CV du
consultant

Connaissances fonctionnelles

audit Cloud CTI TELECOM

Méthodes

integration ITIL Support Management MIGRATION Planning

Réseaux et Middleware

CCNP CISCO data center DNS FIREWALL LAN switch WIFI Checkpoint VMWARE ACTIVE DIRECTORY ssl VLAN

Systèmes

INFRASTRUCTURE

. 2008 - Ingénieur en Télécoms et réseaux

. Île-de-France

Senior Network & Security engineer





Technical skills



Core specialties

• L2/L3 support (escalation engineer).

• Operations management in international environment (NSOC)

• Enforcing security policies.

• Defining and planning safety practices.

• Change and incident management (ITITL)



Security

• Firewall: Cisco ASA, Checkpoint, StoneSoft, Fortinet

• Proxy: Forcepoint, Zscaler, Bluecoat

• AAA servers: Cisco ACS, ISE

• Antivirus: Symantec endpoint, Trend Micro suite.

Network

• WAN architecture R&S (BGP, OSPF, EIGRP, SDWAN …)

• LAN R&S (STP, VLAN, VTP …)

• Wireless campus: Cisco, Aruba

• Load Balancer: F5 BigIP GTM, Radware SLB.

• WAN optimization: Riverbed







Education / Training



• 2014 CCNP Routing & Switching certification

• 2013 CCNA routing & switching certification

• 2012 F5 Big IP module GTM training (Gloabl Trafic Manager)

• 2009 Qualys Guard (vulnerability Management Solution)

• 2009 Telecommunication and Network Engineer at Telecom St Etienne

• 2008 TOEIC Listening & Reading

• 2005 Fortinet training (Forti05 V2.8)

• 2005 Trend micro training (V6.5)

• 2005 WatchGuard Firewall training (Firebox manager V7.2)

• 2004 Technical Diploma at ISET’com.







Experience – Projects







From March 2015

(3 years) Lafarge Holcim

(via CNS-communication) Kuala Lumpur/ Lyon







Senior Network & Security consultant





• Define new cloud proxy architecture:

o Merge existing policies (about 150) to new global policies (12 policies)

o Define policies for different business use cases (corporate users, servers, guests, mobile users, TPM …)

o Adapt proxy policies to local legal requirement in some countries.

o Migrate users from legacy solution to Forcepoint cloud (multiple legacy solution with different local vendors)

o Support local IT team during migration

• Setup new outsourced SOC (Security Operations Center)

o Involved with global security team to define the process.

o Participation to define ITIL workflows for incidents and change management (escalation matrix, SLA, RACI matrix …)

o Prepare Technical handover to the new outsourced operation team

o Work closely with SNow dev team to adapt the tool to infrastructure workflow (service requests, standard changes, normal changes, CAB …)

• Migrate industrial sites to the new standard

o Homogenize remote access solutions to a new standard

o Setup dedicated jump servers

o Setup dedicated vpnssl solution

• Network and Security L3 Support for APAC region:

o I moved to Kuala Lumpur to support network and security transformations following the merge

o I had a technical lead role in IT APAC team (12 persons)

o Worked with telco regional provider (Singtel) to enhance WAN performances (setup hybrid sites, update QoS, update monitoring …)

o Support local IT teams for several applications go-lives following the merge













Technical Environment

Forcepoint

Cisco ASA, Fortinet, Checkpoint

ServiceNow

Cisco R&S

infoblox













April 2014 to march 2015

(1 year) Lafarge

(via CNS-communication) Lyon





Senior Network Engineer



Project: Global WAN

• Define a new WAN standard (worldwide)

o Participate with global architecture team to setup the high level design

o Define sites topologies for each region according to telecom constraints and business needs

o Define Internet offloading strategy

o Define QoS strategy in MPLS links

o Setup POC with selected SD-WAN actors

o Setup WAN transit zones in each regional DC (to manage inter-provider routing)

o Prepare roadmaps to migrate sites to the new standard

• Setup new remote access solutions

o Define security policies (ACL for internal and external users

o Define prelogin policies for vpn ssl users (antivirus checks, domain registries checks …)

o Migrate IPsec tunnels with partners and third parties to a new shared FW infrastructure (external arrival zone)

o Setup one remote access solution on each region

o Migrate users to the new VPNSSL solutions

o Handover operation to NOC team

• AAA servers migration

o Migrate AAA servers from Cisco ACS to Cisco ISE

o Implement 802.1x in some critical LANs (selected sites)

o Migrate tacacs servers to ISE

o Setup new global guest Wifi solution (captive portal, sponsored accounts…)







Technical Environment

Cisco IOS

Cisco ASA, ACS, ISE

Zscaler

Checkpoint, Fortinet

Cisco WLC

Rivrbed













Jan 2010 to April 2014

(4 years) Orange

(via Alyotech) Paris





Infrastructure Architect



Projects: WAN/Datacenter Engineering

• Design and setup inter-VPN routing solutions

o Design WAN inter routing VPN solution based on BGP/OSPF routing protocols

o High level design /Low level design documentation

o Define security rules (Firewall policies)

o Setup qualification platform to test all use cases (working closely with dedicated Cisco support engineers)

o Go-live and sites migration to the new solution (more than 40 sites migration managed by Orange global WAN team)

• Design and setup a proxy solution for Orange Group

o Solution is based on Bluecoat appliances

o Define proxy policies for Orange internal users and partners

o Define proxy chaining rules and pac files contents

o High level and low level design documentation

o Update routing rules (PBR, WCCP ...)

o Hand over to operation teams (training, documentation)

• Rollout of a low-cost hosting solution for AMEA region (Africa and Middle East region).

o Working with architecture team to define infrastructure urbanism

o Setup a POC with architecture team to test and validate network workfows

o Contact person with the various stakeholders of the project (editors, operating team, competence center ...)

o Training of operation team to rollout the solution in AMEA region

o L3 support to operation team during implementation phase

• Support historical group applications during their migration to the new DC

o Member of shared team (9 persons between Paris and Toulouse)

o WAN routing issues (overlapping, asymmetric routing, BGP optimization …)

o Integration in Load balancing solution based on DNS resolution (F5 Big IP GTM)

o Participation in technical validation committees of projects (compliance with network and security architectures )







Technical Environment

Alcatel Lucent Vital Qip

BlueCoat SG

Cisco ASR, IOS

Fortinet 3000 serie

F5 Big IP GTM,

Juniper EX, MX series

VMware infrastructure 5.0

















Feb 2009 to Dec 2009

(1 year) Logica IT Paris



Network and Security Engineer





• Audit offer for VMware infrastructure environment.

o Definition of security compliance rules:

o Customizing survey audit.

o Work with Security team to integrate VMware security in global security audit offers.

• Data Center L2 migration

o Working with Data Center team in Paris to migrate Extreme L2 Switches (end of support)

o POC and Migrations roadmaps preparation (Core migration, access SW migrations, routing, STP interoperability …)

o Prepare target Switch configuration (Juniper EX4200, EX4500, EX8200, MX8000)

o Technical support during the migrations.

o Update documentation for operation teams.



Technical environment

VMware infrastructure 3

Qualys Guard (VMS)

Juniper

Extreme Network







June 2004 to Sept 2006

(2 years) Hewlett-Packard (HP) Tunis





Network and security administrator



• Member of local support team (3 members)

• New Switchs/routers installation and configuration

• L1/L2 technical support for end users onsite

• Active directory administration (user MACD)

• Update and maintain FW rules

• Manage and monitor Antivirus infrastructure

• Manage and maintain wireless infrastructure.



Technical environment

HP Procurve

Fortinet

Trend micro Antivirus

ZTE AP