● Available for Opportunities
AATISH SHRESTHA
Network & Security Infrastructure Specialist
MSc Cybersecurity | 4+ Years Experience | Cisco Certified Security Professional
Bridging network administration and cybersecurity to build robust, secure infrastructure
that balances performance, security, and cost-effectiveness.
4+
Years Experience
99.8%
Uptime Achieved
60%
Security Incidents Reduced
5
Cisco Certifications
[01]
About
I'm a Network & Security Infrastructure Specialist with a unique combination of hands-on network
administration experience and advanced cybersecurity expertise. With an MSc in Cybersecurity from
the University of West London and multiple Cisco security certifications, I bridge the gap between
building robust network infrastructure and securing it against evolving threats.
What I Bring to Organizations:
Over 4+ years, I've designed, secured, and managed enterprise IT infrastructure that balances three critical factors: performance, security, and cost-effectiveness. I don't just implement firewalls—I optimize network topology. I don't just patch vulnerabilities—I architect defense-in-depth strategies that support business growth.
My Expertise Spans:
🔹 Network Infrastructure: Routing & switching (OSPF, BGP, VLANs), LAN/WAN design, VPN solutions, DNS/DHCP management, and mail server administration (Postfix, SMTP)
🔹 Security Operations: Threat detection & response, vulnerability management, firewall configuration (Cisco ASA, pfSense, Fortinet), IDS/IPS deployment, and security monitoring using SIEM tools
🔹 System Administration: Windows Server (2012-2022), Linux (Ubuntu, CentOS), Active Directory, VMware ESXi/vSphere, and virtualization optimization
🔹 Infrastructure Security: Defense-in-depth architecture, network segmentation, access control, secure WLAN deployment, and cloud security (AWS, Azure)
My Approach:
I believe the best IT infrastructure is invisible to end-users—it just works, securely and reliably. Whether it's designing network segmentation that improves both performance and security, or implementing monitoring systems that detect threats before they become incidents, I focus on solutions that deliver measurable business value.
What I Bring to Organizations:
Over 4+ years, I've designed, secured, and managed enterprise IT infrastructure that balances three critical factors: performance, security, and cost-effectiveness. I don't just implement firewalls—I optimize network topology. I don't just patch vulnerabilities—I architect defense-in-depth strategies that support business growth.
My Expertise Spans:
🔹 Network Infrastructure: Routing & switching (OSPF, BGP, VLANs), LAN/WAN design, VPN solutions, DNS/DHCP management, and mail server administration (Postfix, SMTP)
🔹 Security Operations: Threat detection & response, vulnerability management, firewall configuration (Cisco ASA, pfSense, Fortinet), IDS/IPS deployment, and security monitoring using SIEM tools
🔹 System Administration: Windows Server (2012-2022), Linux (Ubuntu, CentOS), Active Directory, VMware ESXi/vSphere, and virtualization optimization
🔹 Infrastructure Security: Defense-in-depth architecture, network segmentation, access control, secure WLAN deployment, and cloud security (AWS, Azure)
My Approach:
I believe the best IT infrastructure is invisible to end-users—it just works, securely and reliably. Whether it's designing network segmentation that improves both performance and security, or implementing monitoring systems that detect threats before they become incidents, I focus on solutions that deliver measurable business value.
[02]
Experience
System and Network Administrator
Mercantile Communication
Managed secure enterprise network infrastructure supporting 200+ users across multiple locations with 99.8% uptime.
Key Achievements:
• Implemented defense-in-depth security architecture reducing security incidents by 60%
• Redesigned network topology with security segmentation improving performance by 35%
• Administered VMware ESXi environment hosting 50+ VMs with security hardening, reducing costs 30%
• Deployed next-generation firewalls with IPS capabilities balancing security and network performance
• Configured secure mail infrastructure (Postfix) with SPF/DKIM/DMARC protecting 300+ accounts
• Implemented PowerDNS with DNSSEC achieving sub-5ms query response times
• Established VPN solutions enabling secure remote access for 50+ users
• Deployed Veeam Backup with encryption achieving 99.9% backup success and 2-hour RTO
• Conducted vulnerability assessments remediating 95% of critical security gaps within SLA
• Monitored infrastructure using SolarWinds, PRTG, and Zabbix for threat detection
Technologies: VMware ESXi, Windows Server, Linux (Ubuntu), PowerDNS, Postfix,
Cisco Firewalls, VPN (IPSec/SSL), Veeam, SolarWinds, PRTG, Wireshark, Zabbix
System Administrator
Silver Lining Pvt Ltd
Administered secure multi-platform IT infrastructure achieving 99.5% availability while implementing comprehensive security controls.
Key Achievements:
• Managed Windows Server 2016/2019 and Ubuntu Linux environments with security patching
• Administered VMware infrastructure with security isolation and encrypted storage
• Implemented firewalls, network segmentation, and access controls protecting critical systems
• Deployed cloud security solutions for AWS/Azure including identity management and encryption
• Configured Active Directory with security best practices and privilege management
• Monitored infrastructure security using SIEM tools and conducted log analysis for threats
• Performed security assessments and risk analysis recommending infrastructure improvements
• Implemented automated encrypted backup solutions supporting disaster recovery
• Secured wireless infrastructure supporting 100+ users with network isolation
• Participated in incident response including containment, analysis, and system recovery
Technologies: Windows Server, Ubuntu Linux, VMware, Active Directory, AWS,
Azure, SIEM, Firewalls, Wireless Security
Network Support Engineer
Mercantile Communication
Provided technical support for secure network infrastructure including routers, switches, and security appliances.
Key Achievements:
• Configured VLANs, access controls, and security policies on network infrastructure
• Implemented network monitoring using LibreNMS and Zabbix for 150+ devices
• Assisted in firewall configuration, VPN deployment, and security policy implementation
• Troubleshot network and security issues achieving sub-2-hour resolution times
• Performed network traffic analysis identifying performance bottlenecks and security anomalies
• Supported infrastructure capacity planning considering performance and security requirements
• Maintained comprehensive security configurations and network documentation
Technologies: Cisco Switches/Routers, VLANs, Firewalls, VPN, LibreNMS,
Zabbix, Wireshark
Intern
Mercantile Communication
Gained foundational knowledge in network administration and information security operations through hands-on learning and support of senior engineers.
[03]
Certifications
Ethical Hacker
Cisco Networking Academy
Issued: January 2026
Penetration Testing
Social Engineering
Vulnerability Assessment
Exploiting Apps/Networks
IoT Security
Network Defense
Cisco Networking Academy
Issued: July 2025
Firewalls
Defense-in-Depth
Access Control
Cloud Security
Network Hardening
Endpoint Security
Cisco Networking Academy
Issued: July 2023
Host-based IPS
WLAN Security
Windows/Linux Security
Network Attacks
Cyber Threat Management
Cisco Networking Academy
Issued: July 2023
Incident Response
Risk Management
CVSS
Disaster Recovery
Threat Intelligence
Introduction to Cybersecurity
Cisco Networking Academy
Issued: June 2023
Threat Detection
Network Vulnerabilities
Privacy & Confidentiality
Best Practices
[04]
Technical Skills
Network Infrastructure
Security Technologies
Systems & Virtualization
Monitoring & Tools
Cloud & Scripting
Security Expertise
[05]
Contact
Email
LinkedIn
Location
Kathmandu, Nepal
Status
Open to Network Security & Infrastructure Roles