À propos de Ali
Passionné de Cloud et d'automatisation, j'accompagne mes clients dans leurs projets de migration vers AWS et à instaurer la culture devops ainsi que les bonnes pratiques de gouvernance, sécurité et conformité.
Ayant plus de 8 ans d'expérience en Devops et Devsecops, je suis familier avec le concept d'agilité et je suis en mesure de vous proposer un accompagnement dans vos projets de migration vers le cloud.
Les compétences techniques : AWS - Terraform - Kubernetes - Docker - Gitlab - CI/CD - Architecture Cloud
Français
Bilingue ou natif
Anglais
Capacité professionnelle complète
Accepte de travailler sur site
Paris (jusqu’à 50 km)
Expériences
- Allianz TechnologySenior Cloud Infrastructure EngineerBANQUE & ASSURANCESmai 2023 - Aujourd'hui (3 ans et 1 mois)Paris, FranceAs a Senior Cloud Engineer, I work on ensuring the reliability, security, and scalability of cloud environments. My role encompasses cloud governance, automation, and 24/7 operations, while implementing best practices in Infrastructure as Code (IaC) and privileged access management. I am responsible for:• Defining Privileged Access Management (PAM) strategies, including least privilege policies, AWS Identity Center, IAM Roles Anywhere, and SCP policies at the organizational level.• Defining Non-Functional Requirements (NFRs) and best practices through internal meetups covering new features, migrations, upgrades, and service improvements.• Managing cloud infrastructure documentation and maintaining a knowledge base.• Overseeing 24/7 operations, including on-call duties.• Redesigned the Landing Zone and migrated workloads to a Multi Account architecture.• Implemented a network segmentation strategy with routable and non-routable VPCs.• Developed and deployed centralized Breakout and Breakin services using AWS Network Firewall, Firewall Manager, WAF, and Shield Advanced.• Migrated WAF policies across all environments to Firewall Manager.• Transitioned to AWS Transit Gateway with dedicated routing tables per environment.• Implemented DORA regulatory compliance in the cloud while ensuring robust security practices.. Migrated all on-premise logs from Splunk to Splunk Cloud,• Centralized organizational logging into a dedicated logging account, aggregating logs from CloudTrail, VPC Flow Logs, WAF, CloudFront, proxies, Network Firewall, and Transit Gateway logs.• Enforced regional deployment restrictions outside test periods to ensure failover readiness from Frankfurt to Ireland in case of an attack.• Migrated petabytes of on-premise data to an immutable cloud backup through AWS Direct Connect using Storage Gateway (Tape Gateway), and DataSync.
- Consultant DALKIA - Groupe EDFAWS CloudENERGIEjuillet 2020 - septembre 2021 (1 an et 2 mois)Paris, France• Objective: Contribute to the definition of infrastructure architectures for non-production, pilot, and production environments.• Cloud Resource Management: Ensure the availability, compliance, and security of resources hosted in AWS public cloud.• Consulting and Training: Advise and train DSI stakeholders on AWS Cloud best practices.• Automated Infrastructure Deployment: Use Terraform and Ansible to deploy infrastructures and applications while adhering to Dalkia's standards and DevOps best practices.• Cost Optimization (FinOps): Drive efforts to optimize infrastructure and operational costs.• Migrated existing Cisco routers to the AWS Transit Gateway (TGW). Migrated AWS peering connections, VPN links, and Direct Connect to the TGW.• AWS Landing Zone: Defined and implemented the AWS Landing Zone architecture.• AWS Account Organization: Organized AWS accounts for better governance and management.• Application Migration: Led the migration of applications and cross functional tools from Frankfurt to Paris.• Security Foundations: Defined roles and permissions, integrated with the SOC, and implemented WAF IP whitelist and blacklist.• EKS Architecture: Designed the logical and technical architecture for EKS.• Containerization: Containerized 3 applications and migrated them to the EKS cluster.• SFTP Data Transfer Solution: Implemented a data transfer portal for PMU partners using SFTP Web Client.• AWS, EKS, Kubernetes, ArgoCD, Helm, Docker, ECR, MSK, Logstash, Grafana, Centreon, AlertLogic, Direct Connect, Transit Gateway, Route53, SFTP, Cognito, Terraform, GitLab CI, Packer, Shell & Python scripting, Nexus, Squid, RedHat, CentOS, Jira, Confluence, SAFe, Scrum.• Account Creation: Delivered AWS accounts for new projects while adhering to Dalkia's standards.• Proxy Setup: Set up Proxy and Reverse Proxy across all environments.• AWS Monitoring: Implemented AWS infrastructure monitoring using CloudWatch metrics and Grafana dashboards.
- PMUAWS Cloud & DevOps ConsultantBANQUE & ASSURANCESaoût 2021 - janvier 2023 (1 an et 5 mois)Paris, FranceAs part of the Cloud Center of Excellence (CCoE), a cross-functional team of five experts, the mission focused on:• Cloud Governance & DevOps Culture: Establishing governance policies, promoting DevOps best practices, and ensuring compliance.• Cloud Migration and Implementation: Supporting business domains in migrating and deploying PMU applications on AWS.• AWS Service Advisory: Assisting teams in selecting and integrating the most suitable AWS services.• Compliance & Security: Enforcing security policies, tagging strategies, and cloud compliance.• FinOps & Cost Optimization: Monitoring cloud spending and implementing cost-saving strategies.• Shared Services Management: Overseeing shared services, including Proxy, log collection, monitoring, and performance testing.• AWS Infrastructure Modernization: Designed and implemented best-practice-based cloud architectures with automation & DevOps.• Cisco Router Migration: Successfully transitioned legacy Cisco routers to AWS Transit Gateway.• AWS Network Optimization: Migrated AWS Peering connections, VPN links, and Direct Connect to Transit Gateway.• AWS Account Structuring: Defined and deployed AWS Landing Zone architecture and account organization.• Application & Data Migration: Migrated business applications and tools from Frankfurt to Paris data centers.• Web Platform Deployment: Deployed production-ready frontend and backend applications.• Security & Compliance: Implemented IAM roles, SOC integration, AWS WAF whitelisting & blacklisting.• Disaster Recovery & Backup: Set up backup and restoration solutions, ensuring DRP compliance.• Patch Management: Maintained security patches, AMI updates, and infrastructure modules.• Kubernetes & Containerization: Designed EKS cluster architecture and migrated three applications to EKS.• Data Transfer Solution: Developed a secure SFTP Web Client portal for PMU partners.
Recommandations
Soyez le premier à recommander Ali
Contribuez à la réussite de ce freelance en partageant votre expérience de collaboration avec lui.
Ces profils de freelance correspondent également à vos critères
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4