Freelancer profile translated to English.

Description

🎯 Network & Security Architect | IP/MPLS, PKI, SD-WAN, Secure IoT

For over 7 years, I have been working for a major operator/integrator in the design and deployment of critical infrastructures, as a network & security architect.

🔐 My expertise covers:

– IP/MPLS and SD-WAN architectures,

– Securing IoT infrastructures (IPsec, PKI),

– Advanced firewalling (Fortinet, Checkpoint),

– Network access control (Cisco ISE, NAC).

– Equipment qualification.

✍️ I am involved from start to finish:

– Upstream studies and framing,

– Writing HLD/LLD,

– Solution validation,

– Delivery,

– Pre-sales support and project support.

🚀 My added value: a balance between technical expertise, documentary rigor and consulting posture, to propose realistic, industrializable and secure solutions.

📩 I am open to new missions (freelance, portage or direct) in a context with high technical stakes.

Technos:

Networking : OSPF, BGP, MPLS, IS-IS, RIP, EIGRP, LDP, IGMP, PIM, STP, VRRP, HSRP, GLBP, Ethernet, ATM, PPP, SIP, NTP
Security : Fortinet, Cisco ASA/ISE, Checkpoint, firewalling, VPN, IPsec, PKI EJBCA, SCEP, EST, Radius, Tacacs, 802.1X
Systems & supervision : VMware vSphere/vCenter, Nagios, Centreon, Cacti, Unix (Redhat/Debian), LDAP, monitoring, accounting

Industry field of expertise

Languages

English
Native or bilingual
Spanish
Conversational

Workplace preferences

Can work on-site

Antony (up to 50km)

VENTE-PRIVEE, DSI/NETWORK TEAM
Network and Security Engineer
TELECOMMUNICATIONS
September 2016 - September 2017 (1 year)
Saint-Denis, France
Mission: LAN/WAN network and security architecture and engineering

 LAN/WAN network architecture and engineering:
• Redesign of Vente-Privée's Internet access as part of the internalization of the CDN activity:
◦ BGP ordering and configuration of new IP transits and IX peering
◦ Development of the migration plan and intervention of migration of old transits
◦ Automation of BGP configurations (python script to PeeringDB)
◦ Configuration of BGP routing optimization (Border6 NSI Optimizer)
• Datacenter infrastructure redesign:
◦ Deployment of Nexus 9K in EVPN/VXLAN Fabric
◦ Interconnection to the Vente-Privée national MPLS loop
◦ Automation of configurations with Ansible
• Deployment of the Vente-Privée national MPLS loop:
◦ PE/CE configuration
◦ Development of the interconnection with the Internet-Edge

 Development and Recipes of prototypes:
◦ Deployment of the Vente-Privée national MPLS loop:
◦ EVPN/VXLAN + MPLS + BGP-LU validation on QKF5K/10K Juniper

 Production:
• Maintaining the network in operational condition:
◦ Opening flows on FWs
◦ Deployment of new needs (VLANs, public/private IP scopes)
◦ Monitoring setup
◦ Incident resolution

Environment: Fortinet Firewalls (1000A/620B/3016), Checkpoint Firewalls (Gaïa/IPSO), Juniper Switches/Routers QFX5100/QFX10002/EX3400/EX3300, Juniper SRX 220H, Juniper MAG-4610, Cisco Router ASR 9602, Cisco 2960 Switches, Cisco Nexus 5K, Cisco 4500 Switches, Cisco Nexus 93108T-EX, Cisco ACS, Ansible, phpipam, infoblox, VMWare vSphere vCenter (Virtualization)...
OBS UNITÉ D'INTÉGRATION DE SOLUTIONS,
Network Engineer/Architect
December 2012 - July 2016 (3 years and 7 months)
93170 Bagnolet, France
Mission: Data Engineering for tailor-made offers for OBS Key Account clients (banks/insurance)

 Network architecture and development of Low Level Design LAN/WAN:
• Development of integrated/managed technical solutions
• Writing technical reference instructions for industrial deployment
• Exhaustive validation of equipment outside the OBS engineering catalog
• Development and Recipes of prototypes
• Writing Test Specifications for validation of solutions by the client
• Support to Industrial Production Centers
• Writing technical reference instructions (LLD) for the industrial deployment of solutions
• Verification of the conformity of configurations generated by industrial production tools
• Perl scripting for industrial configuration of parks
• Declaration and monitoring of incidents with equipment manufacturers (N3 Support) for equipment specific to the solutions deployed
• Requests for validation of new functionalities from OBS engineering in accordance with the specificities of the solutions
• Interventions on sensitive sites (DATA Centers...)

Environment: Orange Business Services Enterprise Backbone, Juniper Router MX960, Cisco Router ESR10K, Branch Router Cisco C800 C1900 C2900 C3900 ASR 1000 Series, Cisco 2960 Switches, Juniper QFX5100, Juniper EX4300, OneAccess, Alcatel system environment (telephony) DATACORE and Netapp (Storage) and VMWare vSphere vCenter (Virtualization)...
ORANGE CONNECTIVITY & WORKSPACE SERVICES,
Network Engineer/Architect
TELECOMMUNICATIONS
October 2017 - Today (8 years and 8 months)
91300 Massy, France
LAN, WAN, VPN, Datacenter Network Architecture and Engineering (RTE, GRTGaz, ENEDIS)
Pre-Sales & Strategic Consulting
• Analysis of expressed and unformulated needs
• Assessment of the existing and recommendations for evolution
• Advice on evolution priorities and infrastructure sustainability
• Presentation of targets, quantification and allocation of the solution

Architecture, Validation & Deployment
• Deployment of POC in isolated environment
• Development of technical solutions and writing of HLD/LLD
• Performing validation tests, integration into production
• Providing models for the industrial deployment tool (orchestrator)

Datacenter Design – INUIT Network
• Proxy chaining for Fortinet antivirus updates
• Integration of a PKI (EJBCA) for IPsec security (unsecured sites)
• Automatic deployment of routers and X.509 certificates via API, EST, SCEP
• Migration from Cisco ACS to ISE, redesign of access policies
• Network / security compliance verification, review of integrator deliverables

Maintaining operational & security conditions
• Choice of equipment, software versions, upgrade strategy
• Writing operating procedures, pre-deployment tests
• Interventions on site or remotely

Operating procedures & automation
• Steering development (consistency control of flow matrices)
• Provisioning optimization (Fortimanager)

Notable projects
• Automation & securing radio/IPSec multiVPN collection with X.509 lifecycle management
• Global upgrade of the Fortinet park
• RSA strong authentication
• Deployment of an IoT PKI (IPsec collection) with automatic allocation of certificates

Environment: Cisco (C8300, 4500X, 2960, 2520), Nokia SR12/SRa4/SAR 7750, Fortinet 1500D/500D/200D, Fortimanager, PKI EJBCA

Check out Eric's experience

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

CES-BADGE Projects and ICT (Major)
Télécom SudParis Management (INT Management)
2009
CES-BADGE Projets et TIC (Major)
D.U.T Network and Telecommunications Engineering
Université Créteil Paris XII
2007

Check out Eric's education

CCNP
Cisco / Pearson Vue
2012
CCIE Routing & Switching (Written)
Cisco / Pearson Vue
2015

Eric's certifications are only visible to Malt Community members

Eric D.

Architect / Network & Cybersecurity Engineer

About Eric

🎯 Network & Security Architect | IP/MPLS, PKI, SD-WAN, Secure IoT

Experience

Recommendations

These freelancer profiles also match your criteria

Education

Certifications

Skill set

Categories