CV/Mission d'Expert Blue Prism freelance

Exemple de missions de Cao Truong,
Expert Blue Prism habitant les Yvelines (78)

• Hybrid Cloud Architect

  SAUR
  Jan 2025 - aujourd'hui

  Key Responsibilities & Achievements:
  
  Azure Resource Audit & Enhancement
  Conducted a comprehensive audit of Azure resources based on the Azure Well-Architected Framework, focusing on improving key pillars: Performance Efficiency, Cost Optimization (FinOps), Security, Operational Excellence, and Reliability. Implemented targeted enhancements to optimize and align resources with best practices.
  
  Infrastructure as Code (IaC) & CI/CD - Terraform, Terragrunt, Azure DevOps
  Assessed and enhanced the existing IaC model. Proposed and implemented a more scalable and maintainable architecture aligned with best practices.
  
  SSPR Implementation
  Studied and deployed a secure Self-Service Password Reset (SSPR) solution to improve identity and access management.
  
  Cloud Architecture & Project Support
  Provided architectural guidance and technical expertise for various Azure-based projects, such as:
  - Azure Kubernetes Service (AKS)
  - Data Platform: Databricks, Data Factory, Stream Analytics, Event Hub, Power BI,...
  - Monitoring Stack: Grafana, Prometheus, Loki, Tempo, Mimir
  - Identity Management: Keycloak, Entra ID
  - Application Architecture: Microservices, Event-driven systems
  - Security & Networking: WAF, Azure Networking Hub & Spoke, Azure Firewall, Peering, LB...
  
  Identity & Security Collaboration
  Supported the AD & Security teams on IAM and SSO solutions: Active Directory Domain Controller (ADDC), Active Directory Federation Services (ADFS), DNS, PKI, Entra ID Connect & Entra ID.
  
  Workday & Identity Provisioning Integration
  Contributed to the analysis and implementation of Workday integration with Entra ID, Entra Provisioning Agents, Entra ID Connect, and Local Active Directories to automate employee onboarding and offboarding processes, ensuring seamless identity lifecycle management.
  
  On-Premise Infrastructure Support
  Collaborated with technical teams on projects involving VMware ESXi and NetBackup.

  Cloud Architecture, Azure, IaC (Terraform, Terragrunt), CI/CD (Azure DevOps), Kubernetes (Azure Kubernetes Service), Cloud Security & IAM (Microsoft Entra ID, Active Directory), Networking & WAF, Observability (Grafana, Prometheus), Data Platforms (Azure Databricks), Microservices & Event-Driven, FinOps, Hybrid Infra (VMware ESXi), Identity Automation (Workday).

• Cloud Cyber Security & DevSecOps Leader – full time

  ENGIE GEMS
  Jan 2024 - aujourd'hui

  Wrote security policy.
  Developed and provided DevSecOps toolkit and services based on security policy and tools such as Prisma Cloud and ETF4Security.
  Conducted demos to present the DevSecOps toolkit and services to various delivery teams within GEMS.
  Supported various delivery teams in onboarding the DevSecOps toolkit into the CI/CD pipelines (Azure DevOps, GitHub) and remediating identified security issues.

  Security Policies & Rules, Security Governance, RACI & Security KPIs, Cloud Security Standards, DevSecOps, Security Tooling, CI/CD Security Integration, Developer Security Enablement, Security Compliance, Vulnerability Remediation, Prisma Cloud, Azure DevOps, GitHub.

• Co-founder and technical director - part time

  DeepK2
  Jan 2023 - aujourd'hui

  Established cloud governance and foundations: Implemented security governance, naming conventions, tagging policies, and organizational structures, including SSO and Landing Zone deployments across AWS and Azure.
  
  Architected and automated an AI/ML classification pipeline: Developed a solution using AWS SageMaker, Bedrock, Textract, and Lambda to automatically classify documents and extract metadata into target data sources for downstream validation.
  
  Engineered a scalable Data Platform: Designed and automated a modern data stack featuring Airbyte, Apache Airflow, dbt Core, and Apache Superset hosted on Amazon EKS.
  
  Streamlined AI Frontend Deployment: Led the design and automated deployment of a custom AI User Interface (UI) within the AWS ecosystem.
  
  Deployed an Agentic RAG Framework: Architected a multi-cloud Agentic RAG (Retrieval-Augmented Generation) solution across Azure (AI Foundry, AI Search, Document Intelligence) and AWS (Kendra, Textract, Bedrock), integrating SharePoint as the primary Knowledge Base.

  Cloud Governance & Landing Zones, Multi-Cloud (AWS, Azure), SSO & IAM, AI/ML Pipelines, Serverless (Lambda), Amazon SageMaker, Amazon Bedrock, Amazon Textract, Data Platforms, Apache Airflow, dbt Core, Apache Superset, Kubernetes (EKS), AI Applications, RAG Architecture, Agentic Systems, Microsoft SharePoint Integration.

• Cloud, DevSecOps, GitOps Architect & Technical Leader - full time

  Amadeus
  Jan 2023 - Jan 2024

  Audit and Redesign: Conducted an audit and redesign of Cytric's test environment.
  Automated Deployment: Automated the deployment of the test environment on demand into Azure Cloud and OpenShift using a GitOps and DevSecOps approach.
  Tools Used: Utilized ArgoCD, GitHub, Helm, Terraform, Packer, Ansible, JFrog Artifactory, and more.

  Environment Audit & Architecture Redesign, Test Environment Automation, GitOps & DevSecOps, Cloud & Container Platforms (Azure, Red Hat OpenShift), CI/CD & Deployment Automation, Infrastructure as Code (Terraform, Ansible, Packer), GitOps (Argo CD), Source Control (GitHub), Packaging & Artifacts (Helm, JFrog Artifactory).

• AWS & DevSecOps Expert/Architect - part time

  CANON
  Jan 2022 - aujourd'hui

  Advice and Expertise: Provided advice and expertise on network, security, AWS Cloud, and DevSecOps for various Canon projects.
  DevOps Platform: Implemented a DevOps platform, including GitLab Server, GitLab Runners, and SonarQube.
  Git Strategy: Established Git strategies such as Git Flow and trunk-based development.
  CI/CD Pipelines: Set up CI/CD pipelines via GitLab to automate the deployment and testing of Java applications.
  Architecture Design: Participated in designing the hub-and-spokes architecture on AWS.
  Application Design: Contributed to the design of various Canon applications on AWS.
  Microservices Platform: Designed, developed, and implemented a microservices platform for data exchange between Canon and its partners, utilizing Confluence Kafka, AWS Lambda functions, Secrets Manager, S3 buckets, SQS, SNS, Schedulers, DynamoDB, and more.

  Cloud & Solution Architecture (AWS), DevSecOps, Network & Security Architecture, DevOps Platforms (GitLab, SonarQube), Git Strategy (Git Flow, Trunk-Based), CI/CD Automation, Microservices Architecture, Event-Driven Systems, Serverless (AWS Lambda), Messaging & Streaming (Apache Kafka, SQS, SNS), Cloud Storage & Data (S3, DynamoDB), API & Partner Integration.

• AWS & DevOps Expert – part time

  Essilor International
  Jan 2022 - Jan 2022

  TFS Migration:
  Conducted analysis and audit of a large Team Foundation Server 2019 collection hosted in the AWS cloud.
  Performed proof of concept (PoC) and migrated the collection to Azure DevOps.
  The collection consists of approximately thirty projects with multiple pipelines, releases, repositories, and artifacts.
  Refactored and evolved pipelines/releases after migration.

  DevOps Migration & Modernization, Team Foundation Server Audit & Analysis, CI/CD Migration to Azure DevOps, Pipeline & Release Management, Repository & Artifact Migration, CI/CD Refactoring & Optimization, Cloud DevOps (AWS → Azure).

• Azure & DevOps Architect / Expert &ndash part time

  TCS
  Jan 2020 - Jan 2021

  Duties:
  § Collaborated with TCS to analyze, design, and implement an IAM platform (ADDC, ADFS, WAP, MIM) for
  Sonepar US, NL, and HQ in Azure cloud.
  § Set up synchronization between on-premises ADs and Azure AD using Azure AD Connect
  The objective of this platform was to validate the solution before applying it to production.
  § Provisioned all infrastructure using Terraform and Azure DevOps.

• Azure & DevOps Architect / Expert &ndash part time

  Sonepar HQ
  Jan 2020 - Jan 2021

  Duties:
  § Implemented security governance in Azure.
  § Audited, redesigned, and migrated on-premises applications and platforms from Sonepar HQ and Sonepar
  Switzerland to the Azure Hub & Spoke model, including SAGE, Citrix, SAP, and Essbase.
  § Analyzed, designed, and implemented Palo Alto and Wallix solutions in Azure cloud.

• Sonepar HQ

  Azure & DevOps Architect / Expert &ndash part time
  Jan 2020 - Jan 2020

  HQ Foundation Infra project
  § Designed and implemented the Azure "Hub & Spokes" foundation for Sonepar HQ, with the objective of
  migrating the entire on-premises platform (AD, ADFS, MIM, Citrix, SAP, etc.) to Azure.
  § Designed and implemented Site-to-Site and ExpressRoute VPNs (between on-premises and Azure).
  § Designed and implemented the DRP plan (West Europe and North Europe) and conducted tests.
  § Scripted all infrastructure using Terraform and provisioned it through CI/CD pipelines in Azure DevOps

• Technical Director &ndash co-founder of Cloud4Dev

  Cloud4Dev
  2018 - 2021

  RPA Project in SaaS and Expertise:
  § Participated in the development of Robot as a Service offers in Azure cloud (in partnership with
  Humans4Help).
  § Analyzed, designed, and implemented UiPath RPA platforms in Azure cloud. Customers registered for
  this service include Sodexo, Manutan, and Groupe Bel.
  § Set up the solution both on-premises and in the cloud for Fnac Darty, Id Group, and Exane.
  Core Banking with Aviscen:
  § Implemented a PoC: deployed a Rancher platform on AWS to host DevOps tools like Jenkins, GitLab,
  Nexus, SonarQube, and various banking APIs using Java Spring Boot.
  § The APIs manage contracts, customers, equipment, operations, parameters, third parties, accountants,
  and CRM.
  § Deployed infrastructure using Terraform.
  § Deployed applications using Kubernetes YAML files and CI/CD with Jenkins.

• Cloud Project Manager / Cloud (Azure, AWS) & DevOps Expert &ndash full time

  ENGIE IT
  2017 - Jan 2022

  Duties
  § Audit applications hosted on-premise and define an action plan to manage the deprecation of their
  infrastructure (Windows Server 2008, 2010, expensive licenses for Redhat Server, Oracle and
  WebLogic,&hellip), either by retaining them on-premise or migrating them to Azure Cloud.
  § Implemented security governance in Azure.
  § Responded to customer needs regarding web development and cloud hosting.
  § Wrote business proposals.
  § Conducted analysis, design, costing, implementation, administration, and maintenance of infrastructure
  and middleware in the cloud.
  § Implemented CI/CD pipelines using Jenkins, Azure DevOps, and GitLab.
  § Reviewed, defined, and applied best practices regarding security and FinOps.
  Validated and adjusted web application designs to comply with security policies.
  § Conducted source code audits of web applications before approving deployment.
  § Managed projects using Scrum, Agile, and DevOps methodologies.
  § Led and managed teams
  Projects
  § Migrated the Foundation App to Azure Kubernetes Services (AKS): a multi-tier web application for
  Storengy to manage and monitor gas contracts and gas technical distribution sites.
  - Audited the current IaaS and PaaS infrastructure.
  - Wrote commercial proposals.
  - Analyzed, redesigned, and migrated existing applications to AKS.
  - Implemented CI/CD pipelines using GitLab.
  - Updated the infrastructure solution design.
  § Shiny Proxy: Hosted the Shiny Proxy landing page and Shiny Apps R on Azure Kubernetes Service
  (AKS). The Shiny app landing page serves as the end-user web interface, allowing Shiny App R to perform
  calculations and report on ENGIE GREEN&rsquos wind turbine data.
  - Analyzed and designed the solution.
  - Validated infrastructure solution privacy.
  - Wrote the infrastructure solution design.
  - Deployed the infrastructure using Terraform.
  § GitLab Migration:
  - Migrated GitLab from Azure to AWS using Infrastructure as Code with Terraform and Ansible.
  § CAP@TM: A two-tier web application (JBoss, Apache, Oracle server) to manage Eleng's and its subsidiary
  Fosmax-LNG contracts.
  - Audited the current on-premises infrastructure.
  - Wrote the commercial proposal.
  - Analyzed, redesigned, and migrated the on-premises application to Azure.
  - Migrated the Oracle server to an Azure PostgreSQL database.
  - Implemented various pipelines in Azure DevOps for infrastructure construction, middleware
  installation, configuration, and application deployment.
  § BTM: A two-tier web application (WebLogic, Apache, Oracle server) to manage ELENGY LNG terminals.
  - Audited the current on-premises infrastructure.
  - Wrote the commercial proposal.
  - Analyzed, redesigned, and migrated the on-premises application to Azure cloud.
  - Implemented various pipelines in Azure DevOps for infrastructure construction, middleware
  installation, configuration, and application deployment.
  § Feeder Market: A multi-tier web and calculation microservice application in Azure cloud.
  - Conducted an infrastructure security audit.
  - Applied security best practices, including Azure foundation, Azure application gateway (WAF),
  private endpoint, and firewall.
  - Automated the deployment of the solution using Terraform and Azure DevOps.
  - Defined and executed DRP tests in different regions (West Europe and North Europe).
  § Performe 2.0: A three-tier web application (web, API, and database) to record and process data from
  ENGIE group power plants, used for reporting by BI systems in SAP.
  - Wrote the commercial proposal.
  - Analyzed, designed, and participated in the implementation of a full PaaS solution in Azure cloud.
  § Learn Heat: A PHP and Python web application for the calculation and simulation of ENGIE Solutions
  data.
  - Wrote the commercial proposal.
  - Analyzed, designed, and migrated the application from AWS to Azure cloud.
  § AMPERE: An ASP.NET web application with SSRS for managing ENGIE GREEN projects.
  - Wrote the commercial proposal.
  Analyzed, designed, and migrated the application from the public network zone to the private
  network zone in Azure cloud.
  - Wrote technical documentation and ISP/ISD.
  § CARL: An ENGIE GREEN web/mobile platform dedicated to the operation and maintenance of wind and
  solar power plants.
  - Wrote the commercial proposal.
  - Analyzed, designed, and migrated the platform to Azure cloud.
  - Wrote ISP/ISD and technical documentation.
  - Trained the RUN team.
  § Foundation: A platform for centralization, optimization, and supervision of data from all of Storengy's other
  systems (management of alerts, failures, appointments, flows, and excess capacity).
  - Wrote the commercial proposal.
  - Analyzed, designed, and migrated the platform to HA hosting in Azure cloud.
  - Wrote ISP/ISD.
  - Implemented CI/CD pipelines and opened network flows.
  - Trained Cloud & DevOps engineers for RUN activities.
  § PROG@TM: A web application to manage the links between Elengy's LNG terminals and contracts.
  - Wrote the commercial proposal.
  - Analyzed, designed, and implemented the application in HA hosting in Azure cloud.
  - Participated in writing ISP/ISD.
  - Defined the DRP plan.
  - Automated infrastructure with Terraform.
  - Installed and configured middleware.
  - Implemented the CI/CD chain in Azure DevOps for continuous deployment.
  - Wrote technical documentation and opened network connectivity flows.
  - Trained Cloud & DevOps engineers for RUN.
  § RPA GBS:
  - Studied, designed, and deployed RPA Blue Prism to Azure cloud.
  - Wrote ISP/ISD and opened network connectivity.
  - Wrote technical documentation.
  - Provided advice and expertise for implementing various RPA processes.
  § RPA DTR:
  - Studied, designed, and deployed RPA UiPath in Azure cloud.
  - Setup and configure Elastic Search and Kibana to store RPA logs and visualize them.
  - Provided advice and expertise for implementing various RPA processes.
  § Itake: A Docker platform integrated into Teams as a chatbot, allowing consultation of up-to-date CVs of
  all ENGIE group employees.
  - Wrote the commercial proposal.
  - Analyzed and designed a solution in Azure cloud.
  - Automated infrastructure and middleware installation.
  - Wrote technical documentation.
  § OGESID: A web ticketing application in PHP.
  - Analyzed, designed, and migrated the application from on-premises to Azure cloud using Azure
  Migrate.
  METIS: A web application for managing all GEN and BENELUX ENGIE projects.
  - Analyzed, designed, and migrated the application from on-premises to Azure cloud using Azure
  Migrate.
  § Intranet NL Statistics:
  - Implemented a monitoring system for all SharePoint Online intranets from Engie NL in Azure using
  Application Insights.
  § BICOOL: A big data platform for Storengy.
  - Implemented the platform in Azure cloud as a PoC.
  Migrated the platform to Azure cloud.
  § PEO: A web platform to manage on-premises AD, Okta, O365, and on-premises Exchanges.
  - Maintained and monitored the database part of the platform.
  § GROW:
  - Implemented a private network drive (accessible only from the ENGIE network) to store temporary
  NEWCORP entity project documents exported from SharePoint before importing them into
  Salesforce.