Freelancer profile translated to English.

Description

Senior Cloud & Platform Engineer with 7 years of experience in high-stakes Azure and Kubernetes environments: national health data platform, hybrid connectivity for a telecom operator, French certification authority. Specialized in the design and industrialization of secure and reusable cloud platforms, with an Infrastructure as Code, automation, and standardization approach. Capable of intervening in both architecture and implementation. Position strengthened by top-level certifications: Kubestronaut (5 CNCF certifications), Microsoft Certified: Azure Solutions Architect Expert, and FinOps Certified Professional.

Industry field of expertise

Languages

French
Fluent
English
Fluent
Arabic
Native or bilingual

Workplace preferences

Can work on-site

Paris (up to 50km)

Orange
Platform Engineer – Azure Networking & Kubernetes
TELECOMMUNICATIONS
March 2025 - Today (1 year and 3 months)
Montrouge, France
Context:Intervention on the Orange Federated Connectivity (OFC) program around two areas:
Azure Cloud Architecture & hybrid connectivity
Kubernetes Platform Engineering (GKE)

Azure Architecture:
Design and Terraform implementation of the OFC architecture on Azure (Virtual WAN, Hub, VNet, VPN Gateway S2S) in a complex hybrid connectivity context between Azure, Orange on-premise, and group subsidiaries.
Work on advanced hybrid routing, bidirectional NAT, network isolation, and inter-subsidiary flow optimization issues:
Virtual WAN intent routing,
Linux/iptables SNAT,
DNAT via Private Link & Load Balancer,
Architecture POC and connectivity test automation via Terraform.
Regular interactions with Microsoft architects on technical trade-offs and architectural constraints.

Kubernetes Platform Engineering (GKE):
Industrialization and security of a critical GKE platform hosting OFC applications:
Kustomize → Helm migration,
GitLab CI/CD pipelines,
Kubernetes hardening,
Trivy integration,
Network Policies,
Vault & External Secrets Operator (ESO) integration,
Improvement of DevSecOps practices and application packaging.
Participation in technical interviews and candidate evaluations (technical validator).

Stack:

Azure, Terraform, Virtual WAN, GKE, Kubernetes, Helm, GitLab CI, Vault, ESO, Trivy, Docker, Linux, Network Policies.
Microsoft Azure Terraform Kubernetes Network Architecture Google Kubernetes Engine (GKE)
Health Data Hub
Platform Engineer Kubernetes (AKS)
PHARMACEUTICALS INDUSTRY
August 2023 - February 2025 (1 year and 6 months)
Paris, France
Context:Platform Engineer Kubernetes (AKS) within the Health Data Hub, the French national platform dedicated to the secure use of health data.
Intervention on a high-criticality Kubernetes platform in a secure and air-gapped Azure environment, with several hundred environments managed via Terraform/Terragrunt.

Key Achievements:
Industrialization and factorization of Terragrunt configurations to simplify multi-environment management.
Securing AKS upgrades via proactive detection of deprecated Kubernetes APIs (Pluto).
Terraform 1.0 → 1.8 migration with secure infrastructure refactoring.
Migration of GitLab authentication to Keycloak with complete automation of Jupyter/RStudio access.
Integration and secure automation of secrets via External Secrets Operator (ESO) and Azure KeyVault.
Kubernetes industrialization of a European open-source catalog: containerization, GitLab CI/CD, cloud-agnostic Helm Chart, and deployment automation.
Participation in GitOps discussions, continuous platform improvement, and project team support.
Contribution to the reliability and industrialization of a platform handling sensitive health data, with strong constraints on security, standardization, and large-scale maintainability.
Cross-functional work with development, functional, and operations teams on Kubernetes, CI/CD, DevSecOps, automation, and Platform Engineering issues.

Stack:
Azure, AKS, Kubernetes, Terraform, Terragrunt, Helm, GitLab CI, Keycloak, Docker, External Secrets Operator (ESO), KeyVault, Trivy, Pluto, GitOps.
Kubernetes Microsoft Azure Terraform Keycloak Helm
ChamberSign
DevOps & Azure Expert (Cloud & Automation Lead)
TECH
June 2021 - June 2023 (2 years)
Paris, France
**Context**: Cloud & DevOps Lead at ChamberSign, a French certification authority specializing in digital identities and electronic certificates.

Cross-functional intervention on two critical projects focused on Cloud industrialization, deployment automation, and Azure governance in regulated environments.

Key Achievements:

Transformation of infrastructures towards an Infrastructure as Code approach with Terraform.
Industrialization and management of Azure environments (VM, network, Azure AD, DNS, ACR, Monitoring, Storage Accounts).
Implementation and maintenance of Azure DevOps CI/CD pipelines.
Automation of application deployments using Ansible and Bash scripts for on-premise pre-production and production environments.
Major Keycloak 15 (JBoss) → 17 (Quarkus) migration with adaptation of CI/CD processes and automation playbooks.
Cross-functional support to development and hosting teams on infrastructure, deployment, and troubleshooting issues.
Azure tenant administration: IAM governance, access, roles, security policies, and Named Locations.
Participation in FinOps optimizations and reduction of Azure DevOps and Cloud infrastructure costs.
Management of SSL certificates and technical documentation of procedures and architectures.

Work in environments with strong security, traceability, and reliability constraints around digital identity and electronic certificates.

Stack:
Azure, Terraform, Azure DevOps, Ansible, Bash, Docker, Docker Compose, Keycloak, Azure AD, Git, Apache, Nginx.
ansible Terraform Azure DevOps docker-compose Microsoft Azure