800 devices for 14 SMB clients on PRTG; responded to and closed 35 to 50 tickets per day in ConnectWise PSA with 97% on-time SLA compliance.
• Configured basic VLAN and port-security settings on Cisco Catalyst 2960 switches under senior engineer supervision; documented changes in change management log.

Certifications

• Cisco CCNA (200-301) | Issued Nov 2021
• ITIL 4 Foundation | Issued Mar 2022
• CompTIA Network+ (N10-008) | Issued 2020

Technical Skills

Monitoring Tools: SolarWinds NPM/NTA/IP Address Manager, PRTG Network Monitor, Nagios XI, Cisco DNA Center alerts
ITSM: ServiceNow (Incident, Problem, Change Management), ConnectWise PSA, Jira Service Management
Networking: TCP/IP, BGP monitoring, OSPF, VLANs, STP, QoS, VPN (site-to-site), DHCP/DNS
Platforms: Cisco Catalyst 2960/3560/9000, Cisco ASA, Juniper EX (monitoring), HP Aruba switches
Scripting (in progress): Python basics, Bash, SolarWinds API for alert automation

Education

A.A.S. Network Administration | Georgia Piedmont Technical College | 2020