Freelancer profile translated to English.

Description

With a strong background in IT architecture, I am a Modern Workplace Architect at BNP Paribas, a global leader in banking and financial services. My mission is to design and implement innovative and high-performance solutions to optimize the workstation and data protection for employees, using Microsoft's cloud and security technologies. I am motivated by technical challenges and learning opportunities, and I share the group's values of responsibility, cooperation, and diversity.

Since July 2021, I have been working on the Modern Workplace project, which aims to train architecture, security, compliance, and telecom teams on the Zero Trust concept and new Microsoft SaaS solutions such as Entra ID, Defender, Sentinel, Purview, Intune, and Azure OpenAI. I am also responsible for defining and writing the design for the new Windows workstation managed exclusively over the internet. Among my key skills, I can mention ConfigMgr, Windows 11, Intune, Autopilot, M365 Defender, as well as mastery of security, compliance, and identity management concepts and tools.

Languages

French
Native or bilingual
English
Native or bilingual

Workplace preferences

Can work on-site

Paris (up to 50km), Paris (up to 20km)

BNP Paribas
Modern Workplace Architect
BANKING AND INSURANCE
July 2021 - Today (4 years and 10 months)
Montreuil, France
Modern Workplace Project:
o Training of architecture, security, compliance, and telecom teams on the Zero Trust concept and new Microsoft SaaS and PaaS solutions (Entra ID, Defender, Sentinel, Purview, Intune, Azure OpenAI)
o Definition and writing of the design for the new Windows workstation managed exclusively over the internet
o Definition and integration of the group's third-party PKI with Microsoft Intune
o Definition and implementation of Windows Hello for Business to replace smart cards
o Passwordless study and use of Temporary Access Password to bypass ADFS flows
o Defender for Endpoint study and implementation of shadow IT discovery
o Definition and implementation of Defender for Endpoint web filtering
o Definition of Windows, M365 apps, and Edge security standards
o Definition of security use cases related to the Zero Trust concept
o Study of the use of a SaaS proxy solution with Zscaler and Cloud App Security Broker
o Study for optimizing on-site internet bandwidth
o Definition and implementation of conditional access for VPN, LAN & WLAN
o Definition and implementation of conditional access rules for the new workstation
o Study of tenant restriction V2
o Study for implementing Kerberos Strong Mapping
o Definition and implementation of Windows Defender Application Control
o Study for integrating the new private app store Winget
o Definition and implementation of an automation tool to configure users with Azure Power Automate
o Study of Azure OpenAI and Copilot

• Security Project:
o Project to maintain vital activities in case of a major incident

Technical Environment: Azure Active Directory; ADFS; OpenTrust; Horizon; Application Proxy; Microsoft Defender; Intune; Microsoft 365; Windows Autopilot; Windows 11; Cisco; Checkpoint; Tanium; Elasticsearch, Checkpoint,
Intune Active Directory Microsoft Defender Windows 11 Cisco
BNPP CIB
Technical Architect
BANKING AND INSURANCE
May 2015 - Today (11 years and 1 month)
Paris, France
• System Center Configuration Manager Current Branch:
o Writing of LLD and HLD (Design)
o Writing of technical standards and operational documentation
o Implementation of the core infrastructure
o Technical project manager for the migration of the SCCM 2007 infrastructure to SCCM CB
o Powershell automation scripts
o Documentation and implementation of SCUP
o Documentation and integration of SCCM CB with the enterprise PKI

• Windows 10 Current Branch for Business:
o Integration project for Windows 10 CBB
o Study for migrating from Windows 7 to Windows 10
o Evolution project for the existing application model
o Study of Windows Store For Business
o Design for replacing roaming profiles with Microsoft UE-V

• Windows Server 2012r2:
o Documentation and implementation of an RDS Remote APP cluster
o Documentation and implementation of an IIS server for Firefox ESR updates
o Documentation and implementation of a SQL Server 2014 cluster
o Documentation and implementation of a shared WSUS
o Documentation and implementation of data deduplication

• Windows Server 2016:
o Design of on-premise Windows Hello for Business
o Study of the Hyper-V Converged and S2D solution
o Study of ADFS 2016 and Windows 10 device registration

• Security hardening:
o Impact study of TLS 1.2 exclusive protocol
o Study of the Microsoft PAW solution
o Study of Cisco Anyconnect VPN with dual authentication
o Design of Windows 10 LTSB

• Cloud services:
o Azure Active Directory
o Application Proxy
o Office 365
o Study of OneDrive For Business
o SCCM CB Cloud Management Gateway
o Site to Site Direct Access to Azure VPN
o Windows Autopilot
o Microsoft Intune
o Co-management of Windows 10 SCCM/Intune

Technical Environment: Windows Server 2008R2, 2012R2, 2016, Windows 7, 8.1, 10,
SCCM 2007, SCCM 2012, SCCM CB, Hyper-V, Hyper-V Converged, SCVMM, SCOM,
ESXi 5.5, Vsphere 6.0, SQL Server 2014, SQL Server Always ON, SQL Failover, Hyper-v Failover,
VM Failover, RDS 2012r2, iPXE, Storage Space Direct, PKI OpenTrust,
Windows Server Windows Autopilot Windows 365 SCCM VMware ESX
Société Générale
Technical Architect
BANKING AND INSURANCE
July 2019 - July 2021 (2 years and 1 month)
Fontenay-sous-Bois, France
• Cloud services:
o Comparative study VMware Workspace One vs Microsoft Intune
o Study and implementation of worldwide MEM Intune delegation
o Study and implementation of Windows Defender for Endpoint solution (e.g., Defender ATP)
o Feature Team Modern Workplace (Windows Autopilot & Intune)
o Study of Microsoft 365 Security (e.g., MTP)
o Study and implementation of Endpoint Analytics
o Study of Microsoft Cloud App Security (CASB)
o Study of Microsoft Endpoint DLP (Data Loss Prevention)
o Study of Windows Defender for Endpoint integration with Sentinel, Microsoft Cloud App Security & RSA
o Study of Azure Logic Apps

• Microsoft Endpoint Manager Configuration Manager:
o Definition of infrastructure upgrade standards
o Writing of technical standards and operational documentation
o Worldwide MEMCM infrastructure architect (e.g., SCCM CB)

• Security hardening:
o Study and design of Tier 0
o Impact study of TLS 1.2 exclusive protocol
o Design and hardening of MEMCM
o Study and documentation of the Microsoft 365 Security suite

Technical Environment:
Azure Active Directory; ADFS; NDES; Application Proxy; Defender For Endpoint; MS Intune; Microsoft 365; Microsoft Autopilot; Microsoft Endpoint Manager; Windows 10; Office 365,
Windows Autopilot Microsoft 365 Microsoft Intune System Center Configuration Manager (SCCM) Microsoft 365 Defender

Check out Christophe's experience

Be the first to recommend Christophe

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

Higher Technical Diploma in Management IT: Network Option
Lycée Privé SUGER
2008
Certificate of English language proficiency: Business and General English
SELC (Sydney-Australia)
2013
Lower-Advanced

Check out Christophe's education

Cloud Engineer & Architect

Christophe D.

Modern Workplace Architect

About Christophe

Experience

Recommendations

These freelancer profiles also match your criteria

Education

Skill set

Categories