Freelancer profile translated to English.
Back to original languageAbout Badereddine
Cloud & DevOps Architect (8 years) specializing in AWS + Terraform, I help teams deliver faster with secure, standardized, and observable infrastructure.
What I do most often:
• IaC Industrialization: Terraform/CDKTF, reusable modules, dev/staging/prod environments
• CI/CD: GitLab CI/CD / GitHub Actions (reliable pipelines, quality, releases, rollback)
• Cloud Security & CloudOps: IAM, audit, traceability (CloudTrail), monitoring/alerting (CloudWatch), DevSecOps best practices
Examples of results:
• Automated VPN deployments at ~90% (AWS/Azure + FortiGate + Terraform + CI/CD)
• Reduction in connectivity incidents (~30%) through observability and hardening
• Accelerated production releases thanks to standardized pipelines and runbooks
Intervention format:
Short audit + action plan, or "build" delivery (implementation) with documentation and skill transfer.
📩 Tell me your context (stack, timeline, security constraints) and I'll propose a structured approach + a delivery plan.
French
Native or bilingual
English
Fluent
Spanish
Basic
Can work on-site
Paris (up to 50km)
Experience
- Loxam ParisCloud & DevOps ArchitectMay 2025 - Today (1 year and 1 month)Designed, industrialized, and operated a reusable AWS serverless platform supporting 7+ strategic digital products (POS, QR-Manager, QR Linker, Equipment Docs, Order Tracking, Headless Translator, Email APIs). Architecture & Infrastructure Architected AWS environments using CDK for Terraform (CDKTF) Designed and implemented reusable CDKTF patterns & components Designed reusable Terraform building blocks for serverless and tagging standards Designed and operated CloudFront, Lambda (Docker + code signing), RDS PostgreSQL, API Gateway, S3, VPC, Secrets Manager, KMS CI/CD & AutomationDesigned multi-stage GitLab CI/CD pipelines (Build, Security, Quality, Cost, Plan, Deploy) with protected production gates Integrated security scans (Checkov, Trivy) and quality gates (TFLint, SonarQube) Automated DB migrations with rollback strategies Built reusable GitLab CI templates/components to support future AWS landing zone standardization and migration Orchestrated multi-environment deployments (dev/rec/prd) Security, FinOps & GovernanceImplemented WAFv2 with managed rule sets Enforced least-privilege IAM, KMS encryption, and secrets management Integrated security scanning in CI/CD Implemented cost visibility and guardrails (tagging standards, budget-aware environments, cost reporting via Infracost) to prevent drift and reduce waste Optimized serverless cost/performance through right-sizing and architecture choices (Lambda memory/timeouts, CloudFront caching, log retention, RDS sizing), balancing reliability and spend Observability Implemented advanced observability (CloudWatch dashboards, anomaly detection, X-Ray tracing, RUM, centralized log analysis) Established Reduced Strengthened
- TotalEnergiesCloud Infrastructure Security EngineerENERGY AND UTILITIESMay 2023 - April 2025 (1 year and 11 months)Paris, France🎯 Objective:Implement secure and automated VPN solutions on AWS and Azure while ensuring compliance with security standards and high availability of connections.🌍 Environment: AWS, Azure, Terraform, FortiGate, GitHub Actions, CloudWatch, CloudTrail, IAM, Confluence, Jira🔧 Achievements:✅ Deployment and security of VPNs on AWS and Azure using managed services and FortiGate.✅ Infrastructure automation with Terraform and integration of CI/CD pipelines (GitHub Actions) to facilitate VPN deployment.✅ Implementation of advanced monitoring (CloudWatch, CloudTrail, SNS) to ensure supervision and availability of VPN infrastructures.✅ Collaboration with Security teams to ensure compliance with regulatory requirements (GDPR, internal standards).✅ Performance optimization and management of multi-partner connections in high availability (multi-channel).✅ Level 2/3 Technical Support: incident resolution and support for internal teams in the operation of VPN solutions.✅ Documentation and training: writing guides and runbooks (Confluence, GitHub) to facilitate maintenance and adoption of implemented solutions.🚀 Results Achieved:✔️ 90% automation of VPN deployment, reducing time-to-market.✔️ Improved monitoring, reducing connectivity incidents by 30%.✔️ Compliance ensured with current security standards and regulations.
- M2i Formation🔹 Training: DevOps & Cloud CertificationDIGITAL AND ITOctober 2022 - February 2023 (4 months)Paris, France📌 Certified DevOps Foundation📅 Accelerated training to upskill on DevOps technologies📌 Acquired Skills:✅ Networks & Systems Administration: Network configuration, protocol management, Linux & Windows Server administration.✅ Automation & CI/CD: Deployment with Ansible, continuous integration with Jenkins, CI/CD pipelines.✅ Containerization & Orchestration: Docker, Docker Compose, Kubernetes (fundamentals & advanced, security, CI/CD).✅ Infrastructure as Code: Terraform for provisioning and managing cloud infrastructure.✅ Cloud Computing: Hybrid architecture, OpenStack, AWS, automation and migration to the cloud.✅ Deployment & Security: Monitoring, infrastructure security, and DevOps best practices.✅ Final Project: Implementation of a DevOps software factory autonomously.🚀 100% practical approach with +50% labs for rapid and operational skill development.
Recommendations
Be the first to recommend Badereddine
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- National Engineer's Diploma in Computer Science, Web Technology, and MultimediaHigher Institute of Computer Science and Multimedia of Sfax | ISIMS - Tunisia2015
Certifications
- DevOps FoundationDevOps Institute2023
- Azure Fundamentals - AZ-900Microsoft2023