Bali
Summary
PGDIT,BE(CSE), CCIE RnS, AWS Solutions Architect, PCNSA, Cyber Security
certified with 17 years of experience in IT. (Australia PR)
(+ 61 (4) 85985218) bharat.bali@gmail.com (LinkedIn Profile)
Synopsis
A technology driven professional with overall 17 years of experience in the areas of IT,
Designing, Implementation & Operation of Enterprises level. Experience of sizing & designing an
Enterprises level infrastructure using automation tools and ensure High Availability, Redundancy
and implementing Disaster Recovery site. A complete Enterprise/Solution architect ensuring
company needs are met. I have had the opportunity to build and design high performance
infrastructure, advised on strategies with startups, involved in a bunch of projects which include
Network and security analysis, automation, design, and implementation, mostly focusing on
Network, Cloud and Cybersecurity. I am extremely thankful and fortunate for the opportunities
given to me by companies such as HCL, Mphasis (HP), NCS, Western Digital, International SOS &
Bank of America in each engagement the passionate pursuit of mutual success has been
rewarding. Technological Obsessed Architect with over 17 years of experience in various
industries including, IT, Manufacturing, Medical & Banking.
Network Architecture IT Service Management
Amazon Web Services Leadership Qualities
Cybersecurity Problem Management
Network Implementation Infra Services
Automation Network Operations
Wireless Technology Network leader
Cisco Networking Visionary
Network Security Cloud Architect
Areas of Expertise
Cloud Designing, Implementation & Support
Overview
17
17
years of professional experience
Work History
Vice President
Bank of America
02.2023 - Current
- O Design, specification, and implementation of a large-scale enterprise-grade connectivity across hybrid-premises (AWS, Azure, on-premises, SDN providers) o Cloud infra feasibility study, future roadmap planning, & design future cloud ready architecture for large scale industry using well architected framework
- Specialized in design and development of large-scale IT solutions using proven methodology and industry best practice
- Network Architecture o Design network designs for WDC for existing/new sites
- Ensuring cost effecting solutions depending upon site requirement
- Conducting POC for modern technologies
- O Implementing/replacing old Core switch at manufacturing/Engineering sites with employee count of over 15,000
- O Preparing SOP for different technologies and sharing it with L1 teams for better understanding
- O Providing KT/shadowing to new/existing employees for upcoming technologies
- O Automation and streamlining of the network provisioning and configuration management
- Network & Cyber Security ο Provide Design and architect end-to-end security solutions, aligning with customer needs and best practices for platforms like Cisco, Aruba, Fortinet, Checkpoint, Palo alto, Juniper
- Collaborate with cross-functional teams, including sales, engineering, and support, to ensure successful solution delivery
- Worked with cyber security team to refine policies and guiding them about possible solutions to prevent threats and other malwares
- Network Designing and Implementation ο Designing HLD / LLD Solutions for clients of HP as per the requirement, following specific designated rules of design and implementation ο Implementation of the proposed design after approved from client must be involved fully till the network equipment’s are handed over to NOC teams for monitoring
- Network Operations ο Provide solutions for IDA (Info-communications Media Development Authority of Singapore) to maintain and sail through successfully in providing internet services to government agencies
- Designing change request, rfc and change models for software patch upgrade, IOS, and troubleshooting escalated incidents
- Chief Technology Organisation Working as VP with BOA has broadened my area of expertise in variety of fields
- Responsibilities include delivery of Network Architecture, implementation, and operations
- Working with team of engineers to identify potential design for upcoming sites and remediate current issues
- Handling multiple hardware, Cisco switches routers, McAfee firewall, McAfee proxy, load balancers and checkpoint firewalls
- Collaborate with finance and project management office (PMO) to develop and manage project budgets
- Monitor project costs, identify cost-saving opportunities, and ensure adherence to budgetary constraints
- Experienced in Arista switches, Brocade, Cisco Nexus7k, 9K, 5k, 3k, 2k switches, cisco 4431, 2900, 3900, ASR series routers, Aruba Clear pass, Aruba AP, Infoblox Appliance
- Riverbed steelhead & Net profiler, Brocade ICS & VDX series switch platforms, Arista switches, Palo Alto firewalls, Huawei data Centre / IDF switches
- Cisco routers/switches/acs 2900, 1800, 3900, 2900, 1900, 7200, 3600, 7600, 6500, ASR 1000, ASR 9000 Qualitative experience with Alcatel devices, OS10K, 6900, 6850E, 6224, OV 2500, OV3600-
- HWENT, OAW-6000-PS4, OAW-4504-06E/SUP-7LE Expert
- Experience in Designing / sizing/
- Implementing/Troubleshooting operations of Enterprise networks
Global Network Lead
International SOS
10.2021 - 02.2023
- Working as Global Network Lead for the company, providing guidelines on network implementation
- Designed fully redundant solution for AWS cloud ensuring high availability is achieved
- Defined networking standard for the organization and leading team of seven network engineers
- Responsible for network designing, implementation and troubleshooting for 80+ sites across the globe
- Providing Customers with professional, timely and effective technical expertise on
- LAN/WAN/Wireless/Firewall & Convergence services support
- Support or Provision Customer LAN/WAN/ Wireless/Firewall network change on time and help to improve the process to "do it right the first time." Provide Level 2 LAN/WAN/Wireless/ Firewall service support by owning customers
- LAN/WAN/Wireless/Firewall incident within a complex topology (manage LAN, WAN, Wireless
- Firewall, IP Network routing or quality issues...) and developing a methodical approach to solve the incident or problem and escalate problem to supplier or internal Expert Practices when appropriate
- Capable of analysing problems and resolving recurring difficulties through root cause analysis
- Implementing LAN/WAN/Firewall change requests for customers on the International SOS managed LAN/WAN/Firewall solution (Cisco Router, Cisco Switch, Cisco VolP, etc.)
- Maintain a comprehensive and update-to-date customer LAN/WAN/Firewall topology database
- Operate customer WAN optimization and application compression environment base on product family from Packeteer/Riverbed
- Actively contribute to improve and map
- LAN/WAN/Firewall processes within ITIL framework Involve and execute any LAN/WAN/Firewall complex projects.
Network Architect
WDC
06.2015 - 10.2021
- Discuss next gen designs within the Architecture team to find best solution for new/existing sites (80+) across the globe ensuring durability, stability & redundancy
- Conducted SD_WAN poc for multiple sites
- Preparing Visio diagrams for designing & implementation
- Discussing it with team and roll out to production
- Conduct site surveys for different location across the globe to identify requirements for site upgradation not limited to Structured cabling, rack installation, rack layout, config planning
- Implementation & handover for monitoring
- Responsible for Design & implementation of existing/new data Centres across the globe
- Creating Standards for network devices in terms of design/config/implementation
- Responsible for termination of IPSEC tunnel for business partners ensuring safe and encrypted traffic flow
- Identify correct IOS & Perform nexus 7K upgrades using ISSU to avoid any downtime
- Involved in wireless solution deployment across globe, using Aruba hardware to provide BYOD capability across each site
- Configuring/Installing/troubleshooting Subnets and domain names within the organization over Infoblox appliance, using anycast functionality
- Implemented DMVPN solution for sales sites with Single MPLS links for failover purposes
- Assigning Subnets for Sites and maintain standards, while providing specific subnets for designated within complete organization
- As Security admin, installed, implemented, troubleshooted firewalls, load balancers, IPAM proxy devices
- Implemented and maintained CI/CD pipelines using Bitbucket, and other pipeline tools to automate build, test, and deployment processes, ensuring faster delivery and higher configuration quality
- Monitoring of network devices through automation tools such as Solar winds, Riverbed Net profiler & MRTG
- Follow ITIL standards for resolving an issue, while create Change request, incidents and tickets depending upon the requirement
- Network optimization by monitoring circuit congestion, troubleshooting degraded links and recommending bandwidth upgrade for low-capacity circuits
- Analyse and implement and design how traffic flow will be while installing new circuits on an existing/new site to provide failover and symmetric path
- Conduct research on existing network diagrams/topology & identify potential single failure points to minimize outages
- Evaluate feasibility of new network design and test performance wrt
- Manufacturing
- Engineering, RnD & knowledge worker requirements
- Assist with New Data Center deployment by conducting testing and resolving issues during deployment
- Design robust configuration plans for BGP/MPLS failover redundancy for new/existing circuits
- Create advanced netflow configuration for network monitoring and traffic analysis and fetch the report from Riverbed Net profiles
- Configuring, installing & troubleshooting Palo Alto firewalls deployed for Perimeter/Lab and
- B2B sites
- Work on escalated incidents with Different teams to facilitate smooth working for their process
- Perform network upgrades by installing/configuring new hardware software to reflect correct inventory
- Implement Routing and Switching technologies across the sites which include STP, RSTP
- Ether channel, DHCP Snooping, DAI, QOS, VPC, VDC, Fabric path, VLAN, VTP, Inter Vlan
- Routing, HSRP, EIGRP, OSPF, DHCP, DHCP snooping, STP, VTP, Route Redistribution etc
- Implemented various OSPF network configuration types - backbone, NBMA, point-to-point and point-to-multipoint on large Cisco networks
- Maintained and upgraded installed Nexus Platforms, such as Nexus 7k, Nexus 5k and Nexus 2k, created and managed VDC, VPC, and Fabric path environment.
NCS Lead Consultant
12.2014 - 06.2015
- Worked on SG-CORE (SOE) Project responsible for providing WAN, INTERNET services to
- Government agencies of Singapore
- Handling McAfee web gateways, Web reporters, Cisco Nexus 2k, 5k, 7k Switches, Allot net enforcer, Cisco ASA, Palo Alto firewalls, F5 Load balancers, Cisco ASR routers
- Involved in on-boarding new Gov
- Agencies with proper design and redundancy plan
- Providing design solutions for upgrading and installation of new devices
- Troubleshooting escalated issues for VVIP personal
- Maintain reports for top talkers in malware, virus, websites accessed and user accessing websites
- Responsible for cutover of all government sites from existing to new ISP
- Within specific period
- Define QoS from different type of traffic, based on application level / source and destination over Allot Net enforcer
- Provided load balancing solution for updating patches/ios for servers across all government organisations, over existing Mpls links using McAfee Web Gateway
- Involved in all areas and implementation of new hardware
- Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption and object tracking
- Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems
- Preparing Power point presentations for necessary approvals from client
- Preparing Change request for upcoming changes in the project and getting them approved from CAB
- Creating time chart to show how the project will proceed from time to time.
Senior Principal Infrastructure Engineer, Lead / Techno Manager
Mphasis an HP
06.2012 - 12.2014
- Worked on TFPC (The Farrer Park Company) project
- Worked on Design, Implementation & handover Part to ensure smooth transitioning
- Designed rack diagram and rack layout for data center and per floor IT riser
- Helping understand the URS (User Requirement Specifications) from Different vendors
- Performed UAT (User acceptance Test) for multiple Data Centers
- Designed Patching sheets for 10,000 over network points (Direct & Cross Patch both)
- Installation and configuration of routers and L2 and L3 switches wireless devices, managing gateway level & Network Security
- Network Monitoring, troubleshooting and team handling
- Working on Wireless Solution for 20 Storey Building
- Provisioning AP Locations and their Orientation
- Coordinating with Client for Heat Maps for better wireless solution and optimization
- Good understanding of Firewall and Access Control Server
- Collaborating with different Vendors for fully automated network solution for car park, nurse call system, master clock, EPS, PGS
- Understanding the Project Requirements and providing solutions
- Providing Wan link connectivity from different sites
- Implementing QoS and support of multicast across the network
- Connecting DR sites over OSPF maintaining fail-over and link optimization
- Working with Alcatel tech support for solving Bug related issues
- Optimizing wireless network ensuring with minimum CCI & proper signal strength with Air
- Manager
- Preparing Configuration Document for 250+ network devices and keeping track of maintenance
- Interconnection of Primary, DR & second official site, ensuring seamless failover/failback
- Projects Handling: - British Petroleum, & Beethoven
- Worked as, for multiple teams
- Actively engage in different Project Management process groups like Project Initiation
- Planning, Executing, Monitoring & Controlling and Closing Actively supports the support team with solution advice, proposals, presentations, and other customer satisfactions
- Actively engage with offshore and onshore teams, as necessary
- Taking responsibility for ensuring project plans are tightly coupled and deliverables aligned
- Working with different geography teams to deliver the solutions to the different customers
- To meet client’s business and (or) technical requirements using standard processes and architecture methodologies Review and identifying most appropriate connectivity solution
- Identifying what infrastructure needs to be ordered and prepare Bill of Material
- Worked with senior solution architect in finalizing the Client compartment design
- Coordinate and instruct F/W and Load balancer Engineers as per the requirement
- Prepare all the technical document like Requirement Definition Design Proposal Summary
- Rack Diagram and design Physical/Logical and High level and Low-level client compartment
- Configuration of Client Compartment Switches and Routers of different vendors (Cisco and
- H3C) and instruct Core Engineers to perform required work
- High Level Design & Low-Level Design requirements enabling initiative-taking solutioning
- Preparing whole network sheet with details of ip address and rack locations Helping team members in technical up scaling and doing a peer review of their designs
- A collaborator with great relationship management, coordination, analytical and critical thinking skills.
Technical-Specialist
HCL Technologies- Cisco Systems Inc
07.2008 - 05.2012
- Worked as Technical Lead on for Routing Protocols Technology managing team of 19 CSE
- Imparting internal training to the team to enhance the Quality & Productivity
- Ensuring proper quality for the technical troubleshooting
- Ensuring the working of SLA for the team
- De-escalating procedure for the team and providing support to Clients
- Attainments: Worked as a Tech Lead with team of 19 Customer Support Engineers handling TAC cases on Routing Protocol Technology
- Worked in a Team of 7 Engineers handling TAC cases on WAN Technologies
- Technologies Include – EIGRP, RIP, QoS, Multicast, BGP, OSPF, HSRP, GLBP, Static routing, PBR etc
- Technologies Include- ATM (also includes Traffic-Shaping), Frame-Relay (also includes Traffic-
- Shaping), ISDN, T1/E1, T3/E3/DS3/OC3, HSSI, CSU/DSU, DSL/HDSL/SHDSL/ADSL Circuits
- Handling Issues Related to T1/E1 line, Leased Lines, ISDN, Access Servers, T3, and DS3 Circuits
- Handling issues related to EIGRP, redistribution, QoS, BGP configuration & troubleshooting
- Configuring GUI based routing on SDM, troubleshooting high end devices, Experience on 6509, 6513, 7200, 7606 routers
- Handling switching platforms i.e., 4500, 3750, 2960(Managed / unmanaged switches) Taking Priorities to solve the issue in one go
- Ability to understand Customer’s network in detail
- Member of KT team to deliver trainings to other engineers
- Efficiently managed major clients viz
- US Marines, Citibank, HSBC, US Army, Moses Cone Health
- Systems, Copa Dept of Health, Lockheed Martin Corp, Info line VG Worth, American Express, etc
- Facilitate Team culture among team members by providing necessary support and technical training opportunities to all
- Mentoring new hires and responsible for formulating and maintaining new hire training process
- Participate in effective Ops-Service delivery Calls on a BI- weekly basis to ensure effective delivery of on field services with accepted timelines of SLA
- Develop effective Mentoring/coaching skills by Mentoring/being mentored
- Responsible for handling enterprise level customer networks across varying platform usage.
vCustomer Technical Support Engineer
12.2007 - 06.2008
- Providing support to the customer facing group, de-escalating procedure for the team and providing support to end user on new products of Linksys (CISCO-CUG)
- Ensuring the working of SLA for the team
- Managing the unresolved & outbound calls along with handling new product support
- Working as an efficient engineer and a role model for new hired
- Imparting internal training to the team to enhance the productivity
- Ensuring proper quality for the technical trouble shooting
- Providing over the phone troubleshooting assistance to the customers using Linksys Devices, such as Wireless routers, Wireless Adapters, Print-servers, and Wireless Extenders Assisting users over the phone to set up their Home/Small office Wireless network
- Securing wireless networks by enabling WEP, WPA-PSK encryption and Mac address filtering
- Help customer install Routers and adapters on platforms such as Windows 98, XP, Vista, and
- MAC
- Optimize Wireless networks to improve performance and eliminate latency
- Troubleshoot random wireless disconnects to help stabilize the network connectivity
- Assist users in extending wireless connectivity using wireless bridges and wired range extenders
- Configure port forwarding on the Linksys router to bind a LAN device service the requests delivered to a specific port number
- Enable UPnP services on the router to help devices connect to the network, other devices, and services as needed
- Configure PPPoA or PPPoE services on the router to help users access the internet
- Managing the unresolved & outbound calls along with handling new product support
- Imparting internal training to the team to enhance the productivity
- Identify fault in the hardware and service replacement request for the faulty equipment.
Education
PGDIT -
01.2022
Bachelor of Engineering -
01.2007
Post Graduation diploma - Information Technology
Symbiosis Centre for distance
CSE -
Apeejay College of Engineering, M.D University
Accomplishments
- Cisco Certified Internetwork Expert (CSCO11482992) 28753 CCIE R&S Cisco Certified Specialist - Enterprise Core Cisco Certified Specialist - Service Provider Core Cisco Certified Specialist - Collaboration Core Palo alto certified network security administrator- PCNSA AWS Certified Solutions Architect – Associate ISC2 Candidate Prepare for the ISC2 Information Systems Security Professional (CISSP) Certification
- Exam (2021) Blockchain: Beyond the Basics Blockchain: Beyond the Basics Practical Cybersecurity for IT Professionals Practical Cybersecurity for IT
- Professionals Cybersecurity Foundations Cybersecurity Foundations Cloud Architecture: Design Decisions Cloud Architecture: Design Decision
- Cisco certified network associate (CCNA) Cisco Certified Network Professional (CCNP) Cisco certified Internetworking professional (CCIP) Cloud Architecture: Advanced Concepts Academic Credential
Timeline
Vice President
Bank of America
02.2023 - Current
Global Network Lead
International SOS
10.2021 - 02.2023
Network Architect
WDC
06.2015 - 10.2021
NCS Lead Consultant
12.2014 - 06.2015
Senior Principal Infrastructure Engineer, Lead / Techno Manager
Mphasis an HP
06.2012 - 12.2014
Technical-Specialist
HCL Technologies- Cisco Systems Inc
07.2008 - 05.2012
vCustomer Technical Support Engineer
12.2007 - 06.2008
PGDIT -
Bachelor of Engineering -
Post Graduation diploma - Information Technology
Symbiosis Centre for distance
CSE -
Apeejay College of Engineering, M.D University