Chiraphon Kraiya | Network Engineer & Automation Portfolio

Professional Summary

Network Engineer with strong experience in ISP-scale enterprise and service-provider networks, specializing in end-to-end provisioning, network automation, and production operations. Proven ability to design, deploy, and operate multi-vendor infrastructures (Cisco, Huawei, FortiGate) with strict SLA requirements. Expert in developing production-grade automation platforms using Python (FastAPI), Docker Compose, and Nginx, reducing provisioning time by 70% and manual operational work by 65%. Strong focus on operational safety, Linux-based infrastructure, and scalable network workflows.

Technical Skills

dns Infrastructure & DevOps

Linux (Ubuntu) Docker & Docker Compose Nginx GitOps CI/CD (GitLab/GitHub Actions)

settings_ethernet Networking & Protocols

L2/L3 Routing & Switching MPLS & L2 EVPN OLT/ONU GPON VPN & QoS DWDM & SDH/TDM Enterprise & ISP Ops

code Automation & Programming

Python FastAPI Netmiko & Paramiko Jinja2 (Sandboxing) Pydantic Validation Stateless API Design RESTful APIs & JSON Regex Parsing

monitoring Monitoring & Tools

Grafana API PRTG n8n Orchestration SAP Integration AutoCAD

router Vendors & Platforms

Cisco (IOS-XE/XR) Huawei (VRP) Nokia FortiGate Apresia Omni

shield Security & Identity

OAuth2 / OIDC Azure AD SSO / MSAL Input Sanitization API Gateway Security

Professional Experience

Network Engineer (Provisioning)

Aug 2022 – Present

Symphony Communication PCL.

Led end-to-end network provisioning for enterprise circuits (PE/CE, L2/L3, MPLS, DWDM), delivering approximately 30 circuits per week in large-scale ISP environments.
Achieved 70% reduction in provisioning time by implementing network automation workflows and standardized configuration processes.
Developed and maintained 10+ network automation scripts and RESTful APIs using Python, FastAPI, Netmiko, and Jinja2, reducing manual network operations by 65%.
Implemented dry-run validation mechanisms and non-destructive automation techniques for configuration rollouts, ensuring ISP network stability and zero-impact deployments.
Designed and deployed ChatOps workflows integrating Network Operations APIs with n8n and Line Messenger, enabling Level-1 support teams to execute port status checks and speed adjustments.
Provided L2/L3 escalation support for complex network incidents, restoring services within 3-hour MTTR targets and maintaining 99.95% SLA compliance.
Performed firmware upgrades and maintenance activities on Huawei and FortiGate devices during scheduled maintenance windows, adhering to strict change control and rollback procedures.
Utilized Grafana and PRTG for proactive network monitoring, fault detection, and performance analysis.

Technical Engineer

Feb 2021 – Feb 2022

Fecomm Systems Co., Ltd.

Designed and installed structured cabling systems for enterprise environments, supporting reliable network infrastructure deployment.
Performed troubleshooting, infrastructure repair, and preventive maintenance for enterprise customers.
Produced AutoCAD-based as-built drawings to support accurate documentation and smooth project handover.

RF Engineer (Contract)

Mar 2019 – Dec 2019

NETWORK QUALITY MANAGEMENT SERVICE CO.,LTD.

Conducted RF testing, analysis, and optimization (Drive Test, RRU, antenna deployment) for mobile networks.
Diagnosed and resolved 4G data performance issues to improve network quality and service stability.

Network Engineer (Contract)

Jun 2018 – Jan 2019

MFEC PCL.

Supported post-sale Cisco device configuration and troubleshooting for enterprise customers.
Provided helpdesk and onsite network support, resolving connectivity and configuration issues.

Service Engineer

Aug 2016 – May 2018

Planet Communications Asia PCL.

Installed and supported video conferencing systems (Cisco, Polycom).
Delivered preventive maintenance and user training for enterprise multimedia systems.

Key Projects

Network Configuration & CID Service Portal (FastAPI)

Designed and developed a Python-based automation gateway and dynamic template rendering engine that integrates enterprise systems with multi-vendor network equipment.

Stateless GitOps Architecture: Developed a stateless automation gateway using FastAPI that decouples templates and vendor profiles, fetching them dynamically via GitLab/GitHub APIs with a TTL caching layer.
Data Integrity & Normalization: Implemented a robust three-layer Pydantic validation architecture to sanitize and normalize complex JSON payloads retrieved from SAP APIs before rendering configurations.
Secure Template Engine: Secured the dynamic configuration generation process using Jinja2 SandboxedEnvironment, effectively mitigating Server-Side Template Injection (SSTI) and Remote Code Execution (RCE) risks.
Enterprise Integration: Integrated Microsoft Azure AD SSO (OAuth2/OIDC) for enterprise role-based access control and set up SQLite database logging for configuration change audits.

image View Architecture Diagram & UI Mockup

System Architecture Flow System Architecture Diagram

UI Mockup Interface

Network Operations API & ChatOps

Developed a production-grade Network Operations API using FastAPI and Netmiko, transforming complex CLI workflows into standardized RESTful endpoints.

Designed ChatOps workflows integrated with orchestration tools, enabling faster operational actions such as bandwidth changes and interface management.
Implemented robust CLI parsing using Regex and strict input validation to ensure production safety.

Bandwidth & QoS Automation (Huawei)

Built automation systems for Bandwidth and QoS management on Huawei devices in ISP environments.

Implemented dry-run workflows to preserve existing QoS parameters and prevent service impact.
Integrated automation with Grafana APIs to synchronize network changes with monitoring dashboards.

Education & Certifications

school Education

Bachelor of Engineering (Electronics & Telecommunication)

Rajamangala University of Technology Thanyaburi

Graduated: 2016

verified Certifications

check_circle

Cisco Certified Network Associate (CCNA)

Valid until 01 Aug 2027