CV du
consultant
Réf PROF00003600
Compétences
Expert
Moyen
Débutant
Connaissances fonctionnelles
audit Cloud CTI TELECOMMéthodes
integration ITIL Support Management MIGRATION PlanningRéseaux et Middleware
CCNP CISCO data center DNS FIREWALL LAN switch WIFI Checkpoint VMWARE ACTIVE DIRECTORY ssl VLANSystèmes
INFRASTRUCTUREDiplômes et formations
. 2008 - Ingénieur en Télécoms et réseaux
Pays / régions
. Île-de-France
Expérience professionnelle
Senior Network & Security engineer
Technical skills
Core specialties
L2/L3 support (escalation engineer).
Operations management in international environment (NSOC)
Enforcing security policies.
Defining and planning safety practices.
Change and incident management (ITITL)
Security
Firewall: Cisco ASA, Checkpoint, StoneSoft, Fortinet
Proxy: Forcepoint, Zscaler, Bluecoat
AAA servers: Cisco ACS, ISE
Antivirus: Symantec endpoint, Trend Micro suite.
Network
WAN architecture R&S (BGP, OSPF, EIGRP, SDWAN )
LAN R&S (STP, VLAN, VTP )
Wireless campus: Cisco, Aruba
Load Balancer: F5 BigIP GTM, Radware SLB.
WAN optimization: Riverbed
Education / Training
2014 CCNP Routing & Switching certification
2013 CCNA routing & switching certification
2012 F5 Big IP module GTM training (Gloabl Trafic Manager)
2009 Qualys Guard (vulnerability Management Solution)
2009 Telecommunication and Network Engineer at Telecom St Etienne
2008 TOEIC Listening & Reading
2005 Fortinet training (Forti05 V2.8)
2005 Trend micro training (V6.5)
2005 WatchGuard Firewall training (Firebox manager V7.2)
2004 Technical Diploma at ISETcom.
Experience Projects
From March 2015
(3 years) Lafarge Holcim
(via CNS-communication) Kuala Lumpur/ Lyon
Senior Network & Security consultant
Define new cloud proxy architecture:
o Merge existing policies (about 150) to new global policies (12 policies)
o Define policies for different business use cases (corporate users, servers, guests, mobile users, TPM )
o Adapt proxy policies to local legal requirement in some countries.
o Migrate users from legacy solution to Forcepoint cloud (multiple legacy solution with different local vendors)
o Support local IT team during migration
Setup new outsourced SOC (Security Operations Center)
o Involved with global security team to define the process.
o Participation to define ITIL workflows for incidents and change management (escalation matrix, SLA, RACI matrix )
o Prepare Technical handover to the new outsourced operation team
o Work closely with SNow dev team to adapt the tool to infrastructure workflow (service requests, standard changes, normal changes, CAB )
Migrate industrial sites to the new standard
o Homogenize remote access solutions to a new standard
o Setup dedicated jump servers
o Setup dedicated vpnssl solution
Network and Security L3 Support for APAC region:
o I moved to Kuala Lumpur to support network and security transformations following the merge
o I had a technical lead role in IT APAC team (12 persons)
o Worked with telco regional provider (Singtel) to enhance WAN performances (setup hybrid sites, update QoS, update monitoring )
o Support local IT teams for several applications go-lives following the merge
Technical Environment
Forcepoint
Cisco ASA, Fortinet, Checkpoint
ServiceNow
Cisco R&S
infoblox
April 2014 to march 2015
(1 year) Lafarge
(via CNS-communication) Lyon
Senior Network Engineer
Project: Global WAN
Define a new WAN standard (worldwide)
o Participate with global architecture team to setup the high level design
o Define sites topologies for each region according to telecom constraints and business needs
o Define Internet offloading strategy
o Define QoS strategy in MPLS links
o Setup POC with selected SD-WAN actors
o Setup WAN transit zones in each regional DC (to manage inter-provider routing)
o Prepare roadmaps to migrate sites to the new standard
Setup new remote access solutions
o Define security policies (ACL for internal and external users
o Define prelogin policies for vpn ssl users (antivirus checks, domain registries checks )
o Migrate IPsec tunnels with partners and third parties to a new shared FW infrastructure (external arrival zone)
o Setup one remote access solution on each region
o Migrate users to the new VPNSSL solutions
o Handover operation to NOC team
AAA servers migration
o Migrate AAA servers from Cisco ACS to Cisco ISE
o Implement 802.1x in some critical LANs (selected sites)
o Migrate tacacs servers to ISE
o Setup new global guest Wifi solution (captive portal, sponsored accounts )
Technical Environment
Cisco IOS
Cisco ASA, ACS, ISE
Zscaler
Checkpoint, Fortinet
Cisco WLC
Rivrbed
Jan 2010 to April 2014
(4 years) Orange
(via Alyotech) Paris
Infrastructure Architect
Projects: WAN/Datacenter Engineering
Design and setup inter-VPN routing solutions
o Design WAN inter routing VPN solution based on BGP/OSPF routing protocols
o High level design /Low level design documentation
o Define security rules (Firewall policies)
o Setup qualification platform to test all use cases (working closely with dedicated Cisco support engineers)
o Go-live and sites migration to the new solution (more than 40 sites migration managed by Orange global WAN team)
Design and setup a proxy solution for Orange Group
o Solution is based on Bluecoat appliances
o Define proxy policies for Orange internal users and partners
o Define proxy chaining rules and pac files contents
o High level and low level design documentation
o Update routing rules (PBR, WCCP ...)
o Hand over to operation teams (training, documentation)
Rollout of a low-cost hosting solution for AMEA region (Africa and Middle East region).
o Working with architecture team to define infrastructure urbanism
o Setup a POC with architecture team to test and validate network workfows
o Contact person with the various stakeholders of the project (editors, operating team, competence center ...)
o Training of operation team to rollout the solution in AMEA region
o L3 support to operation team during implementation phase
Support historical group applications during their migration to the new DC
o Member of shared team (9 persons between Paris and Toulouse)
o WAN routing issues (overlapping, asymmetric routing, BGP optimization )
o Integration in Load balancing solution based on DNS resolution (F5 Big IP GTM)
o Participation in technical validation committees of projects (compliance with network and security architectures )
Technical Environment
Alcatel Lucent Vital Qip
BlueCoat SG
Cisco ASR, IOS
Fortinet 3000 serie
F5 Big IP GTM,
Juniper EX, MX series
VMware infrastructure 5.0
Feb 2009 to Dec 2009
(1 year) Logica IT Paris
Network and Security Engineer
Audit offer for VMware infrastructure environment.
o Definition of security compliance rules:
o Customizing survey audit.
o Work with Security team to integrate VMware security in global security audit offers.
Data Center L2 migration
o Working with Data Center team in Paris to migrate Extreme L2 Switches (end of support)
o POC and Migrations roadmaps preparation (Core migration, access SW migrations, routing, STP interoperability )
o Prepare target Switch configuration (Juniper EX4200, EX4500, EX8200, MX8000)
o Technical support during the migrations.
o Update documentation for operation teams.
Technical environment
VMware infrastructure 3
Qualys Guard (VMS)
Juniper
Extreme Network
June 2004 to Sept 2006
(2 years) Hewlett-Packard (HP) Tunis
Network and security administrator
Member of local support team (3 members)
New Switchs/routers installation and configuration
L1/L2 technical support for end users onsite
Active directory administration (user MACD)
Update and maintain FW rules
Manage and monitor Antivirus infrastructure
Manage and maintain wireless infrastructure.
Technical environment
HP Procurve
Fortinet
Trend micro Antivirus
ZTE AP
Technical skills
Core specialties
L2/L3 support (escalation engineer).
Operations management in international environment (NSOC)
Enforcing security policies.
Defining and planning safety practices.
Change and incident management (ITITL)
Security
Firewall: Cisco ASA, Checkpoint, StoneSoft, Fortinet
Proxy: Forcepoint, Zscaler, Bluecoat
AAA servers: Cisco ACS, ISE
Antivirus: Symantec endpoint, Trend Micro suite.
Network
WAN architecture R&S (BGP, OSPF, EIGRP, SDWAN )
LAN R&S (STP, VLAN, VTP )
Wireless campus: Cisco, Aruba
Load Balancer: F5 BigIP GTM, Radware SLB.
WAN optimization: Riverbed
Education / Training
2014 CCNP Routing & Switching certification
2013 CCNA routing & switching certification
2012 F5 Big IP module GTM training (Gloabl Trafic Manager)
2009 Qualys Guard (vulnerability Management Solution)
2009 Telecommunication and Network Engineer at Telecom St Etienne
2008 TOEIC Listening & Reading
2005 Fortinet training (Forti05 V2.8)
2005 Trend micro training (V6.5)
2005 WatchGuard Firewall training (Firebox manager V7.2)
2004 Technical Diploma at ISETcom.
Experience Projects
From March 2015
(3 years) Lafarge Holcim
(via CNS-communication) Kuala Lumpur/ Lyon
Senior Network & Security consultant
Define new cloud proxy architecture:
o Merge existing policies (about 150) to new global policies (12 policies)
o Define policies for different business use cases (corporate users, servers, guests, mobile users, TPM )
o Adapt proxy policies to local legal requirement in some countries.
o Migrate users from legacy solution to Forcepoint cloud (multiple legacy solution with different local vendors)
o Support local IT team during migration
Setup new outsourced SOC (Security Operations Center)
o Involved with global security team to define the process.
o Participation to define ITIL workflows for incidents and change management (escalation matrix, SLA, RACI matrix )
o Prepare Technical handover to the new outsourced operation team
o Work closely with SNow dev team to adapt the tool to infrastructure workflow (service requests, standard changes, normal changes, CAB )
Migrate industrial sites to the new standard
o Homogenize remote access solutions to a new standard
o Setup dedicated jump servers
o Setup dedicated vpnssl solution
Network and Security L3 Support for APAC region:
o I moved to Kuala Lumpur to support network and security transformations following the merge
o I had a technical lead role in IT APAC team (12 persons)
o Worked with telco regional provider (Singtel) to enhance WAN performances (setup hybrid sites, update QoS, update monitoring )
o Support local IT teams for several applications go-lives following the merge
Technical Environment
Forcepoint
Cisco ASA, Fortinet, Checkpoint
ServiceNow
Cisco R&S
infoblox
April 2014 to march 2015
(1 year) Lafarge
(via CNS-communication) Lyon
Senior Network Engineer
Project: Global WAN
Define a new WAN standard (worldwide)
o Participate with global architecture team to setup the high level design
o Define sites topologies for each region according to telecom constraints and business needs
o Define Internet offloading strategy
o Define QoS strategy in MPLS links
o Setup POC with selected SD-WAN actors
o Setup WAN transit zones in each regional DC (to manage inter-provider routing)
o Prepare roadmaps to migrate sites to the new standard
Setup new remote access solutions
o Define security policies (ACL for internal and external users
o Define prelogin policies for vpn ssl users (antivirus checks, domain registries checks )
o Migrate IPsec tunnels with partners and third parties to a new shared FW infrastructure (external arrival zone)
o Setup one remote access solution on each region
o Migrate users to the new VPNSSL solutions
o Handover operation to NOC team
AAA servers migration
o Migrate AAA servers from Cisco ACS to Cisco ISE
o Implement 802.1x in some critical LANs (selected sites)
o Migrate tacacs servers to ISE
o Setup new global guest Wifi solution (captive portal, sponsored accounts )
Technical Environment
Cisco IOS
Cisco ASA, ACS, ISE
Zscaler
Checkpoint, Fortinet
Cisco WLC
Rivrbed
Jan 2010 to April 2014
(4 years) Orange
(via Alyotech) Paris
Infrastructure Architect
Projects: WAN/Datacenter Engineering
Design and setup inter-VPN routing solutions
o Design WAN inter routing VPN solution based on BGP/OSPF routing protocols
o High level design /Low level design documentation
o Define security rules (Firewall policies)
o Setup qualification platform to test all use cases (working closely with dedicated Cisco support engineers)
o Go-live and sites migration to the new solution (more than 40 sites migration managed by Orange global WAN team)
Design and setup a proxy solution for Orange Group
o Solution is based on Bluecoat appliances
o Define proxy policies for Orange internal users and partners
o Define proxy chaining rules and pac files contents
o High level and low level design documentation
o Update routing rules (PBR, WCCP ...)
o Hand over to operation teams (training, documentation)
Rollout of a low-cost hosting solution for AMEA region (Africa and Middle East region).
o Working with architecture team to define infrastructure urbanism
o Setup a POC with architecture team to test and validate network workfows
o Contact person with the various stakeholders of the project (editors, operating team, competence center ...)
o Training of operation team to rollout the solution in AMEA region
o L3 support to operation team during implementation phase
Support historical group applications during their migration to the new DC
o Member of shared team (9 persons between Paris and Toulouse)
o WAN routing issues (overlapping, asymmetric routing, BGP optimization )
o Integration in Load balancing solution based on DNS resolution (F5 Big IP GTM)
o Participation in technical validation committees of projects (compliance with network and security architectures )
Technical Environment
Alcatel Lucent Vital Qip
BlueCoat SG
Cisco ASR, IOS
Fortinet 3000 serie
F5 Big IP GTM,
Juniper EX, MX series
VMware infrastructure 5.0
Feb 2009 to Dec 2009
(1 year) Logica IT Paris
Network and Security Engineer
Audit offer for VMware infrastructure environment.
o Definition of security compliance rules:
o Customizing survey audit.
o Work with Security team to integrate VMware security in global security audit offers.
Data Center L2 migration
o Working with Data Center team in Paris to migrate Extreme L2 Switches (end of support)
o POC and Migrations roadmaps preparation (Core migration, access SW migrations, routing, STP interoperability )
o Prepare target Switch configuration (Juniper EX4200, EX4500, EX8200, MX8000)
o Technical support during the migrations.
o Update documentation for operation teams.
Technical environment
VMware infrastructure 3
Qualys Guard (VMS)
Juniper
Extreme Network
June 2004 to Sept 2006
(2 years) Hewlett-Packard (HP) Tunis
Network and security administrator
Member of local support team (3 members)
New Switchs/routers installation and configuration
L1/L2 technical support for end users onsite
Active directory administration (user MACD)
Update and maintain FW rules
Manage and monitor Antivirus infrastructure
Manage and maintain wireless infrastructure.
Technical environment
HP Procurve
Fortinet
Trend micro Antivirus
ZTE AP
Consultants similaires
Consultant Cyber Sécurité
VoirCompétences : CCNP, Checkpoint, CISCO, DHCP, CENTOS, Conception, ...
consultant Retenir
Ingénieur Réseau et Sécurité
VoirCompétences : Catalyst 6500, CCNP, Checkpoint, CISCO, DHCP, ANGLAIS, ...
consultant Retenir