CV IPSEC : Sélectionnez facilement les meilleurs profils

Résumé d'expériences de Zakaria,
freelance IPSEC habitant la Seine-Saint-Denis (93)

• Today Abeille Assurance
  Jan 2021 - aujourd'hui

  Title : Networking and Security Architect
  o Defining target security architectures.
  o Palo-Alto 3250 Cloud firewall deployment to connect DC to CSP (AWS, Azure, Atos Mainframe).
  o Defining and implementing BGP routing policy for excisting CSP.
  o Implementing Palo-Alto 3260 internet firewall for Proxified internet traffic.
  o Maintaining security policies and compliance.
  o Defining migration scenarios, and operating technical changes.
  o Writing HLD & LLD documents.
  o Handing Over the accomplished projects to the support teams.

  Cloud : AWS / Azure / ATOS Cloud, BGP, Cisco ISE, Cisco ASA, Palo-alto, Routing

• M-ENERGIES
  Jan 2021 - aujourd'hui

  - Réalisations des POC permettant la validation de la solution Meraki.
  - Rédaction des documents d’architecture HLD, LLD pout la solution SD-WAN.
  - Configuration de l’organisation sur la Dashboard Meraki.
  - Configuration des templates de configuration sur la Dashboard Meraki.
  - Déploiements des firewalls SD-WAN Meraki MX84, MX67 en mode hub and spoke.
  - Mise en place des règles de partage de charge sur les liens WAN des Firewalls.
  - Mise en place des règles de filtrage sur les MX firewalls.

• Norauto
  Jan 2021 - aujourd'hui

  - Audit réseau de l’architecture BGP du réseau Wan de la sté.
  - Rédaction des documents d’architecture HLD, LLD du réseau wan de la sté.
  - Déploiement de la politique de routage BGP entre les Sites Nord (DC) et les sites sud.

• Generix group
  Jan 2018 - Jan 2021

  Title : Networking, Security & Cloud Architect
  o Public Cloud networking strategy defining for Generix group
  o Audit of existant infrastructures and networks.
  o POC workshops making and technical solutions testing.
  o Defining cloud target architecture (Transit Gateway, internet Gateway, Load Balancer, vpn,…)
  o Maintaining security policies and compliance.
  o Defining migration scenarios from on-prem to cloud (AWS Direct Connect,…)
  o Writing HLD & LLD documents.
  o Managing VPN MPLS networks (30 sites).
  o Datacenter 3750 core network magration to cisco Nexus 9300.
  o Cisco ASA 5520 firewalls replacement with Palo-Alto 3200 (Datacenter + 30 sites).
  o Vpn site to site migration from the legacy cisco to Palo-alto Firewalls.
  o BGP routing protocol impelementation between entities.
  Cloud : AWS / Azure, Ansible, MPLS L3, OSPF, PBR, Cisco ACS, Nexus 9300, Catalyst 3750, 2960,3580, PALO-ALTO 3220, Cisco ASA 5520.

• Netwoks & Security engineer

  WANCORE (ESN)
  Jan 2017 - Jan 2018

  Société Générale ( Bank) :
  o Project : implementing a new backbone for the bank partners interconneting :
  - Writing LLD for projet.
  - Implementing the solution.
  - Preparing procedures for the bank partners migrations to the new backbone.
  o Managing MPLS OBS L3 network :
  - Planning and operating changes on CE routers for VPN MPLS backbone.
  - Planning and operating interconnetions to the MPLS L3 backbone.
  
  MPLS L3, BGP, MP-BGP, OSPF, PBR, VRF, ASR 1006, Nexus 9348GC, Catalyst 6500,4500
  
  Adisseo :
  o AdisseoNet Project : migration from Cisco Catalyst to Cisco Meraki (Solution SD-WAN)
  o Planning and change management for cisco ASA Firewalls on remote locations :
  - France, Spain, USA, China, Russia, Singapour.
  o MPLS (20 sites) Wan network administration.
  o Working on internal networking projects for the IT department:
  - Creating new VPN & WAN links for branches.
  - Change management on the MPLS L3 nework.
  - POC making and technical solutions testing & validation.
  Cisco 4507, 2960, ASA 5510, SD-WAN, Cisco Firepower, MS350, MR42, MX400, MX100, Riverbed

• Netwoks & Systems engineer

  ILEM-Infogérance (SSII)
  Jan 2015 - Jan 2017

  - Managing network infrastructures for clients (Switzerland, France & Morocco).
  - Managing core network for Cotecna company (more than 60 country).
  - FIA network administration (Geneva).
  - Networks audit LAN/WAN for Clients.
  Missions :
  - ILEM Maroc
  o DC networking infrastucture upgrade. Cisco ASA 5510 Failover, Switch 2960 3850, Fortinet
  100D, STP, VTP, VLAN, VPN, Etherchannel, Port mirroring.
  o Implementing QOS (MQC) On DC Switchs.
  o Datacenter networking infrastructure audit and reverse engineering.
  - COTECNA Switzerland
  o DMVPN deployment for more than 500 cisco router. Cisco (2960, 2960X, 4507, 3860,1700,
  1800,2800, 800 series), Cisco ASA 5510, ASA 5512X, Fortinet 300D, DMVPN, IPSEC, MGRE,
  OSPF, VLAN, STP, SLA, Etherchannel, HSRP, HA, MPLS.
  o POC making for SDN (Meraki Software Defined Networking) solution.
  - Digital Virgo
  o Wifi solution deployment and core network upgrade. Cisco Aironet 1700 (Multi SSID),
  Wireless Controller 2500, Switch Cisco 2960
  - Structure Marocaine
  o Configuring Multicast solution for a trading company. PIM, IGMP, Cisco 1800 series.
  - Groupe MONDI
  o VPN IPSEC site to site configuration.
  - FEC
  o Cisco ASA 5512X configuration.
  Cisco (2960, 2960X, 4507, 3860,1700, 1800,2800, 800 series), Cisco ASA 5510, ASA 5512X, Fortinet 300D/100D,
  PaloAlto PA-500, DMVPN, IPSEC, MGRE, OSPF, BGP, VLAN, VTP, STP, SLA, Etherchannel, HSRP, HA, PIM, IGMP,
  Nexus 5K,2K, SteelHead, SteelConnect, MPLS, QOS, Timed ACL, SDN

• Networks and systems engineer

  MAGHREBSTEEL
  Jan 2013 - Jan 2015

  Missions
  - LAN networking infrastructure upgrade.
  - Defining Data backup policy.
  - Networks and systems monitoring
  - Writting procedures and IT documents
  - Managing support teams.
  Projects
  - Configuring VPN IPSEC tunnel for backup between two main Datacenters. Cisco 2800 s.
  - Deploying a Multi Link Internet load balancing solution. PEPLINK Balance 580.
  - Deploying a Cloud mailing solution (Google APPS, Google Drive).
  - Firewalling (Watchguard XTM 525).
  - Network subneting and vlans creation. Cisco 2960, STP, VTP.
  VPN IPSEC, Cisco (2800s, 4503), VSS, VLAN, Cisco 2960, STP, VTP, Google APPS, Google Drive, WatchGuard XTM
  525, GRE, OSPF.

• Networks and systems engineer

  MCI (MULTI CHIMICAL INDUSTRY)
  Jan 2011 - Jan 2013

  Missions
  - IT projects management.
  - Support contracts, and providers SLA follow-up.
  - Managing IT team.
  - Writing IT procedures.
  Projects :
  - Deploying virtualisation solution with VMware (ESXI 5.1).
  - Installing a backup solution with (Symantec Backup EXEC 2012).
  - Deploying Cisco ASA 5505 Firewall.
  - Antispam Symantec Brightmail 6.2 solution install.
  - Nagios (on Fedora) Monitoring solution install.
  - Proxy applications firewall ISA 2004 install.
  - Ticketing solution deployement with « GLPI + OCS Inventory».
  - Kaspersky antivirus solution install.
  VMware (ESXI 5.1), Symantec Backup EXEC 2012, Cisco ASA 5505, ISA server 2004, GLPI, OCS inventory, Kaspersky
  Antivirus, Symantec Brightmail Antispam.

• Administrateurréseaux et systèmes

  GROUP ESIG
  Jan 2010 - Jan 2011

  Missions
  - IT projects management.
  - IT Support contracts, and providers SLA follow-up.
  - Managing IT team.
  - Writing IT procedures.
  Projects
  - Deploying Proxy (Squid) under Debian linux.
  - Deploying Microsoft (HyperV) solution.
  - Deploying VPN (IPSEC) solution,for all remote locations.
  - Ticketing solution deployement with GLPI.
  - Monitoring solution install with FAN (Fully Automated Nagios).
  Proxy (Squid), Hyper-V, VPN (IPSEC), Cisco 800s, ACL, GLPI, FAN (Fully Automated Nagios), Active directory

• Network Administrator

  CASANET (SSII)
  Jan 2008 - Jan 2010

  Mission
  - Corporate LAN administration.
  - IT support contracts, and providers SLA follow-up.
  - Provide IT technical Support for users and clients.
  Projects :
  Maroc Telecom :
  - Membre of MCO project, preventive Maintenancefor routers et Switchs Cisco 29XX, 18XX,
  17XX.
  Altadis et Hanouty:
  - Membre of VPN IPSEC site to site deployement project for all Hanouty remote sites.
  ONCF :
  - Wifi solution deployment on train station (Rabat, Tanger, Marrakech).