Paris, Île-de-France, France
Head of Infrastructure & Cybersecurity, I lead and secure complex IT environments in international and multi-cloud contexts, driving Move to Cloud initiatives, infrastructure modernization, and IT transformation programs that deliver measurable business impact. I define and implement IT infrastructure and cybersecurity strategies that ensure reliability, scalability, resilience, and compliance (ISO 27001, NIS2, GDPR), while enabling business growth, innovation, and operational excellence. With a strong technical and strategic foundation in cloud architecture, multi-cloud operations, network modernization, and cybersecurity, I align and guide technical teams, executive leadership, and strategic partners to deliver IT programs and transformation projects that directly support business objectives.
- Define and drive global IT infrastructure & cybersecurity strategy, aligning with business objectives, compliance (ISO 27001, NIS2, GDPR), operational excellence, and ITIL best practices. - Lead IT transformation programs, including Move to Cloud, cloud modernization (Azure, Alibaba Cloud), network design, and infrastructure security, ensuring alignment with business priorities and measurable ROI. - Oversee and coordinate strategic partners: Capgemini India (Azure CSP) and Orange Cyberdefense (managed SOC), ensuring SLA adherence, risk management, and robust security posture. - Manage and mentor internal IT team (3 engineers), promoting operational excellence, skills development, accountability, and continuous improvement. - Drive secure, high-performance operations leveraging Azure, Cisco Meraki, Palo Alto firewalls, Prisma Access; implement Zero Trust & SASE, Infrastructure as Code (Terraform, ARM templates), CI/CD pipelines, automated patching, backups, monitoring, and ITIL-aligned incident, change, and problem management. - Implement cloud governance, cost management (FinOps), and KPIs to ensure efficient, compliant, and optimized global IT operations. - Deliver reliable, resilient, and secure IT services that generate measurable business impact worldwide, supporting scalability, business continuity, and continuous improvement according to ITIL principles.
- Cloud Security Audits: Identifying vulnerabilities and risks in IaaS/PaaS resources (Azure/AWS), including CSPM with frameworks like CIS, NIST, DORA... - Cloud Remediation: Analyzing impact and feasibility of corrective actions. - Cloud Resource Hardening: IAM management (RBAC, least privilege, conditional access, PIM), network control, encryption and traceability. - Data Security: Auditing and configuring cloud resources according to business requirements. - Governance & Compliance: Ensuring compliance using Azure Policy and AWS Config. - DevSecOps: Static analysis of repositories (SAST), build (image scanning), and runtime monitoring of Kubernetes for vulnerabilities and threats along the development lifecycle. - WAF Security: Protecting web applications against OWASP Top 10 risks, tuning rules, DoS/DDoS, CAPTCHA. - CNAPP Solutions: Managing security posture with tools like WiZ, Tenable, Qualys, Crowdstrike, and frameworks (CIS, NIST, DORA, ISO/IEC 27001). - XSOAR Palo Alto: Monitoring and managing security incidents. - DevOps Approach: Continuous integration and delivery with GitLab, Terraform IaC, and CI/CD automation for secure and controlled deployments.
Move 2 Cloud (M2C) Project - Design and deployment of a hybrid cloud infrastructure (Branch Office + Azure cloud) based on Azure Local. - Migration and consolidation of 200 servers and 300 TB of data from legacy data centers to the public cloud. - Integrate key Azure technologies including Azure ARC, Azure File Sync, Azure Backup, Azure Site Recovery, and Azure Monitor. - Deploy Azure Local Cluster (Hyper-V, Azure Layer, S2D) for hyper-converged solutions, offering improved resiliency and performance by integrating compute, storage, and networking in a single platform. - Design and implement a Disaster Recovery Plan (PRA) using AFS and Cloud Tiering for the 300TB filer synchronization to Azure. - Automate VM deployment on-site using PowerShell scripts and SCCM Task Sequences. - Manage the Azure tenant and governance, including Azure Policy, RBAC, TAGs, and Azure Lighthouse B2B. - Establish and maintain a Global Network architecture with Hub & Spokes topology (NVA, UDR, ExpressRoute, VPN, NSG, Peering). - Manage Azure Governance & Compliance, including Azure Policy, RBAC, TAGs, and Azure Lighthouse B2B. - Develop and execute a data migration strategy for 140 TB using Robocopy, AFS, and Cloud Tiering. - Conduct cost evaluations (OpEx, CapEx, TCO, ROI, FinOps, Budget, Azure Reservations). Additional Achievements - Conducted an asset audit and implemented a CMDB (ITAM). - Automated business workflows using Zapier.
- Installation, Administration, and Maintenance of Network Infrastructure - In charge of evolving the Information System - Management and Maintenance of Active Directory - Scripting (batch, vbs, PowerShell...) / GPO - Server Administration (KMS/FILER/DC/SPOOLER...) - Hyper-V High Availability Cluster with SAN Infrastructure - Implementation and Administration of various solutions (FOG, Zabbix, Internal WSUS...) - Implementation and Administration of various technologies (Spanning-Tree, VTP, LACP, Fail2Ban...) - Management of IT Assets with GLPI and its OCS Inventory Database (+LDAP) - Documentation - Level 1 Support (Helpdesk, Machine Deployment via golden image, NTFS Permissions...) - Server Management (Hypervisor, Storage Cluster, SAN, NAS, Intranet/Extranet Applications...) - Security Management (StormShield, Anti-Virus, BackUp...) - Network Access (MPLS, LAN, Wi-Fi, VPN, NAT/PAT...) - Migration of Physical Machines to a Hyper-V Cluster (P2V) - Backups with Veeam, and on Magnetic Tapes - Experimentation with Docker Solution (Containers)