BELLEVUE, WA · --:--:-- local Open to interesting problems
sburigen_

Sunil Burigen · Senior Network Engineer · Bellevue, WA

I build networks — then build the systems that run them.

Twelve years designing and operating mission-critical networks across enterprise, cloud, and edge — from BGP at Cisco to VXLAN/EVPN fabrics for AI infrastructure at Armada. The constant: infrastructure should be code — versioned, validated, and automated.

See selected work ↓ Get in touch
fig. 01 — live topology · packets simulated

Profile

Engineer first. Automator by reflex.

Twelve years ago I was engineering BGP and OSPF at Cisco for global WAN environments. Since then I've run worldwide enterprise networks for Mars across offices, factories, and distribution centers on three continents, built hybrid Azure connectivity at Microsoft, and today I design VXLAN/EVPN data center fabrics for distributed edge infrastructure at Armada AI.

The throughline: networks designed to be operated, not just deployed. I automate provisioning with Python, Terraform, and Ansible, keep NetBox as the source of truth, and hold the line on PCI, HIPAA, and SOC2 compliance. Lately, I build local LLM agents that answer operational questions against live network data — private by default, deterministic where it counts.

Capabilities

Three disciplines, one practice.

Network architecture

Cloud-scale fabrics designed for failure — overlays, control planes, and routing that converges before anyone notices.

  • VXLAN · EVPN · BGP · OSPF · MPLS
  • Cisco ACI · Nexus · Juniper Apstra
  • Zero-trust segmentation · PCI · HIPAA · SOC2

Cloud & hybrid connectivity

The on-ramp between the data center and the cloud — engineered, not improvised.

  • AWS Direct Connect · Azure ExpressRoute
  • Equinix fabric & interconnection
  • SD-WAN & global WAN design

Automation & applied AI

If a task happens twice, it becomes code. If a question gets asked twice, it becomes an agent.

  • Python · Ansible · Terraform · GitOps
  • NetBox as source of truth
  • Local LLM agents (MLX, on-device)

Selected work

Built, shipped, and in use.

Junos automation framework ↗

Open source · GitHub

A production-grade Infrastructure-as-Code framework for Juniper environments: YAML as the source of truth, Jinja2 templating, and Ansible orchestration across firewall, edge, core, and management tiers — with a Streamlit GUI for configuration generation. Built to kill configuration drift at scale.

AnsibleJinja2YAMLJunosStreamlit

Plain-English IPAM agent

Local AI · 2026

A local AI agent wired into live NetBox data. Ask "what's free in this /16?" and get a correct answer — the language model handles the conversation, while deterministic prefix math handles the truth. No hallucinated subnets, no data leaving the machine.

PythonMLXNetBox APILocal LLM

Guarded config pipeline

In progress

Extending the agent from read-only queries to safe action: SSH reachability checks, config generation, and guarded pushes to network devices — with validation gates between intent and execution.

SSHAutomationSafety rails

Small-model ops lab

Ongoing research

Benchmarking compact local models (4B–14B) on Apple Silicon for operational Q&A — mapping exactly where small, private models are good enough for network operations, and where they aren't.

MLXQwenEvaluation

Experience

traceroute career — 5 hops, 0% packet loss.

hop 5 · apr 2025 → now

Senior Network Engineer · Armada AI — Bellevue, WA

VXLAN/EVPN fabrics for distributed edge data centers. Provisioning automated end-to-end with Python, Terraform, and Ansible; NetBox-governed assets across every network tier; segmentation and compliance built in, not bolted on.

Juniper Mist · Apstra · SRX1500 · EX4650 · NetBox

hop 4 · oct 2022 → apr 2025

Senior Cloud Network Engineer · Mars Inc. — Tampa, FL

Led network modernization for a global enterprise: SD-WAN rollout, SDN adoption, and identity-aware zero-trust segmentation for 10,000+ users across corporate offices, manufacturing sites, and branches on multiple continents.

Cisco ACI · Meraki MX450 · Nexus 9K/7K · AWS · Equinix

hop 3 · oct 2021 → oct 2022

Senior Cloud Network Engineer · Microsoft — Tampa, FL

Hybrid connectivity between on-prem and Azure at enterprise scale — ExpressRoute, VPN, VNet peering — plus Python automation for monitoring, validation, and connectivity testing.

Nexus 7K/5K/2K · Azure · Equinix Cloud Exchange

hop 2 · mar 2016 → sep 2021

Senior Cloud Network Engineer · Mars Inc. — Mt. Olive, NJ

Global AWS Direct Connect and Equinix ECX circuits for hybrid workloads; multi-site migrations from planning to cutover; PCI and HIPAA audit cycles passed on documentation I wrote.

Cisco 3750/4500/5000 · NetScaler SDX/VPX · AWS · ACI

hop 1 · apr 2013 → feb 2016 · origin

Network Engineer · Cisco Systems — San Jose, CA

BGP and OSPF routing at WAN scale for global enterprise clients across multiple verticals — where networks taught me how they actually fail, and RCAs taught me how to write.

Cisco 2600/2800/3800 routers · 2960/3750/4510 switches

Research & writing

Operate. Document. Publish.

Research · Google Scholar

Published research

Peer-indexed work on network automation and infrastructure systems — bringing engineering rigor from the change window to the literature.

View publications on Google Scholar ↗ Writing · Medium

Field notes

Articles on network engineering, automation, and applied AI — written from the operator's seat, not the sidelines.

Read articles on Medium ↗

Contact

Let's route a conversation.

Network architecture, automation at scale, or local AI for operations — if it's an interesting infrastructure problem, my inbox is open.

sunilkb1018@gmail.com LinkedIn ↗ GitHub ↗