Freelancer profile translated to English.

Description

Azure Architect and Platform Engineer

I have 8 years of experience as an Azure Architect & Platform Engineer, specializing in the design, deployment, and optimization of cloud infrastructures on Azure.

I assist my clients in implementing robust and scalable solutions, combining security, performance, and innovation.

1. Implement Azure Policies (Deploy If Not Exist, DenyDelete, Modify) on management groups with the CAF framework.

2. Implement and configure PIM, MFA for business and foundational access (terraform modules, github actions).

3. Design and manage network architectures (vWAN, VPN Gateway, Private Link, Private Endpoint, Route Tables, NSG, Azure Firewall).

4. Secure workloads: WAF, Application Gateway, Defender for Cloud.

5. Implement disaster recovery solutions (SQL Failover, Cosmos DB Failover, Azure Front Door multi-regions).

Architecture & Design

Design of complex Azure cloud architectures (Landing Zone, Hub & Spoke, VWAN)

Design of security and compliance solutions (Azure Policy, RBAC, PIM)

Architecture of backup and disaster recovery solutions

Design of CI/CD pipelines and advanced DevOps strategies

Automation & Infrastructure as Code

Development of Terraform/Terragrunt modules for multi-environment deployments

Creation of GitHub Actions/Azure DevOps pipelines for complete automation

Advanced scripting (PowerShell, Python, Go) for operational automation

Kubernetes & Containerization

Deployment and management of AKS clusters with enhanced security

Creation of microservice APIs with Helm Charts and Docker

Implementation of monitoring solutions (Prometheus, Grafana)

FinOps & Cost Optimization

Analysis and optimization of cloud costs (demonstrated reduction of €10k/month)

Implementation of lifecycle management solutions

Creation of cost monitoring dashboards with KQL

Optimization strategies for Dev/QA environments

Industry field of expertise

Languages

French
Native or bilingual

Workplace preferences

Can work on-site

Paris (up to 50km)

TotalEnergies
Azure Solution Architect / Platform Engineer
ENERGY AND UTILITIES
January 2023 - Today (3 years and 5 months)
Paris, France
Improving and managing Azure Platform based on the Azure Landing Zone framework (CAF).

• Designing and building a new Network Architecture using Azure VWAN (Azure Route Server, BGP, Indirect

Spokes).
Governing the platform using Azure Policies, Azure Custom RBAC roles and Privileged Identity.
Designing and building an Azure Kubernetes Service cluster exposed by a Front Door Premium and Private Link Services for
platform microservice APIs hosting.
Deploying APIs using Kubernetes deployment with Helm Charts and Docker Images.
Deploying new platform components using Terraform with Terragrunt layering and Terraform CDK
Automatization of all platform components deployment using GitHub Actions
Designing and implementing the deployment of the Private DNS Resolver for On-Premise servers’ resolution
Designing and implementing work around to overcome Azure limitations or services specificities: SPN Federation, Azure Policy Definition Set
Designing and implementing Azure Automanage Machine Configuration to Update EDR (Endpoint Detection Response) configuration profile
Implementing a monitoring and alerting solution using Prometheus exporters and Grafana dashboards

Deploying and configuring SQL Server Failover and Cosmos DB Failover as a Disaster Recovery Solution
Define and implement observability and resilience mechanisms by interacting with all TotalEnergies IT entities
Define data backup and application restoration mechanisms.
Github Actions Microsoft Azure Microsoft Entra ID Networking Terraform Cloud
AXA en France
DevSecOps Engineer
February 2021 - December 2022 (1 year and 10 months)
France
Integrate the Security OPS team in order to conduct studies, the development of scripts, the integration and deployment of the latter on all environments as part of the resource security plan on Azure Cloud.
Performed Tasks:
DevSecOps and Automation Engineer inside Azure environment.
• Create Azure Policy Definition to describe and control resources compliance.
• Assign Azure Policy Definitions to Azure scubriptions Scope.
• Create Powershell Script to automate the creation and assignment for azure policy.
• Enable Https for all Azure Storage Account, Azure Functions and AzureApp Service using PowerShell
o scripts and Azure DevOps release pipeline.
• Enable Firewall for Azure Storage Accounts, Azure SQL Servers, Azure Key Vault and Azure Cosmos DB
o using Powershell script and Azure DevOps.
• Configure Azure Private Endpoint to secure communication between App Service Environement (ASE)
o and Azure Key Vault.
• Design a solution for Update Management using Azure Log Anaytics Workspace and Automation Account.
T-Systems International
Azure Architect Engineer
April 2019 - January 2021 (1 year and 9 months)
Design a new pattern for Azure resources backup and for Ensuring privately access services on the Azure platform.
Performed Tasks:
• Design a new solution for the Azure Data Lake Gen2 Monthly Backup and Restore with Azure Data Factory: o Create a Proof of Concept to backup the ADL to An Immutable Azure storage unsig ADF.
o Test the solution and ensure there is no downtime during the backup process.
o Create Gitlab CI/CD pipeline to run the automated solution.
o Create Terraform Modules to deploy the solution to Azure Infrastructure:
▪ Create Immutable Azure Blob Storage.
▪ Load the existing Azure Data Lake Gen2 using Data source.
▪ Create an Azure Data Factory.
▪ Create Linked Services for the Blob and ADL Storage.
▪ Secure the connection between Azure Data Factory and the Linked services using Managed
Identity.
▪ Create Azure Data Factory datasets for the Blob and ADL storage.
▪ Create ADF pipeline for the backup based on the Copy Activity.
▪ Create ADF pipeline to restore the data from the Blob storage.
▪ Create Schedule trigger to run the pipeline on the last of each month
▪ Create Terraform workspaces for each environment.
▪ Create vars.tfvars files for each environment.
o Create the Technical Architecture Document: Architecture and the explanation document.