Kamel Boumaza

I have been working for 15 years in the field of networking and security in the on premise and cloud part.

✓ 09-2019 / Today: Architect/Engineer Network and Security« Rimowa » LVMH Group

Management of teams in the US/EMEA/Japan/Brazil
Architecture, analysis, study and technical expertise responding to the various issues related to the current environments and/or the deployment of new environments in the world (US/EMEA/ASIA).
Creation of calls for tenders/selection of service providers/budget preparation and submission.
Project manager/monitoring and implementation of technical exchanges with providers and partners
Creation of technical architecture files.
Update and corrections of the architecture files (HLD, LLD)
Manage the processing of level 3 incidents received by the operations unit with a specialization in network and security incidents (On Premise and Cloud)
Analysis and treatment of problems on the network and security perimeters
Communication with the customer on the progress of projects and incidents in progress
Implementation of projects: technical engineering, participation in deployments, migrations and application productions
Implementation/Configuration on Azure and GCP of Expressroute, Virtual Network, Virtual Network Gateway, Application Gateway, NSG, Load Balancer, Firewall, Peering, Route and BGP
Point of contact for the management of interconnections to the ATT/LVMH MPLS MAN
Deployment of Meraki, Fortinet, Palo Alto, Aruba Wifi and Switch on remote sites (stores and factories)
DNS, DHCP deployment for new sites
Renewals and integration of new certificates
VPN configuration in BGP between Palo Alto and Azure
BGP VPN configuration between Palo Alto and GCP
Architecture, configuration and deployment of Fortinet "Multi Hub" On premise/Azure/Aliyun SDWAN
Architecture, configuration and deployment of the FortiManager, creation of Policy Packages specific to the different SDWAN profiles and deployment of Spoke
Architecture, configuration and deployment of ISE
Deployment of new Palo Alto Azure firewalls (in Powershell)
Debugging of Zscaler world ZIA/ZPA issues
Cisco Meraki and Aruba router/switch/wifi configuration
POC SDWAN Cisco Viptela/Cisco Meraki
Pulse Secure architecture, configuration and deployment

Zscaler ZPA architecture and expertise mission

Follow-up of the deployment of applications under ZPA

Decommissioning of the old Pulse Secure platforms

Implementation of functionalities (Browser Access, RBAC)

Implementation of Dynatrace
 

Technical Environment LAN, MAN, WAN:

LoadBalancer F5 LTM/ASM

Cisco Meraki/Aruba switch and router

Firewall Fortinet, Palo Alto, Juniper

Manager FortiManager, Panorama

Proxy Zscaler

Wifi Cisco Meraki/Aruba

VPN Pulse Secure

DNS (Infoblox, Microsoft)

Cloud Azure/Orange/GCP/Alibaba

Solarwinds/Tufin

Cisco ISE

ServiceSnow/Jira ticketing

✓ 01-2017 / 09-2019: Architect/Engineer Network and Security« Thales » Elancourt

Architecture, analysis, study, and technical expertise answering the various problems related to the current environments or/and to the deployments of new environments in the world.

Migration project to a new Nexus 7k/5k/2k BGP infrastructure with all the issues related to the integration of new Juniper Firewalls

Creation of technical architecture files.

Update and corrections of the architecture files.

Management of the treatment of level 3 incidents received by the operation cell with a specialization on the incidents of the network and security perimeter

Analysis and treatment of problems on the network and security perimeters

Communication with the customer on the progress of projects and incidents in progress

Realization of projects: technical engineering, participation in deployments, migrations and implementations of applications, organization of knowledge transfers on the technical environment mentioned below.

Technical Environment LAN, MAN, WAN :

LoadBalancer F5 LTM/ASM

Cisco NEXUS 9K, 7k, 5K, 2K (VDC, VPC, Fabric-Path, FC)

Cisco ASR9K

Cisco Catalyst 6500/6800 en VSS, 3560, 3750, 2960

Juniper MX-Series

Firewall Stormshield, Fortinet, Palo Alto, Juniper SRX et SSG, Forcepoint, ASA Firepower

Proxy Bluecoat

Wifi WLC Cisco

Juniper SA, Riverbed

Cisco ISE

DNS (Infoblox, UNIX)

​Tufin

✓ 05-2015 / 12-2016: Network and Security Engineer « Group Amazon » San Francisco / New York

Analysis, study and technical expertise in response to the various issues related to current environments and/or the deployment of new environments in the world.

Validation of architecture and feasibility files.

Creation of technical architecture files.

Updating and correcting architecture files.

Management and processing of level 3 incidents, mainly on Datacenters based in Europe and Asia.

Advice and assistance on technical projects.

Creation of documentation, procedures, and operating files for the MCO teams

​Manufacturer training 1/2 day per week​

​

Technical Environment LAN, MAN, WAN :

LoadBalancer F5 LTM/ASM/APM/GTM/LC

Cisco NEXUS 7k, 5K, 2K (VDC, VPC, Fabric-Path, FC)

Cisco ASR9K, ASR12K

Cisco Catalyst 6500/6800 en VSS, 3560, 3750, 2960

Juniper MX-Series

Firewall Checkpoint, Fortinet, Palo Alto, Juniper, Cisco

Proxy Bluecoat, HAProxy

Wifi WLC Cisco

Juniper SA, Riverbed

Cisco ACS (Radius)

DNS (Infoblox, Unix)

✓ 03-2014 / 04-2015: Network and Security Engineer at « GDF Suez IT »

Analysis, study and writing of architecture and technical expertise files responding to the different problems linked to the current environments and/or to the deployment of new environments.

Configuration, migration, upgrade of new environments in line with the "IT 2020 project" with the implementation of backup plans in case of failure due to hardware, architecture, or other issues.

Manage the processing of level 3 incidents received by the operations unit with a specialization in network and security incidents

Analysis and treatment of problems on the network and security perimeters

Communication with the customer on the progress of projects and incidents in progress

Implementation of projects: technical engineering, participation in deployments, migrations and implementation of applications, organization of knowledge transfer.

Updating and correcting architecture files.

Technical Environment LAN, MAN, WAN :

LoadBalancer F5 LTM/ASM, Nortel Alteon

IBM Websphere Datapower

Cisco NEXUS 7k, 5K, 2K (VDC, VPC, Fabric-Path, FC, FCoE en test)

Cisco ASR9K

Cisco Catalyst 6500 en VSS, 3560, 3750, 2960

Firewall Checkpoint (R77), Fortinet, Palo Alto, Cisco ASA FWSM, Juniper

Proxy Bluecoat

Administration tools NSM Juniper, Panorama Palo Alto, Checkpoint

Wifi WLC Cisco

Juniper SA (SSL)

Cisco ACS (Radius)

DNS (Infoblox, Efficient IP)

Splunk

✓ 01-2013 / 02-2014: Network and Security Engineer at« Banque de France »

​Study, architecture, expertise, design, deployment, and operational follow-up

​Creation of technical documentation, general specifications, instructions.

Updating and correction of architecture files.

Migration and creation of new architectures (hardware, new addressing plans, conf...)

Migration of applications on new architecture in correlation with the application and project teams

OSPF/BGP routing, flow opening, load balancer configuration, validation test, acceptance report, backtracking in case of failure, targeting the inconsistencies due to this failure, proposal of workaround and/or solution due to the functioning problems of some applications

Level 2 and 3 support on all production and integration equipment of the technical environment.

Advice and assistance on technical projects

Creation of technical architecture files.

Creation of documentation, procedures, and operating files for the MCO teams

Support for the resolution of level 2 and 3 incidents

Creation of VPN links between the different sites and partners for banking data exchanges.

Technical Environment LAN, MAN, WAN :

Reverse Proxy F5 (LTM/ASM/LC/GTM)

Cisco NEXUS 7k, 5K, 2K (VDC, VPC, Fabric-Path, FC, FCoE)

Cisco Catalyst 4500 en VSS, 3560, 3750, 2960

Extreme Networks, Nortel ERS

Firewall “Palo Alto 4020, 4050”, “Juniper” (Netscreen,SSG,JunOS), “Netasq”,

POC Checkpoint (R75), Fortinet

Cisco ASA/PIX

Proxy Bluecoat

Administration tools NSM Juniper, Panorama Palo Alto

Wifi ARUBA

✓ 05-2011 / 12-2012: Network and Security Engineer at« QUANTIC » for la MSA

Study, Design, Deployment and Operational follow-up of the network architecture of the "MSA".

Creation, update and correction of architecture files.

Support for the resolution of level 2 and 3 incidents

Advice and assistance in technical projects networks and voice.

Creation of technical documentation, general specifications, instructions.

Architecture migration.

​Support and troubleshooting on Cisco, Nortel, HP Procurve switches and routers (level 2 and 3)

​Configuration and support on VPN Netasq, Nortel Contivity, Cisco PIX/ASA, Checkpoint, Juniper SSG

​Integration of Cisco 6500 in VSS cluster

​Juniper SSG cluster integration

​Datacenter relocation

​Integration of Cisco ACS Tacacs.

​Migration of CSS Loadbalancers to Cisco ACE.

​Studies and creation of network models in laboratory.

​Migration of architecture.

​Report of studies and analyses > proposal of solutions of a configuration order or/and architecture. (Project)

Environment LAN/MAN/WAN
Protocol skills: VPN IPSEC, OSPF, BGP, NAT/PAT, HSRP/GLBP, SNMP, ACL, 802.1Q, MPLS

Technical Environment:
Network (CISCO 29xx, 37xx, 65XX en VSS, Nortel 55XX, 86XX), 
Sécurity (Firewall Juniper), 
VPN IPSEC Nortel Contivity
F5 LTM
Qos Streamcore
Aruba Wifi Controller
DNS Infoblox

✓ 07-2009 / 04-2011: Network and Security Engineer at « SPIE Communications »

​Responsible for a team of 4 people.

​Supervision of the people and cases managed by each person.

​Support and troubleshooting on Cisco, Nortel, HP Procurve switches and routers.

​Configuration and support on VPN Netasq, Nortel Contivity and Alteon, Cisco PIX/ASA, Checkpoint,

​Bluecoat Proxy

​Studies and creation of network models in laboratory.

​Architecture migration.

​Report of studies and analyses > proposal of solutions of an order configuration or/and architecture.

​Activity report.

​CRM Clarify.

​On-call duty.

​Cisco ToIP concepts

✓ 09-2008 / 04-2009: Network and Security Engineer at « APX Getronics » for « Ministère de la Santé »

​Responsible for the network team of the information manager (3 people). Definition of the tasks of each person.

​Weekly meeting with the customer to define the problems and the evolution of the network.

​Studies, preparation, and realization of PRA (power failure, fire...).

​"Troubleshooting of routers and switches Cisco 6500, 4500 and Nortel 8300, 8600.

​Configuration of filtering rules on Netasq Firewall.

​DNS declaration. Configuration on Reverse Proxy (Beeware, Foundry), Loadbalacing Nortel Alteon.

​Configuration of IPsec VPN (Nortel Contivity),

​Basic configuration of Bluecoat Proxy.

​Study and implementation of a monitoring tool (Zabbix).

​Reversibility with the new outsourcing.

​Writing of documentations and procedures.

​Network support.​

​User assistance.

​On-call duty.

Technical Environment:

​Serveur UNIX HPUX, Linux Red Hat, Windows 2003

​Applicatifs sur Unix

​Middleware Weblogic

​SGBD Informix

​Switch et routeur Cisco et Nortel

✓ 10-2007 / 08-2008: System and Network Administrator at« 1000Mercis »

​Creation of mailboxes and routing of mailings.

Configuration and troubleshooting of Cisco routers and switches

Windows 2k3 network administration (active directory) and Gentoo Linux (internal network and production)

Installation and configuration of Vmware ESX

Studies and evolution of the network architecture.

Study on the transition of the network from IPV4 to IPV6.

​Development project of a C socket server and mail client.

​Technical Environment:

​Serveur Linux Gentoo, Windows 2003

​Applicatifs sur Linux

​SGBD SQL serveur 2005

​Switch et routeur Cisco

✓ 12-2006 / 09-2007: System and Network Administrator at« Adviseo »

Study and implementation of a GroupWare (Obm, SugarCRM, EGroupWare), an IP Telephony server under Asterisk.

Backup on tape. Study for the implementation of "Steam" game servers.

Study for the implementation of a Radius authentication server under " FreeRadius ".

Configuration and troubleshooting on Cisco 6500 Passport.

​Technical Environment:

​Serveur Linux Ubuntu et Debian

​​Virtualisation Xen et LVS

​Applicatifs sur Linux

​SGBD SQL Server 2005

​Routeur Cisco 6500

✓ 07-2005 / 09-2006 : System and Network Administrator at« Enfants Réfugiés du Monde »

Exchange mail administrator,

Backup Veritas Backup Exec 10,

Creation and administration of new accounts (Active Directory).

User support, maintenance. Migration from Win2000 and Exchange2000 to 2003.

✓ 07-2004 / 08-2004: IT deployment with SCC within the Crédit Agricole du Sud Ouest.

​Installation and configuration of new printers. Installation and configuration of new workstations

✓ 06-2004: Hardware and software technician at CROUS in Toulouse.

 ​Network administration. Installation and configuration of new computers. PC maintenance.

✓ 2006/2008​Cycle Ingénieur 2ème et 3ème année (Master1 et Master2)

​​Option « Ingénierie des Systèmes, Réseaux, Sécurité ». ESGI Paris

✓ 2005/2006​Licence Professionnelle Réseaux et Télécommunications ISDRN

Option « Administrateur Réseaux ». IUT de Vélizy.

✓ 2002/2005​BTS informatique de gestion option administrateur de réseaux.

Lycée « Ozenne », Toulouse et Lycée « Marie Curie » Tarbes.

✓ 2000/2001​Baccalauréat scientifique. Lycée « Marie Curie » Tarbes.