CV/Mission d'Expert ARISTA freelance

Exemple de missions d'Aymen,
Expert ARISTA habitant les Hauts-de-Seine (92)

• Security Architect

  FUJUTSI FRANCE
  Jan 2020 - Jan 2020

  This short mission aims to prepare the moving of the infrastructure from one office to another:
  Auditing existing infrastructure (from network and security point of vue)
  Defining new design that matchs security and redundancy goals
  Writing HLD and LLD documents
  Defining steps of moving from on site to another

  Technical environment: Fortigate, Checkpoint/VSX R80.20/R77, Cisco switchs (Catalyst)

• Security NAC engineer at AFNOR
  Jan 2019 - Jan 2021

  This short mission aims to configure the NAC on Afnor’s user LAN on two steps (monitoring and close modes):
  Deploying a cluster of virtual cisco ISE (2.4 with last patches)
  Defining new target configuration of NAC authentication with certificate
  Managing the POC of the NAC solution (testing phase)
  Monitoring logs and enhancing configurations and resolving authentications issue
  Generalizing configuration of NAC on all switchs
  Validating monitoring steps and passing to close mode

  Technical environment: Cisco ISE (2.4), Cisco catalyst siwtch

• Security Expert

  SOCIETE GENERALE
  Jan 2018 - aujourd'hui

  I am leading L3 security projects and resolving the Bank Security Network incidents:
  
  Deploying new high-level infrastructure with Firewalling (Checkpoint & Fortinet, Cisco FTD)
  Designing and deploying SDWAN infrastructures
  Tuning Checkpoint firewalls (multi-thread, multi-queue, coreXL, affinity,etc)
  Migrating firewalls from old DC to new DC (Fortigates/Checkpoint/VSX)
  Upgrading Fortigate firewalls, Fortimanager, Fortianalyzer
  Upgrading Checkpoint Multi-Domain Server Manager and gateway from R77 to R80.20
  Deploying Cisco FTD & Gigamon switchs for IPS
  Solving complex firewall incidents (L3)
  Auditing and analyzing the existing infrastructures (critical, hosting, internet access, etc)
  Defining technical solutions for SDWAN project (Architecture and deploying)
  Presenting Audit results (Different sub-branches)
  Assisting feature teams on complexes migration projects
  Troubleshooting and solving L3 incidents

  Technical environment: Fortinet Fortigate, Fortimanager, Fortianalyzer, Checkpoint/VSX/MDS/CMA R80.20/R77, Cisco FTD, GIGAMON, IPSEC VPN, Cisco ISE, Tufin, switch (Nexus, Catalyst), Cisco SDWAN VIPTELA

• Professionals Projects
  Jan 2016 - aujourd'hui

  Presales Security Engineer at Vinci Energies Axians
  I am managing a team with 2 security engineers and leading sales projects and choosing the best solutions for our customers.
  Managing Pre selling security project and in charge of documentation
  Providing sales people with a better understanding of their clients needs
  Audit and analyze the existing customer s applications and infrastructures
  Defining technical solutions
  Qualifying projects in terms of delivery and processing times
  Studying the costs of solutions sold
  Presenting projects to clients
  Auditing our customers infrastructure
  Training of interns on cybersecurity
  Technological watch on new products
  Deploying Firewalling, ISE, IPS, Email, Load balancing and proxy solution-based architectures

  Technical environment Fortinet, Palo Alto, Checkpoint R80, R77, R75, Meraki MX, Cisco ASA/FTD, Cisco WSA, Fortiweb, F5 LTM, Cisco ESA, Meraki Switch, SSL and IPSEC VPN, CISCO ISE, Active Directory, Tufin, switch Nexus, Catalyst,

• External Consultant

  Linkbynet
  Jan 2015 - Jan 2016

  Within a team of six network and security engineers, I am leading the platforms deployment of Linkbynet customers on physical and virtual cloud environment.
  Pre Selling security and drafting documents
  Support business managers conference calls with clients
  Accompaniment of client during the implementation of the solution sold
  Integration and support of network infrastructure and security and new customers
  Deployment and configuration Virtual Servers with iRule on loadbalancer BIGIP
  Deployment and configuration Policies on Fortigate, Palo Alto and Cisco FTD
  Deployment of Checkpoint Firewall on Vmware ESX environment
  Deployment of Virtual machine on Amazon cloud and Azure
  Deployment of Cisco ISE for Wifi Guest portal and 802.1x authentication
  Setting architecture with F5 GTM virtual and physical
  Integration of Linux firewall, switch Avaya, Cisco and HP
  Selling and installing Meraki solution with MX Firewall, MS Switch
  Support and incident resolution and support of international subsidiaries Vietnam, Mauritius and canada

  Technical environment BIGIP F5 LTM and GTM, Palo Alto, Checkpoint R77, Meraki MX, Fortinet 1500D, SSL and IPSEC VPN, ISE, Active Directory, switch Nexus, Catalyst, Avaya, HP, Nortel, Arista , monitoring Nagios and cacti

• External Consultant

  Orange- Network Operations and Services Branch
  Jan 2014 - Jan 2015

  Within a team of twenty network and security experts, I took the responsibility of the network operation and integration service. I work on the following tasks
  Deployment, support and maintenance of network security and service platforms
  Design Network for 4th generation EPC for Orange
  Deployment and support of new firewalls FortiGate 3700D
  Integration of load-balancer BIGIP DNS and caching DNS client data
  Implementing of routing and switching specifications
  HTTP improvement and TCP optimization for customer requests
  Acceleration and compression of customer data on F5 BIGIP LTM
  Offloading SSL reverse proxy and SSL on BIGIP
  Integration of the SmartHome Orange Service Platform in a virtual environment in the Greenwich Data-center VE BigIP, VMware vShield
  Supervision of equipment on Cacti and HPOV to ensure their proper functioning
  Creating Loadbalanced architectures, redundant and highly available
  Troubleshooting, investigation and debug incidents on the network
  Processing network tickets
  Detection and prevention IPS against attacks and deployment protective measurements.

  Technical Environment F5 BIGIP and Viprion, Fortinet, Juniper SRX, MX and EX, Alteon, Cisco PIX, cisco 7000 series and Catalyst, CheckPoint, Loadbalancing F5, Altéon, Allot, Firewalling Fortinet/Juniper/Checkpoint/Cisco, BGP, VRRP, HSRP, STP, VPN IPsec, Radius, DNS, NAT, TCPDUMP and Linux Prodbes

• External Consultant

  Bouygues Telecom - Paris Mission on the Backbone Network Information System
  Jan 2011 - Jan 2013

  Within the network information system department, a team of 30 architects, my mission, was to analyze customer s requests. I worked on NAS Network Architecture Specification for different internal and external clients. During this mission I mainly worked on
  Specification and selection of the architecture that uses the cash flows from external access
  Migration of the backbone project on MPLS network.
  Definition of static/dynamic routing OSPF / BGP .
  Creating virtual IP VIP on BIGIP LTM and/or ACE card creating pools, members, monitors, load balancing algorithms...
  Writing spec documents SAR Specifying Network Architecture
  Identifying Firewall Juniper, Nokia CheckPoint, Fortigate in the path of flow and opening addresses to the services in question
  Creating of IPsec VPN between partners and internal network Bouygues Telecom specifying security settings IPsec tunnel.
  Definibg rules and creation of Nat VIP card on ACE to ensure load balancing flow when needed.
  Troubleshooting network incidents.
  Mixing and adding equipment switch catalyst and Nexus .
  Collection of Key Performance KP flow in the data center and office using Cacti.

  Environnement Technique IP, OSPF, BGP, VPN, HSRP, VRRP, VRF, MPLS, VDOM, Firewlling Juniper, CheckPoint, Fortigate , VLAN trunking, ACL, Routing and Switching Cisco Catalyst, Nexus, Juniper MX , Cacti, Nokia Manager System NMS, SmartDashBoard ,Tacacs, ,C3750, Nexus, SR7750, VPRN, ACE Card, F5 BIGIP LTM, and internal Bouygues tools.

• Graduation Project Orange Labs, Lannion, Francel
  Jan 2011 - aujourd'hui

  As part of ETICS European project Economics and Technology for International Carrier Services , during my mission, I specified, defined and implemented the architecture of negotiation and configuration of automated Cloud connectivity service for a multiple managed networks. I mainly worked on
  
   Development and implementation of a platform configuration and negotiation of access services based on WebServices.
   Analysis of different options of this architecture.
   Configuration of VPN services Virtual Leased Line VLL, Virtual Private LAN Service VPLS, Virtual Private Routed network VPRN, MPLS and GRE tunnels on routers Services SR-7750 and Quagga , blade server SUN, HP Omni-Switch 6800-6900 with the network manager 5620 SAM Service Aware Management Alcatel-Lucent.
   Prototyping IP / MPLS platform services and advanced concepts Cloud Computing and virtualization techniques VPNs .
   Development of a Java GUI that uses SNMP for device configuration. The developed module retrievesMIB Management Information Data Base from the Switch 6800 and routers.and displays the configuration of equipements. in the GUI. It allows the administrator to remotely control the equipment in a centralized manner..
  Preparing and running tests Design a network topology interconnecting Deutsche Telekom and Orange and Bell Labs with SR7750 and Cisco routers and client machines, in order to test the establishment of cloud services cloud gaming Onlive and video streaming with managing QoS end to end.

  Technical Environment IP, MPLS/GRE, QoS, RSVP-TE, OSPF-TE, SNMP, GRE WebServices / SOAP / WSDL, Java, SOA, REST, QPID Apatch AMQP , SR7750 Alcatel-Lucent equipment s