Senan Houngnandan

Intervention within the shared NSOC of Orange Cyberdefense, in a critical environment, as a technical referent for a portfolio of 5 major clients simultaneously (business services, public transport, sports & entertainment, personal services, and telecommunications — confidential names).

English-speaking environment. Bilingual French | English.

Assignments:

• L3/L4 Operation and build contribution on highly critical security infrastructures.

• Participation in the deployment and migration of an international Fortinet SD-WAN infrastructure, with over 330 sites migrated out of a target of 800 sites.

• Preparation of Fortinet configurations via FortiManager, AWX, and GitLab for ZTP deployments.

• Configuration of secure internet access via Zscaler: GRE tunnels, static IP, and locations.

• Post-migration validation of Overlay, Underlay, and GRE tunnels, then integration into supervision, CMDB, and backup tools.

• Management of complex changes, traffic openings, and critical incidents in coordination with Fortinet and Zscaler vendor support.

• Administration of multi-VDOM / VSYS Fortinet and Palo Alto environments for secure remote access, GlobalProtect SSL VPN, and IPsec VPN.

• Administration of F5 BIG-IP LTM: creation of VIPs, Pools, and Nodes, application publishing, and SSL/TLS certificate renewal.

• Production of monthly vulnerability reports, leading technical committees, and monitoring security upgrade plans.

• Implementation of Palo Alto App-ID rules and DNAT rules via IPsec tunnels to meet business needs.

Tech environment: FortiGate 40F, 60F, 80F, 100F, 200F, 400F, 400E, 600F, FortiManager VM Azure, FortiAnalyzer VM Azure / Hyper-V, SD-WAN, GRE, BGP, Zscaler ZIA, Zscaler Client Connector, SAML, GitLab, AWX, Centreon, CMDB, ABT, Palo Alto PA-5410 / PA-3250 / PA-3420 / PA-440 / PA-5250 / PA-220, Panorama, F5 BIG-IP LTM, Stormshield,

Context: As the security referent for network traffic within a major critical environment, I played a central role between business teams, architects, and the CISO to ensure compliance and control of network access.

Responsibilities:

- Management of traffic opening requests: analysis of business needs, security risk assessment, and complete processing of requests up to the final decision.

- Management and validation of exceptions: handling problematic or non-compliant traffic, arbitration in direct liaison with the CISO, based on internal security policies.

- Compliance and challenge of existing traffic: analysis of Technical Architecture Dossiers (DAT) to compare declared traffic with reality, identify discrepancies, and challenge client teams on the legitimacy and necessity of each flow.

- Administration and optimization of firewall rules: maintenance and improvement of the Fortinet and Palo Alto rule repository, ensuring a balance between security and operational performance.

- Audits and compliance reviews: regular analysis of the rule base to reduce the attack surface and strengthen the overall security posture.

- Advice and support: primary contact for business and technical teams on best practices for securing access and managing sensitive traffic.

- Management of network and security incidents: advanced troubleshooting, identification of blocking points, and resolution within SLA.

Technical environment:

Technical environment: Fortinet · Palo Alto · Traffic Analysis · DAT ·

Security Policy · Exception Management · CISO

Context: As part of the Level 2 Network & Security Support team for a major international bank, I ensured the availability and security of critical infrastructures in a highly demanding environment.

Responsibilities:

- End-to-end management of network and security incidents: analysis, diagnosis, and autonomous resolution, ensuring service continuity for business teams.

- Administration of critical network equipment: Cisco Nexus routers and switches (5548UP, 5672UP, 7010, 7702) running NX-OS, Cisco ASR 1000, route management.

- Operation of perimeter security solutions: Palo Alto, Fortinet FortiGate (v6.4/7.0), Checkpoint firewalls — traffic analysis, identification of blocking rules, advanced troubleshooting.

- Supervision and reporting via FortiManager and FortiAnalyzer (v6.4/7.0), Centreon.

- Security maintenance: certificate renewal, management of scheduled maintenance operations.

Technical environment:

Cisco Nexus · Cisco ASR 1000 · NX-OS · Palo Alto · Fortinet (FortiGate, FortiManager, FortiAnalyzer) · Checkpoint · F5 BIG-IP LTM (v15.1) · Cisco FEX