Sifeddine - Consultant cybersécurité CISCO

Network and security specialist

Expérience professionnelle (>10 ans d’expérience)
 Parfaite connaissance des produits sécurité réseaux et systèmes.
 Connaissance et expertise des solutions telecom et sécurité.
 Excellentes qualités en gestion des projets technique.
 Créatif, flexible, esprit proactif d’initiative, autonomie, résolution de problèmes et
Résistance au stress.
Depuis 01/04/2021 (position actuelle) : consultant réseaux et sécurité chez Manpower
Nantes France :
 Etude et mise en œuvre d'un projet de transformation WAN vers une solution SDwan
- Porteur et réalisateur d'un projet de migration réseau sur une contexte datacenter
- Assainissement, refonte et standardisation réseaux
- Etude et mise en œuvre d'un PCA réseaux
- Conception, déploiement, migration de nouvelles architectures réseaux:
• LAN: déménagement de sites
• Interconnexion partenaire (MPLS, ipsec, ...)
• Etude et déploiement de solution NAC 802.1x
• Sécurisation des infrastructures et prévention des risques, politique de filtrage
- Traitement des incidents de niveau 3 et gestion proactive du réseau (MCO)
- Rédaction de procédures et de documentations techniques
- - Technologie : Fortinet, HPE, Aruba Network, Clearpass (Radius), , Forti Manager, HP IMC,
FortiAnalyser.
De01/08/2019 à 01/03/2021 (2 ans): consultant réseaux et sécurité chez Ericsson Paris
France :
PROJETS RÉALISÉS :
 Projet innovation BRMC Orange Cloud Privé : Architecture et implémentation de NSX Palo alto Tufin
(automatisation des taches par call API : flux as a services, NAT as a service, Xaas..)
 Programmation des taches réseaux et sécurité via API (Orchestrator, Postman )
 Support /maintenance en cas de problème lors des migrations des composantes infrastructures
 Hardware environment
- Palo Alto : NGN firewalls, Panorama
- Tufin secure track
- HDS 8000 (Ericsson Hyperconverged DC solution
- Juniper switches Switch (L2/L3 , Fabric, Control plane/Data plane)
- Pluribus switches
 Virtualized environment NSX
-VRA/VRO
-SDN ( VMware NSX, VXLAN, Hardware VXLAN)
-Vsphere platform
-Vrealize suite
Depuis 01/03/2016 à 01/03/2018 (2 ans) : consultant Security infrastructure chez Banque
Société General branche Maroc :
 PROJETS RÉALISÉS :
- Gestion des opérations et incidents (N2/N3) de la sécurité de toutes l’infrastructure SI du Banque :
réseaux, serveurs métier/infra, web (reverse proxy, Firewall WAF/applicatif), Database, , Antivirus…..

- Faire l’audit de la sécurité de tout le système d'information ainsi que fournir les rapports
hebdomadaires de traçabilité et fraude pour chaque départements et agences.
 Implémentation du SIEM RSA et Guardium IBM et en réseaux Prod
 Technologies:
Cisco ASA, Fortinet Fortigate , IBM Guardium, SIEM RSA , webgatway McAfee, F5, Xroad, SEP
Symantec Antivirus, SSO Evidian. Qualys.
Depuis 01/01/2015 a 2016: Senior Security consultant at HelpAG Corporation (German
Service Integrator Multi-vendor leader in Security solutions), Qatar and UAE
 Etablir le Design(LLD/HLD),PoC, Implementation/deployment des solutions réseaux et sécurité
(Routeurs, Switchs, Firewall Next generation, IPS/IDS, SIEM, web filtering,email filtering,content
filtering… ) des different venders: CISCO, Palo Alto,F5 , Juniper, Fireeye,…
 Faire le suivi et le conseil des clients dans toutes les phases du projet
 Fournir le support (niveau 2,3).
 Refontes et assistance des opérations et maintenance.
Ci-dessous les clients Majeur :
 Gouvernements (MoFA Ministre of foreign affaires) : Projet de refonte et sécurisation LAN/WAN
 Banques DIB Dubai Bank : support sécurité
 Universités Qatar fondation : Projet d’implémentation du Firewall Palo Alto (POC, ingénierie,
déploiement et maintenance) et suivi du client pour le design d’un site DR redondant du site principal

Professional experience (more than 7 years):

• From 01/01/2015 to now (1 year):Senior security consultant at HelpAG Corporation (German Service Integrator based on Multi-vendor leader in Security and networking solutions),UAE – Qatar
-Design Solution deployment and support for customers Datacenters in networking security and systems with different vendors: CISCO, F5 (LTM ASM APM), Palo Alto, Juniper, Fireeye, HP.for major UAE and Qatar government/SME.

• January 01/2013to 01/2015 (2 year): Network security design architect at WANA Corporation (French Moroccan Service Provider based on CISCO equipment), Casablanca – Morocco.
Implementation, Support and maintenance of MPLS Backbone based on Cisco equipment :CRS, ASR9000, ASR1000, 6500 series, GSR, 7200 series, 7600 series
- Routing and switching Protocol: ISIS, OSPF, EIGRP,BGP, MP-BGP, MPLS, MPLS TE, LDP, QoS, L2VPN, L3VPN, and AToM.
- Make HLD, LLD and NIP of network and service: backbone IP/MPLS IP RAN Access.
- Handle connectivity within all platforms LTEPS IMS NGN CS and ADSL interconnection and integration into backbone ,
IPv6 integration in INWI Backbone using 6VPE MPLS VPN technology.
Implementation, Support and maintenance of Inwi - IP RAN ring Metro Ethernet Casablanca based on Cisco ASR Routersand Catalyst Switches.
Integration of different IN and VAS platforms (USSD, OCS, UVC, VMS, SMSC…).

Security: test performance and integration of ASA & Juniper SRX firewalls.
Test security of equipment penetration testing by tool IXIA (simulating traffic load attack DDOS, IP spoofing)
Implementation and configuration of VPN Methods
- Site-to-Site IPSec/VPN Remote Access VPN, AnyConnect Full Tunnel, SSL VPN, Full Tunnel IPSec VPN.
- Configuration of zoning and ACL
Implementation of Failover
- Configuration NAT and HA with VIP Gateway for internal Servers
- Integration with redundant architecture HA Failover (LAN and state links).
- Failover Triggers interface Monitoring
- Failover and State Links Configuration Replication
Implementation of Firewall Management Design
- SSH Access CLI
- Access to FW via HTTPS Access for ASDM
Wireless ericsson: configuration of BNG and WIC implementation
LTE : implementation of UGW subscriber concentrator
Work onGGSNequipmentfor PS project(APN Gi Gy Gx )coordination.
NGN VoIP: implementation of SBC equipment and knowledge on IMS HSS device and NGN architecture
DatacenterImplement VSSbetween catalystSwitches and design LLD of NexusSwitchimplementation.
Installation and deploying of F5.


• Huawei From 2010 to 2012 (3 year) Huawei Data Communication Engineer at HuaweiTechnologies, Rabat - Morocco.
Maroc telecom Metro IP Network Project – IAM IP RAN project :
- HSI (High Speed Internet), BTV (Broadband TV), VOD (Video on Demand) and VoIP (Voice over IP), fixed voice service, 2G , 3G and business VPN services integration.
- U2000 NMS monitoring provisioning maintenance for all datacomm equipment
- Technologies used: Working on IP RAN, IP/MPLS, MPLS VPN (Layer-2 & 3), MPLS-TE, MPLS-QoS, NMS, Routing (MP-BGP, IS-IS, OSPF), Multicast, IPv6, Switching, Security, U2000 Software Monitoring, High availability solutions, securing by tacacs and radius AAA

Maroc telecom BRAS (Broadband Remote Access Server) redeployment :
- Provide the technical support for the subcontractor till the final stage.
- Preparing the LLD Migration plan of the BRAS brodband access server.
- Implementation for the migration and testing the triple play: internet, VoIP and IPTV services.
- Preparing the script and cut-over plan.
- Communicate with customer and receive their requirement.
- Supervisory for subcontractor and Handle the configuration for all the Datacom equipments.

Maroc telecom Maintenance Team leader (duty phone handling) :
- Preparing the RFC, upgrade document and implementing new software and patch for the severs Switch and routers.
- Analyzing the existing design and make doc planning using MPLS TE and Carrier’s Carrier solution.
- Daily operation and maintenance for IP-MPLS backbone.
- Give a Support to the NGN, WCDMA, CDMA, IN and the Access Departments to solve their problems that are related to the Datacom Equipment.
- Periodic inspection & health check for network traffic usage
- Responsible for coordinating system upgrade and configuration.
- Responsible for technical communication with Customer for deploying new services.
IPv6 implementation IPv6 in Morocco telecom network.
Training delivery for customer
- Teach and present solution to customer providing training and technical support for the Customer and our company staff.
• Huawei 2008 to 2009(2 year): IP enginner Backbone expansion IP of Meditel.
Installation and deployment of 6 PE routers and following project till acceptance and removing all reserve.
implementation of 2 CX routers and installing NMS network managing system U2000
Training and Product

• ITIL foundation (Valid)
• CISSP (ongoing)
• CEH (Valid)

• Vendor certification:

• CCNP R&S (valid)
• CCNP security (valid)
• CCIE Datacenter written (valid)
• CCIE Lab(ongoing)

• JNCIA (valid)
• F5 ADC 101(valid)
• F5 TMOS 201(valid)
• Palo Alto ACE (Valid)
• Palo Alto PCNSE (valid)
• Vmware: VCP-NV(valid)
• Fireeye junior system engineer (Valid)

• Huawei certification : certificate HCDP huawei certified design professional (certificate of design)
• Training huawei Datacomm and access network in Huawei's regional office in Egypt from du 26th Dec, 2009 to 20th jan,2010
• Products Data IP /MPLS :
RouteurCisco :ASR, CRS, IOS, IOS-XE, IOS-XR.
Huawei :Net Engine core layer routeurs NE40/80/5000E
Firewall : ASA,juniper SRX, Eudemon 1000/500/200.
Accès : IP and ATM DSLAM
BAS : BRAS MA5200G et ME60
Management : Solarwind, Nagios,U2000
DSLAM/MSAN : MA5200T

Technical Proficiencies:
• Networking technologies and models: TCP-IP v4, OSI, IPV6, LAN, WAN, WLAN, ATM, Frame Relay, ETHERNET, MPLS, VIOP/TOIP,QoS, Multicast,IPv6 and IPv4 Coexistence and telecoms network.
• Router Configuration:RIP v1/v2, EIGRP, OSPF, RIPng, EIGRP v6, OSPF v3, BGP,ODR, route filtering and manipulation, redistribution, summarization,IP SLA , PBRand other advanced options.
•
• Switch Configuration:VLANs, private VLANs, DTP, VTP, STP, MSTP, RSTP, HSRP, VRRP, GLBP, Trunking, Etherchannel,Multilayer Switching, Inter-VLAN routing, VACLand other advanced options.
• Network security:Attacks/Prevention, Encryption, AAA, PKI,ACL,Firewall, IPS.
• Datacenter: OTV FCoE Nexus
• Virtual Private Network: VPN IPSec/GRE, MPLS L3 and L2 VPN , VPN SSL.
• Securing networks with CISCO devices (Switchs, Routers, ASAs, PIXs…)
• Wireless Networks (Standards, protocols, deployment and configuration).
• Operating Systems: Windows 7, Vista, XP, Windows Server 2003, Linux Administration..