CV/Mission VANGUARD ADMINISTRATOR freelance

Aperçu des emplois de Hicham,
freelance VANGUARD ADMINISTRATOR habitant le Val-d'Oise (95)

Expérience professionnelle

Cloud & DevOps Architect
Daveo (on assignment at Alten's IT Department)
07/2022 Île-de-France, France
Led a strategic initiative to enhance ALTEN's AI capabilities by integrating Azure AI Foundry, Azure OpenAI, and Azure API Management
into the existing Azure Landing Zone, aligning with the Azure OpenAI Landing Zone reference architecture. This involved the
development of a dedicated AI platform designed to support advanced use cases such as generative AI and cognitive services, securely
exposed through API Management.
Contributed to the evolution of ALTEN’s Azure landing zone by establishing new regional landing zones tailored for specific business
units. These zones leveraged Azure Firewall, Azure vHub, and Azure vWAN for secure, scalable, and governed network segmentation,
while aligning with the latest Azure Cloud Adoption Framework (CAF) and conducting quarterly meetings with Microsoft as part of our
partnership.
Led the deployment of a secure encryption solution using Thales DKE and Thales HSM integrated with Microsoft Compliance Center on
AKS. Managed the DKE Broker on an AKS cluster with Azure Horizontal Pod Autoscaling (HPA) for scalability and double encryption.
Secured public access via Ingress NGINX and Azure Application Gateway.
Refactored and migrated a VMware Horizon environment to Azure Virtual Desktop (AVD), enabling a more scalable and efficient virtual
infrastructure. Developed and executed a comprehensive migration plan, covering assessment, design, and implementation phases,
ensuring seamless transfer of VDI workloads to Azure. The new Azure Virtual infrastructure now supports over 800 users, with the ability
to scale as needed.
Collaborated with stakeholders to analyze existing on-premise NAS configurations, data structures, and access controls to design a
tailored Azure Files and Azure File Sync solution, followed by a coordination and execution of the end-to-end migration process,
including assessment, planning, implementation, and post-migration support (hypercare)
Contributed to the preparation for the ISO 27001:2022 audit as a member of the Cloud Infrastructure & Security (CIS) team. This
involved aligning internal processes with updated information security management system (ISMS) standards, ensuring compliance with
revised control measures, and supporting the documentation and implementation of security policies. Collaboration with cross-functional
teams was key to identifying and addressing potential gaps in cloud infrastructure security, thereby enhancing compliance with ISO
27001:2022 requirements.
Lead Transverse Architect, guiding cross-functional projects and ensuring alignment with architectural goals and solutions.
Technical referent within the CIS entity, providing expertise and guidance on technical matters.
Developed and maintained CI/CD pipelines using tools such as Azure DevOps & GitHub Actions.
Provided technical guidance and support to Team members in adopting DevOps practices.
Implemented infrastructure as code using Terraform reducing manual configuration and ensuring consistent and reproducible
deployments.
Collaborated with Dev Teams to define and prioritize business requirements.
Designed and implemented disaster recovery strategies for organization's cloud environments, minimizing downtime and ensuring
business continuity.
Worked closely with cross-functional teams to identify and resolve technical issues, ensuring smooth and efficient project delivery.
Collaborated with cross-functional teams to automate the deployment of microservices using Azure AKS, resulting in faster and more
efficient application scaling.
Implemented monitoring and alerting systems using Prometheus and Grafana, allowing for real-time visibility into system performance
and proactive issue resolution.
Working closely with Transition Manager to prepare the yearly roadmap.
Led the migration of a legacy application to a containerized environment.
Implemented a centralized logging and monitoring system using ELK stack and Dynatrace, enabling real-time visibility into application
performance and troubleshooting
Provide L3 support for the Dev teams.
Spearheaded the adoption of Move-To-Cloud strategies, orchestrating the seamless migration of on-premises infrastructure to cloudbased solutions.
Technical Stack: Azure, Azure AVD, Azure DevOps, Azure AI Foundry, Azure Cognitive AI, Azure Firewall, Azure API Management, Azure
vHUB, Azure vWAN, Azure ExpressRoute, Windows 365, AWS, GCP, Kubernetes, Helm, Argo CD, Prometheus, Grafana, Lens, Kubesec, Trivy,
Falco, Apparmor, Kube-Bench, Terraform, Ansible, GitHub Actions, AKS, VMware, Thales DKE, Debian, Ubuntu, RedHat, FinOps.

Senior Systems and Infrastructure Engineer
Thales
02/2017 – 06/2022 Île-de-France, France
Developed and implemented a disaster recovery plan, ensuring business continuity in the event of system failures.
Implemented a centralized logging and monitoring system based on VMware vRealize Operations (vROPS) and Log Insight , improving
troubleshooting capabilities and reducing incident response time
Developed and executed a server consolidation project, reducing the number of physical servers in DataCenter
enhance system reliability and performance, providing real-time insights and contributing to improved decision-making processes.
Managed OnPremise DataCenter operations overseeing 20 racks based on 3 virtualizations Platform, ~400TB of storage and over 700
VMs
Successfully orchestrated the migration of VMware vCenter from version 5.5 to 6.5, enhancing overall system efficiency and
compatibility.
Led the design and deployment of a sophisticated HCI infrastructure based on Dell PowerEdge R640 4 LFF clusters, Nutanix Prism
Central, and VMware ESXi to cater to the specific needs of clients in Doha and Dubai.
Setup and optimization of the SCCM 2016 infrastructure, including the creation of master images, ensuring a robust and scalable
configuration.
Played a pivotal role in the architectural design of DaaS/vGPU for the R&D framework of ML/AI projects, utilizing Citrix Virtual Desktop,
Dell PowerEdge R740 XD cluster with Nvme SSD, and Nvidia V100 cards.
Design & integration of ArcServe UDP - AWS hybrid backup architecture for Offsite replication
Deployed AWS services, including EC2, S3, RDS, VPC, and AWS Backup
Led the successful migration project from McAfee ePolicy Orchestrator (ePO) version 5.1 to 5.9, ensuring seamless transition and
improved security management capabilities.
Implemented MoveToCloud strategy, facilitating the transition of security infrastructure to ePO Cloud - MVISION ePO
Designed and implemented robust monitoring solutions based on Zabbix and Grafana
Demonstrated leadership by overseeing the recruitment and training of work-study students/consultants, fostering a skilled and
knowledgeable team to support ongoing projects.
Collaborated with vendors to negotiate contracts and reduce infrastructure expenses
Designed, deployed, and managed virtual machines (VMs) in Microsoft Azure to support the company's infrastructure needs.
Implemented and configured site-to-site VPN connections, establishing secure and reliable communication between on-premises
DataCenters and Azure cloud environments.
Orchestrated Kubernetes deployments for containerized applications, optimizing scalability and resource utilization.
Set up Kubernetes clusters on-premise
Managed access control and identity services in Azure Entra ID
Developed and maintained Azure Resource Manager (ARM) templates for infrastructure as code (IaC) deployments
Collaborated with cross-functional teams to architect and deploy Azure App Services for hosting web applications
Conducted regular security assessments and implemented best practices for securing Azure resources, including network security groups
(NSGs) and Azure Security Center.
Participated in the planning and execution of Entra ID integration projects, enabling seamless single sign-on (SSO) experiences for endusers.
Provided expertise in Azure cost management, optimizing resource utilization and recommending cost-effective solutions.
Technical Stack: Azure, AWS, Citrix, Nutanix, Kubernetes, Azure AKS, VMware VCenter, VMware vRA / vRO, EMC VNX, VMware vRops,
Redhat 6, 7 & 8, Veeam Backup & Replication, ArcServe UDP, TrueNAS

Systems and Infrastructure Engineer
Capgemini
07/2015 – 01/2017 Casablanca-Settat, Morocco
Participation in the study and implementation of new technologies
Writing operating documents, architectural diagram and Service Delivery Offers for final integration with ServiceNow service catalog
Migration of VCenters from v5.5 to 6U1
Migrating VMware vRA 6.0.2 and vRO 6.0.2 appliances to version 6.2.2
Linux Rationalization project based on the Ansible Tower solution for managing Linux VMs
Creation of VMware Orchestrator Workflows for Automation needs
Operation and maintenance in operational condition of the VMware virtual infrastructure:
~ 4500 VMs, 123 Hosts, 20 Clusters, 5 VCenters, spread a cross 3 Sites (Paris, Rennes, Toulouse)
Providing Level 3 infrastructure support
Processing change requests at the infrastructure level
WSUS administration: Deployment of security patches and weekly reporting
Vulnerability analysis of Windows, Linux and Unix Systems using Qualys Enterprise
Handling Fast Provisioning VM incidents on the VMware vRealize platform
Preventive monitoring of virtual infrastructure from the PRTG portal
Curative monitoring of virtual infrastructure from the VMware vRops portal
Participation in the half-yearly DRP established by the group
Technical Stack: VMware VCenter, VMware vRA / vRO, Service-Now, EMC VNX, VMware vSphere Replication, Qualys Enterprise, PRTG,
VMware vRops, Ansible Tower, SaltStack, Redhat 6, 7 & 8, SpaceWalk

Systems & Network Administrator
BNP Paribas
10/2012 – 06/2015 Casablanca-Settat, Morocco
Performed regular sy...