Freelancer profile translated to English.

Description

Freelance Network & Security Engineer with 9 years of experience in the design, implementation, and operation of network and security infrastructures. Expertise in multi-site industrial and corporate environments (Cisco, Fortinet, Meraki, Zscaler, Cisco ISE). Interventions on Build & Run projects: Meraki and Fortigate SDWAN Migration, LAN/Wi-Fi architecture, IT/OT segmentation, firewalling, NAC, and supervision.

Industry field of expertise

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Paris (up to 50km)

SAFT/Total Energie
Network and Security Engineer
ENERGY AND UTILITIES
April 2024 - Today (2 years and 2 months)
Levallois-Perret, France
Mission - Build
-> Safiis Project (Corporate and Industrial Network Separation):
o Design of a secure architecture, implementation of (Vlans, VRF, Vdom, Inter-zone Firewall) and flow control to ensure the isolation and operational security of the industrial network.
o Organization and facilitation of technical workshops with local IT teams.
o Writing of HLD and LLD technical documentation to formalize the target architecture and network configurations.
-> Corporate Site Network LAN Redesign Project:
o Implementation of a Fortigate Firewall infrastructure with VDOM management for logical segmentation of environments (Back, Front, Guest).
o Design and configuration of Vlans for internal, guest, and internet flow separation and implementation of Fortigate SDWAN.
o Deployment and configuration of Cisco Meraki Switches, managed via the Dashboard
-> Cisco Wi-Fi Infrastructure Deployment Project integrated with Cisco ISE for network access management and secure user authentication:
o Setup and configuration of Cisco 9800 Wi-Fi controllers and integration of Cisco access points, including the setup of Policy Tags, RF Tags, Site Tags, and creation of secure SSIDs.
o Implementation of a distributed Cisco ISE architecture including roles (PAN, PSN, MNT), ensuring the redundancy and scalability of the NAC solution.
o Configuration of security policies with EAP-TLS authentication for certified users, and MAB with automatic profiling for other equipment (Printers, Robots…).
-> Data Center Relocation Project:
o Participation in the data center migration project, supporting the network and security teams.
o Preparation and verification of configurations (routing, inter-site links) before cutover.

Run Mission:
o Operation and administration of Zscaler proxy (ZCC, ZIA & ZPA): access policy management, user support, log analysis.
o Level 2/3 Network and Security Support.
Cisco Meraki Cisco ASA fortigate sdwan fortigate firewall zscaler proxy
Conforama France
Network and Security Engineer
RETAIL (LARGE RETAILERS)
March 2021 - March 2024 (3 years)
Lognes, France
Mission - Build:

-> MPLS Verizon to Meraki SD-WAN Migration Project:

o Conducted an SD-WAN network POC to validate all store needs (payment, internet browsing, Wi-Fi, telephony)
o Provisioning of all configuration on the Meraki Dashboard.
o Testing and validation after each Network & Wi-Fi migration for all Conforama stores.
o Writing of a detailed architecture document.

-> New Datacenter Infrastructure Implementation Project in Spine/leaf with Cloud Vision solution:

o Definition of an architecture on 2 datacenters composed of a fabric based on a Leaf/Spine topology providing access to the resources of these 2 DCs.
o Study of connectivity with the existing network.
o Implementation of the Out-Of-Band (OOB) network for network management.
o Configuration of equipment (Security, MLAG, Vxlan, Underlay, Overlay, ...)

-> New Store Opening and Warehouse LAN Redesign Projects:

o Technical solution prototyping.
o Writing of an architecture document with network diagrams.

-> Partner Migration to IPSEC VPN Project:

o Implementation of IPSEC VPN tunnels for Conforama partners
o Testing and validation of created flows.

-> Fiber Deployment Project in Stores:

o Define a migration plan for replacing Orange Liveboxes with Cisco ISR 1111 & 881 routers.
o Fiber migration validation with the store.

-> Network and Security Equipment Upgrade Projects:

o Upgrade of Fortigate LAN 1500D versions.
o Upgrade of CISCO Switch and router versions.

-> Telephony Projects:
o Study and implementation of POCs to choose the hosting solution for Mitel DECT phones.

Mission – Run:

• Management of Fortigate & Cisco Umbrella proxy security and Fortigate Firewalls.
• Management of Level 2 and 3 network and security incidents.
• Updating diagrams and architecture documents.
meraki sdwan Cisco Umbrella Cisco Meraki Arista
Globecast
Network and Security Engineer
FILM AND AV
November 2018 - December 2020 (2 years and 2 months)
Issy-les-Moulineaux, France
Mission - Build:

-> Relocation Project:

o Architecture Design: study of technical solutions in line with the relocation project's needs.
o Choice of technical components (Benchmarking), POC and validation of selected solutions.
o Writing of a detailed architecture document.

-> BLUECOAT Proxy Project:

o Addition of a 2nd BLUECOAT proxy via the bcaaa relay.
o Configuration of redundancy between the two proxies.

-> JUNIPER Project:

o Implementation of a secure infrastructure with JUNIPER SRX 1500 Firewall.
o Configuration of secure DMZs on the Firewall
o Configuration of Policies for each new zone.
o Testing and validation of created flows.

-> Network and Security Equipment Upgrade Projects:

o Upgrade of BLUECOAT Proxy and CAS (antivirus analysis) appliance versions.
o Upgrade of CISCO Switch and router versions.

-> Project: Deployment of CISCO Anyconnect VPN solution:
o Integration of the Anyconnect solution with the ASA5510 Firewall.
o Configuration of Anyconnect parameters (user, rights) on the CISCO ACS server.

-> Project: Implement access controls:
o Creation of new secure DMZs on CISCO ASA Firewalls
o Configuration of Policies and creation of secure flows according to client needs.

Mission – Run:

• Management of BLUECOAT proxy security and CISCO ASA Firewalls and Juniper Firewall.
• Management of Level 2 and 3 network and security incidents.
• Implementation and coordination of Task Forces related to the network and security scope.
• Providing expertise in supporting the resolution of Level 2 and 3 operational incidents.

Technical Environment:

CISCO Router & Switch, CISCO ASA 5515 & 5510, CISCO ACS, JUNIPER SRX 1500, CISCO WLC, BLUECOAT Proxy, Anyconnect VPN, Pulse Secure VPN, Nagios, Cacti, SPLUNK, Olfeo Proxy, Ws_Watch.
Cisco Anyconnect Cisco ASA Cisco switch