Description

Architecte Azure et Platform Engineer

J'ai 8 ans d'expérience en tant que Architect Azure & Platform Engineer, je me spécialise dans la conception, le déploiement et l'optimisation d'infrastructures cloud sur Azure.

J'accompagne mes clients dans la mise en place de solutions robustes et scalables, alliant sécurité, performance et innovation.

1. Mettre en place des Azure Policies (Deploy If Not Exist, DenyDelete, Modify) sur les managements groups avec le framework CAF.

2. Mettre en place et configurer PIM, MFA pour les accès métiers et socle (terraform modules, github actions).

3. Conception et gestion d’architectures réseau (vWAN, VPN Gateway, Private Link, Private Endpoint, Route Tables, NSG, Azure Firewall).

4. Sécurisation des workloads : WAF, Application Gateway, Defender for Cloud.

5. Mise en place de solutions de disaster recovery (SQL Failover, Cosmos DB Failover, Azure Front Door multi-régions).

Architecture & Design

Conception d'architectures cloud Azure complexes (Landing Zone, Hub & Spoke, VWAN)

Design de solutions de sécurité et conformité (Azure Policy, RBAC, PIM)

Architecture de solutions de sauvegarde et disaster recovery

Conception de pipelines CI/CD et stratégies DevOps avancées

Automatisation & Infrastructure as Code

Développement de modules Terraform/Terragrunt pour déploiements multi-environnements

Création de pipelines GitHub Actions/Azure DevOps pour l'automatisation complète

Scripting avancé (PowerShell, Python, Go) pour l'automatisation opérationnelle

Kubernetes & Containerisation

Déploiement et gestion de clusters AKS avec sécurité renforcée

Création d'APIs microservices avec Helm Charts et Docker

Implémentation de solutions de monitoring (Prometheus, Grafana)

FinOps & Optimisation des Coûts

Analyse et optimisation des coûts cloud (réduction de 10k€/mois démontrée)

Implémentation de solutions de lifecycle management

Création de dashboards de monitoring des coûts avec KQL

Stratégies d'optimisation environnements Dev/QA

Domaines d’expertise

Langues

Français
Bilingue ou natif

Préférences en matière de lieu de travail

Accepte de travailler sur site

Paris (jusqu’à 50 km)

TotalEnergies
Azure Solution Architect / Platform Enginee
ENERGIE
janvier 2023 - Aujourd'hui (3 ans et 5 mois)
Paris, France
Improving and managing Azure Platform based on the Azure Landing Zone framework (CAF).

• Designing and building a new Network Architecture using Azure VWAN (Azure Route Server, BGP, Indirect

Spokes).
Governing the platform using Azure Policies, Azure Custom RBAC roles and Privileged Identity.
Designing and building an Azure Kubernetes Service cluster exposed by a Front Door Premium and Private Link Services for
platform microservice APIs hosting.
Deploying APIs using Kubernetes deployment with Helm Charts and Docker Images.
Deploying new platform components using Terraform with Terragrunt layering and Terraform CDK
Automatization of all platform components deployment using GitHub Actions
Designing and implementing the deployment of the Private DNS Resolver for On-Premise servers’ resolution
Designing and implementing work around to overcome Azure limitations or services specificities: SPN Federation, Azure Policy Definition Set
Designing and implementing Azure Automanage Machine Configuration to Update EDR (Endpoint Detection Response) configuration profile
Implementing a monitoring and alerting solution using Prometheus exporters and Grafana dashboards

Deploying and configuring SQL Server Failover and Cosmos DB Failover as a Disaster Recovery Solution
Define and implement observability and resilience mechanisms by interacting with all TotalEnergies IT entities
Define data backup and application restoration mechanisms.
Github Actions Microsoft Azure Microsoft Entra ID Networking Terraform Cloud
AXA en France
DevSecOps Engineer
février 2021 - décembre 2022 (1 an et 10 mois)
France
Integrate the Security OPS team in order to conduct studies, the development of scripts, the integration and deployment of the latter on all environments as part of the resource security plan on Azure Cloud.
Performed Tasks:
DevSecOps and Automation Engineer inside Azure environment.
• Create Azure Policy Definition to describe and control resources compliance.
• Assign Azure Policy Definitions to Azure scubriptions Scope.
• Create Powershell Script to automate the creation and assignment for azure policy.
• Enable Https for all Azure Storage Account, Azure Functions and AzureApp Service using PowerShell
o scripts and Azure DevOps release pipeline.
• Enable Firewall for Azure Storage Accounts, Azure SQL Servers, Azure Key Vault and Azure Cosmos DB
o using Powershell script and Azure DevOps.
• Configure Azure Private Endpoint to secure communication between App Service Environement (ASE)
o and Azure Key Vault.
• Design a solution for Update Management using Azure Log Anaytics Workspace and Automation Account.
T-Systems International
Azure Architect Engineer
avril 2019 - janvier 2021 (1 an et 9 mois)
Design a new pattern for Azure resources backup and for Ensuring privately access services on the Azure platform.
Performed Tasks:
• Design a new solution for the Azure Data Lake Gen2 Monthly Backup and Restore with Azure Data Factory: o Create a Proof of Concept to backup the ADL to An Immutable Azure storage unsig ADF.
o Test the solution and ensure there is no downtime during the backup process.
o Create Gitlab CI/CD pipeline to run the automated solution.
o Create Terraform Modules to deploy the solution to Azure Infrastructure:
▪ Create Immutable Azure Blob Storage.
▪ Load the existing Azure Data Lake Gen2 using Data source.
▪ Create an Azure Data Factory.
▪ Create Linked Services for the Blob and ADL Storage.
▪ Secure the connection between Azure Data Factory and the Linked services using Managed
Identity.
▪ Create Azure Data Factory datasets for the Blob and ADL storage.
▪ Create ADF pipeline for the backup based on the Copy Activity.
▪ Create ADF pipeline to restore the data from the Blob storage.
▪ Create Schedule trigger to run the pipeline on the last of each month
▪ Create Terraform workspaces for each environment.
▪ Create vars.tfvars files for each environment.
o Create the Technical Architecture Document: Architecture and the explanation document.