Vinodh Balraj
Email: **************@*****.*** P: +1-803-***-****
Sr. Network Security Engineer
Professional Summary:
12+ years of Extensive work experiences on Cisco Switches, Cisco Routers, Load Balancers & Cisco Firewalls.
Proficient experience in configuring Cisco Catalyst 2900,2960, 3560, 3750, 4500, 4900,Legacy Cat 6500 series and Nexus 7010, 5548 and 2248 switches and deep understanding of architecture.
Experience working with 2600, 2900, 3600, 3900, 7200, 7600 series Cisco Routers.
Hands on experience in troubleshooting of inter-VLAN routing and VLAN Trunking using 802.1Q. Implemented gateway redundancy with HSRP and GLBP
Expertise in configuring and deployment of routing protocols-OSPF, EIGRP, BGP, Policy- based routing over Cisco Routers, configuring and troubleshooting route redistribution.
Extensive knowledge in implementing and configuring F5 Big-IP LTM-3900, and 6900Load balancers.
Strong working experience on Cisco Firewalls, ACS, Cisco ASA 5540 Series.
Intermed8iate level understanding of Juniper JUNOS, M series router and SRX firewalls.
Comprehensive expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
Worked on T1/E1/T3 technologies and different LAN & WAN technologies, FTP, TFTP and DHCP configuration and setup.
Extensive implementation of firewall rules on Juniper SRX 3400 and NetScreen 5500 on a daily basis, using CLI.
Performed testing on PoE devices for conformance to the IEEE 802.3 Clause 33 standard.
Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on.
LTMs and GTMs.
Outstanding experience in designing and configuring of Layer 2 / 3 networking features such as VLAN, ISL, STP, VTP, 802.1X, Port Security, L2PT and SPAN.
Experience with implementation of DNS and DHCP protocols and Configure Protocols MPLS: TDP, LDP, L2VPN, VPLS, AToM, RSVP-TE, QoS.
Create and manage operational requirements for both VM and operations team to define process for managing storage, compute and network resources from within VMware console and web interface.
Implementing IP addressing schemes, LAN/WAN protocols, IP Services, to meet network requirements in different environments.
Successfully managed and delivered VPLS/Bridging feature, L2TPv3 features on new platform.
Experience securing and managing remote access using various VPN technologies like IPSec, SSL and GRE.
Knowledge of VoIP, Cisco Unified Communications Manager (CUCME), AAA, RADIUS, TACAACS+.
Working knowledge of network monitoring/management tools like Wireshark, TCPdump, Cisco Prime, Net Flow, PRGT, Solar Winds.
Expert in configuring Cisco Application Centric Infrastructure (ACI) and Cisco APIC.
Expertise in the configuration and troubleshooting of Routing Protocols like RIP, OSPF,EIGRP,ODR,BGP,MP- BGP,VRF-LITE, Redundancy Protocols like VRRP and HSRP.
Experience working with virtualization software like Whatsup, VMware.
Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professionalism.
Education &Certifications:
Bachelors in Electronics and Communication Engineering, India -2004
CISCO CERTIFIED NETWORK ASSOCIATE (CCNA)
CISCO CERTIFIED NETWORK PROFESSIONAL (CCNP) (R&S)
Network Security Expert
Accredited Configuration Engineer
Security +
F5 Certified
Technical Skills:
Routers
Routers (1700, 1800, 2500, 2600, 3200, 3600, 3700, 3800, and 7200)
Switches
Cisco L2 & L3 Switches (2900, 3560, 4500, 5000 & 6500), ASA, PIX, FWSM, Juniper M320, Net screen
LAN Technologies
Ethernet, Fast Ethernet, and Gigabit Ethernet, VLAN, Inter-VLAN Routing, VTP, STP, RSTP
WAN Technologies
Frame Relay, ATM, ISDN, PPP, HDLC
Firewalls
Firewalls/VPNs ASA, PIX, Cisco VPN 3000 Series Concentrator, Juniper cSRX firewalls, SourceFire (FireSight/Firepower).
OS products/Services
DNS, DHCP, Windows (2000/2003, XP),Citrix, UNIX, LINUX, Microsoft SQL Server 2000 and 2005,VMwareWindows 2000/2003/2008/2012 R2, Juniper SRX100,SRX1400,SRX1500 gateway series.
Protocols/Services
Routing Protocols (RIP v1 & v2, IGRP, OSPF, EIGRP, BGP), QOS, HSRP, VRRP, TCP/IP, ACI, load balancer, Proxy servers, IPsec, MPLS, PPP, VoIP, SIP.
Network Management Tools
Wireshark, Wireshark, HP Open View, Cisco Works, Ethereal, Solar winds, OPNET.
Security Server Protocols
TACACS+, RADIUS
Professional Experience:
Client: AIG, Farmington, CT June 2015 – Present
Sr. Network Engineer
Responsibilities:
Expert Level Knowledge about TCP/IP and OSI models.
Configure the layer 2 and layer 3 on Cisco Nexus 7K, 5K, 6509, 9710, 5596UP, 4500, 3850, 3950, ASR and 2960.
Implementing IPsec and GRE tunnels in VPN technology.
Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
Worked on ACI deployment solutions within our datacenters building of APIC, Spines (9500 series) and leafs (9300 series) (working on EPG'S, Tenants, Contracts, Bridge Domains as well as vrf's to segregate traffic).
Creating frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, Natting, NAC product sub-netting, also including DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V- E, 6513, 6504, 6503, 6506, 6500 series switch, GSR, ASR routers with Cisco IOS and IOS-XR and NX.
Installed, configured and managed Cisco routers such as 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900.
Experience on configuring and troubleshooting Cisco nexus9k/7k/5k/2kdatacenter Switches.
Responsible for creating network configurations for Cisco ASR9k, CRS, Nexus 7000, 7609, 7613, 6509, 4509, 5500, 3550, 2620, 2621, 1720, Junipers MX960, M320 and M7i's.
Building new Verizon branch data networks of various sizes from small to large sites.
Preformed IOS upgrades on cisco routers and switches and network configuration and troubleshooting (802.3 and 802.11).
Involved in complete LAN, and WAN development and optimization as per the organization’s requirement plan.
Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like pre-emption
Implementation and configuration of F5 Big-IP LTM-6400load balancers.
Provisioning of Vlans and configuration on layer 2 and 3 aggregators like Cinna, Calix, and AFC devices.
Implementation of Wireless access points to newly opened branches and existing branches.
Connecting network sites to the Internal MPLS cloud.
Switching tasks include VTP, ISL/ 802.1Q, IPsec and GRE Tunnelling, VLAN, Ether Channel, STP RSTP, PVST+, L2TPv3.
Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, intrusion detection systems, enterprise anti-virus systems, and software development tools.
Operate and maintain the VMI VOIP System to include Cisco End Points, CUCM 9.x, Unity 9.x, and VMWare Virtual Environment hosting VOIP Servers. Install, maintain, and upgrade VOIP Software and Hardware, including Wireless Access Points and Route/Switch Hardware.
Monitoring remote servers via solar-winds web interface.
Experience working Juniper T-Series, M-Series, MX-Series, J-Series Routers.
Installation, configuration and troubleshooting of Cisco 7200VXR, ASR1K, ASR9K series routers and Catalyst 6500, 2900 series switches.
Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall, NOKIA Firewalls, Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall.
Implemented new cybersecurity solutions using Palo Alto Networks Next Generation Firewall, Palo Alto Networks Wild-Fire, Citrix NetScaler ADC, Blue-Coat Proxy SG, Blue-Coat SSL-V, FireEye.
Worked on Palo-Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
Trouble-shooting Palo-AltoPa-5000 series using Panorama, Checkpoint VSX, R75.40, R76 and R77.20 as per Business Requirements.
Experience in Installing & configuring Firewall Cisco ASA, Cisco PIX, FWSM, Palo Alto PA-2000, PA-3000, PA-5000, Panorama, Checkpoint NGX R70, R75, R77 Gaia, Provider-1 and VSX.
Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall, NOKIA Firewalls, Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall.
Experience with design and implementation of Virtual Switching System (VSS) for both User segment and serversegment using 6509-V- E catalyst switches.
Providing Layer-3 redundancy by implementing HSRP in the network.
Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
Implemented VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP products.
Propose network redesign based on client hardware guidelines, network policies and individual site’s unique characteristics.
Participated on VMware, Solar Wind application (ADL) testing team for server consolidation/higher system availability project.
Configured Nexus 5K, 7K, Cisco 3900, ASR 1K routers and 2960, 3750, 6500 switches as part of the day to day activities.
Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher (RD), Route Target (RT), Label Distribution Protocol (LDP) & MP-BGP.
Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
Implemented Juniper EX2200, EX3200, Ex3300, EX4200 Juniper Wireless 800 series, JunOS 11.4R, 12.2R Junos7.7, and Ring.
Environment: Cisco ASA 5505,Cisco ASR,MPLS,RIP,EIGRP,OSPF,BGP,VPN,HSRP,LAN,WAN, LSA Filtering, F5 Big-IP LTM-6400,DHCP, DNS, DMZ, L2TPv3, VLAN Trunking 802.1Q, Solar Wind, EMC DMX-3,5.
CVS, Scottsdale, AZ July 2014 – March 2015
Sr. Network Security Admin
Responsibilities:
Designed and implemented Cisco VoIP infrastructure for a large enterprise and multi-unit office environment. Met aggressive schedule to ensure a Multi-office reconfiguration project which was successfully delivered
Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned Network changes on the Network .
Expert working knowledge (including the ability to setup, configure, upgrade, manage, and troubleshoot) Cisco routers; switches; enterprise VPN solutions; Cisco/Juniper SRX firewalls.
Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP
Planning migration of Brocade infrastructure based Internet edge to Cisco based infrastructure using ASR 1000 Series Routers.
Updated the HP open view map to reflect and changes made to any existing node/object.
Handled SRST and implemented and configured the Gateways, Voice Gateways.
Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
Implementation and Configuration ( Profiles, I Rules) of F5 Big-IP C2400 load balancers
Working on Junos OS with Juniper SRX series devices such as vSRX virtual firewall, cSRX container firewall and SRX series like SRX100, 210, 1400, 1500.
Proving security, threat protection and maximizing performance by using Juniper devices.
Monitored network for optimum traffic distribution and load balancing using Solar winds.
Validate existing infrastructure and recommend new network designs.
Created scripts to monitor CPU/Memory on various low end routers in the network.
Installed and maintained local printer as well as network printers.
Handled installation of Windows NT Server and Windows NT Workstations.
Handled Tech Support as it relates to LAN & WAN systems
Created LAB setup with 7k and 5K NEXUS switches for application testing.
Environment: Nexus 2k/5k/7k, Cisco 6500/7500/7200 Routers, Cisco 3550/4500/6500 switches, Juniper SRX100, LAN, WAN, OSPF, RIP, BGP, EIGRP, HSRP, PPP, VPN, Checkpoint, Cisco ASA.
Electronic Data Systems, Texas Dec 2011 – June 2014
Sr. Network Engineer
Responsibilities:
Performed network implementation that includes configuration of routing protocols, leased lines, ISDN lines, VLANs and IOS installations.
Troubleshot the network issues onsite and remotely, depending on the severity of the issues.
Deployed and decommissioned the VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
Had hands-on experience with WAN (ATM/Frame Relay), Routers, Switches and IP addressing.
Configured and deployed VPC, OTV, FABRIC PATH between Nexus 7010 and Nexus5596,5548 switches along with FEX2248
Supported core network consisting of Cisco 7200 series routers running multi area OSPF.
Configured EIGRP and OSPF as interior gateway protocols with route filtering and route redistribution. Troubleshot complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF and BGP.
Responsible for all aspects of TCP/IP functionality across multiple enterprise environments.
Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
Involved in Implementation and Configuration ( Profiles, I Rules) of F5 Big-IP C-4400 load balancers
Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, irules) for managing the traffic and tuning the load on the network servers.
Worked on Juniper SRX 5800 firewalls to create policies using J-Web User Interface.
Performed Network Address Translation on Cisco ASA 8.2 and 8.3
Used DHCP to automatically assign reusable IP addresses to DHCP clients.
Performed the ACL request changes for various clients by collecting source and destination information.
Troubleshoot the BIG-F5 1600 LTM through constant contact with the vendor.
Environment: Cisco2950/3500/5000/6500 switches, Cisco 7600/7200/3800 Routers, ACL, LAN, WAN, RIP, OSPF, BGP, IPV4, Solar winds, Juniper SRX, RIP, OSPF, BGP, EIGRP, TFTP, F5 Load Balancer, Cisco ASA
American Financial Group, Cincinnati, OH January 2010 – Nov 2011
Network Engineer
Responsibilities:
Configured and troubleshooting HSRP, BGP, OSPF, EIGRP, MPLS WAN, QoS and Route Maps.
Configured and maintaining Cisco 7200, 4400, 5000 and 6500 platforms.
Troubleshoot connectivity issues involving VLAN’s, OSPF, QoS etc.
Support, monitor and manage the IP network.
Performance monitoring of various applications and web servers to maintain quality of service and network stability.
Maintained core switches, creating VLAN’s and configuring VTP.
Designed IP Addressing schemes, VLAN tables and Switch port assignments, Trunking and Ether-channel implementation.
Responsible for Checkpoint and Cisco ASA firewall administration across global networks.
Gained hands on experience with VLSM, STP, VTP, VLAN Trunking.
Installed and set up Cisco routers and switches according to deployment plans.
Applied access lists and NAT configurations based on implementation guidelines.
Managed and developed network projects designed to strengthen network continuity and deploy security elements in an attempt to meet and exceed contract requirements, including system analysis and troubleshooting.
IP Distribution for existing devices and new devices as they were added.
Preformed maintenance on equipment as necessary, performing device upgrades, modification of configurations, password changes and diagnostic testing.
Worked with vendors and Engineering team to test new hardware and procedures.
Prepared and maintained documentation using MS Visio.
Bank of Baroda, Vadodara, India November 2004 – December 2009
Cisco Network Engineer
Responsibilities:
Configured BGP for CE to PE route advertisement inside the lab environment.
Spearheaded meetings & discussions with team members regarding network optimization and regarding BGP issues.
Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
Managed network connectivity and network security, between Head offices and Branch office.
Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation.
Enabled STP Enhancements to speed up the network convergence that include Port-fast, Uplink-fast and Backbone-fast.
Configured network access servers and routers for AAA Security (RADIUS/ TACACS+).
Other responsibilities included documentation and change control.
Worked on Cisco routers 7200, 3800, 2800 and Cisco switches 4900, 2900.
Routing protocols OSPF, RIP & BGP.
Responsible for configuring GLBP between multi-layered switch networks.
Configured AAA with TACACS.+.server.
Configured Remote Access Servers with Frame Relay, Leased Line circuits
Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
Implementation of name resolution using WINS&DNS in TCP/IP environment.
Administration of Cisco 11.x and 12.1 versions and higher.
Monitored all Cisco equipment using Cisco Works.
Involved in SNMP Network management. Worked on various scanning and Sniffing tools like Ethereal
Responsible for the installation, configuration, maintenance and troubleshooting of the company. network. Duties included monitoring network performance using various network tools to ensure the availability, integrity and confidentiality of application and equipment.
Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200, 3800, 2800), Cisco switches (4900, 2900) Routing Protocols (EIGRP, RIP, BGP), Switching protocols (VTP, STP, GLBP).