Compétences

CONSULTANT Senior

SECURITY ANALYST

+15 years of experience

SKILL SET

Network and Security:

    • Technologies

        • DWDM, V35, X25, ATM, Ethernet, L16 layer 2, WAN.

    • Protocols

        • Spanning-Tree, VLAN, PVLAN, VTP.

        • EIGRP, OSPF, BGP.

        • Multicasting: PIM, IGMPv3.

        • QoS: IEEE 802.1p, RSVP, TCP rate shaping, queuing schemes.

    • Network equipment used

        • Cisco Catalyst (892, 1600, 2800, 2960, 3500, 3750, 3750X, 4500X, 6500, 6807-XL, 7200, 7300, 7600) and Cisco Nexus (1000v, 4005, 5548 and 5600).

    • Security appliances used:

    • Cisco firewall ASA 5510, 5520, 5550 and ASA 5515, 5525 used as VPN concentrators and FirePower feature

      • Apache2 mod_proxy, Squid, SquidGuard, Privoxy, HAProxy.

    • Load balancing

        • F5 BIG-IP 2000, Linux HA.

      • Forensics

        • The Coroner Tool Kit, SANS Investigative Forensics Toolkit – SIFT, The Sleuth Kit, Bulk Extractor, Mandiant RedLine, Xplico.

      • Reversing

        • IDA PRO, radare2, OllyDBg, PEBrowser, ILs Guard, Sysinternals, Hopper disassembler, apktools, apk analyser.

      • Penetration Testing

        • Paterva Maltego, Shodan, BeEF, Metasploit, Aircrack-ng, bettercap, ettercap, johnTheRipper, Nessus, Nmap, wiresharck, tcpdump, Kali Linux, Armitage, BurbSuite, OWASP, SQLmap, SET(Social Engineering Toolkit), Dradis, Shodan, Nikto WebScarabNG, OpenVAS.

      • Intrusion detection and Malware research.

        • HoneyNet project, AlienVault, OSSIM, snort, Bro, tcpdump.


  • Project Management:

        • Project Leadership and Management.

        • Analysis and Risk assessment.

        • Negotiation and diplomatic skills.

        • Writing of the invitation to tender and examination of the intentions for bidding.

        • Change Control Management.

        • Relationship management of providers, integrators and vendors.

        • Solution Design.

        • Cloud, network and security technical expertise.


  • Cloud Computing:

        • IaaS and DaaS architectural design and implementation

        • Xen and Qemu virtualisation

    • VMWare :

        • vCloudDirector, vSphere 5/ESXi (Resource Pool)

    • Storage :

        • NetApp, vFiler.

AREAS

  • Finance

  • Bank

  • Law Enforcement

  • IT Services

  • Telecommunication



EDUCATION BACKGROUND

1998 Siemens Alcatel Matra voice telecom engineer

1999 British Telecom Academia telecom engineer data and voice + Cisco training

2004 Cable & Wireless training Telecom engineer senior security analyst + Cisco training all security products PKI Forensics analysis.


LINGUISTIC SKILLS

French Mother Tongue

English Fluent

PROJECTS REALISATIONS

genuix, Geneva From 01/2014 up to now

Security Consultant, Project Manager

Consultant in Information System Security, for SMEs (Boards, Manager Fortunes …)

Realisations:

Establishing security solutions for mobile and fixed remote access via secure VPNs or leased lines MPLS.

Implementation of web servers for the complete management of web services on linux platforms, including backups outsourced.

Development of a secure and redundant accommodation site.

Management, optimization and integration of computers, Mac and Linux servers in a Windows Active Directory environment.

Full virtualization servers park.

Analysis, consulting and implementation solutions to businesses for IT security.

Pen -Test on request to validate security solutions.


Technical Environment:

Cisco PIX / ASA Checkpoint FW1, Fortinet, Sonicwall, IPtables / PF

Scripting in different language: Perl, Powershell, Python, Bash, Ruby, PHP

Virtualisation : VMware Qemu et Xen

IOS et Android developments et tests.

Forensic tools: The Coroner Tool Kit, SANS Investigative Forensics Toolkit – SIFT, The Sleuth Kit, Bulk Extractor, Mandiant RedLine, Xplico.


Alloa Informatique sàrl, Geneva From 01/2008 up 11/2013

Technical Director

Realisations:

Establishing security solutions for mobile and fixed remote access via secure VPNs or leased lines MPLS.

Implementation of web servers for the complete management of web services on Linux platforms, including backups outsourced.

Development of a secure and redundant accommodation site.

Management, optimization and integration of computers, Mac and Linux servers in a Windows Active Directory environment.

Full virtualization servers park.


Technical Environment:

Cisco PIX / ASA Checkpoint FW1, Fortinet, Sonicwall, IPtables / PF

Scripting in different language: Perl, Powershell, Python, Bash, Ruby, PHP

Virtualisation: VMware Qemu et Xen

IOS et Android developments et tests.

IOS Attack and Defence Workshop at HashDays Switzerland 2012.

ARM and Android exploitation par Stephen Ridley & Stephen Lawler at Insomni’Hack 2013 by SRTC



Genuix, GENEVA From 12/2006 up to 12/2007

Security Consultant, Project Manager

Independent consultant in Information System Security, for SMEs (Boards, Manager Fortunes ...)


Realisations:


Establishing security solutions for mobile and fixed remote access via secure VPNs or leased lines MPLS.

Implementation of web servers for the complete management of web services on Linux platforms, including backups outsourced

Development of a secure and redundant accommodation site.

Management, optimization and integration of computers, Mac and Linux servers in a Windows Active Directory environment.

Full virtualization servers park.

Analysis, consulting and implementation solutions to businesses for IT security.

Pen -Test on request to validate security solutions.

Technical environment:

Network equipment: Cisco ASA 5505 5510 5520 5550 (used as a multi context firewall)

Virtualisation: Qemu et Xen

Protocols: PVLAN, IPVPN, SSL VPN, ISDN, SS7, SIP, IAX, H323


Citovox SA, Geneva From 01/2004 up to 09/2006

Co-Founder

Development promotion and marketing of a complete Voice over IP (VoIP) system bundle based on the Asterisk Open Source Software.

Independent Consultant System Security Information especially for an international organization.


Realisations:

Development promotion and marketing of a complete Voice over IP (VoIP) system bundle based on the Asterisk Open Source Software, sold at 18 time for 8 months.

Technical environment:

Network equipment: Cisco (Routers, switches, load balancers) Cisco PIX/ASA, Checkpoint FW1, Fortinet, Sonicwall, IPtables/PF.

Protocols: MPLS, QoS, SIP, IAX, IP, H323, ISDN, Qsig.

Tools: Asterisk, PHP, Bash, Linux, C, Mysql, Perl, Scripting in different language: Perl, Powershell, Python, Bash.


Cable&Wireless, Geneva From 11/1999 up to 01/2004

Senior Security Analyst

I was in charge of the continental Europe as GNS (Global Network Security) Team member for auditing, monitoring and revising security polices.

Decision-making power on the IDB for the validation of all projects of more than 100, 000 Euros.

Assessment of infrastructure through audits, monitoring reports and recommendations.

Technical environment:

Network equipment: Cisco Router and switch, Cisco ASA, Nokia firewall, Checkpoint FW1.

Protocols: MPLS, EIGRP, BGP, QoS, OSPF, IPSec VPN


British Telecom - Sunrise, Geneva From 04/1998 up to 10/1999

Field Engineer Telecom - Data

My role was to troubleshoot, stabilize and analyse customer needs for voice telecom after the Swiss opened market for whole Switzerland and customer support field engineer data.

Technical environment:

Network equipment: Cisco (routers from 2800 up to the 7500 Series Enterprise Edge Routers and 3560 through 6500 switches, Firewall PIX), Checkpoint.

Protocols: VPN, MPLS, IP, QoS, BGP, X25, SS7, RNIS, PSTN.

THD, Geneva From 12/1996 up to 04/1998

Field Engineer Telecom Voice

My role was to install, troubleshoot and stabilize private branch exchange for Swisscom concession A at customer promises. system for Roissy Charles de Gaulle airport. The system had to be resilient to failure to guarantee high availability.

Technical environment:

Digital Private Branch Exchange Siemens Hicom, EWSD, Matra and Alcatels.

Protocols: RNIS, PSTN, SS7, QSIG.