Compétences

CONSULTANT
Senior

SECURITY
ANALYST

+15
years of experience

SKILL
SET

Network
and Security:

• • Technologies

    • DWDM,
      V35, X25, ATM, Ethernet, L16 layer 2, WAN.

  • Protocols

    • Spanning-Tree,
      VLAN, PVLAN, VTP.

    • EIGRP,
      OSPF, BGP.

    • Multicasting:
      PIM, IGMPv3.

    • QoS:
      IEEE 802.1p, RSVP, TCP rate shaping, queuing schemes.

  • Network
    equipment used

• Cisco
  Catalyst (892, 1600, 2800, 2960, 3500, 3750, 3750X, 4500X, 6500,
  6807-XL, 7200, 7300, 7600) and Cisco Nexus (1000v, 4005, 5548 and
  5600).

• Security
  appliances used:

• Cisco
  firewall ASA 5510, 5520, 5550 and ASA 5515, 5525 used as VPN
  concentrators and FirePower feature

  • Apache2
    mod_proxy, Squid, SquidGuard, Privoxy, HAProxy.

• Load
  balancing

• F5
  BIG-IP 2000, Linux HA.

• Forensics

  • 
    The
    Coroner Tool Kit, SANS Investigative Forensics Toolkit – SIFT,
    The Sleuth Kit, Bulk Extractor, Mandiant RedLine, Xplico.

• Reversing

• IDA
  PRO, radare2, OllyDBg, PEBrowser, ILs Guard, Sysinternals, Hopper
  disassembler, apktools, apk analyser.

• Penetration
  Testing

• Paterva
  Maltego, Shodan, BeEF, Metasploit, Aircrack-ng, bettercap,
  ettercap, johnTheRipper, Nessus, Nmap, wiresharck, tcpdump, Kali
  Linux, Armitage, BurbSuite, OWASP, SQLmap, SET(Social Engineering
  Toolkit), Dradis, Shodan, Nikto WebScarabNG, OpenVAS.

• Intrusion
  detection and Malware research.

• HoneyNet
  project, AlienVault, OSSIM, snort, Bro, tcpdump.

• Project
  Management:

• Project
  Leadership and Management.

• Analysis
  and Risk assessment.

• Negotiation
  and diplomatic skills.

• Writing
  of the invitation to tender and examination of the intentions for
  bidding.

• Change Control
  Management.

• Relationship
  management of providers, integrators and vendors.

• Solution
  Design.

• Cloud,
  network and security technical expertise.

• Cloud
  Computing:

• IaaS
  and DaaS architectural design and implementation

• Xen
  and Qemu virtualisation

• VMWare
  :

• vCloudDirector,
  vSphere 5/ESXi (Resource Pool)

• Storage
  :

  • NetApp,
    vFiler.

AREAS

• Finance

• Bank

• Law
  Enforcement

• IT
  Services

• Telecommunication

EDUCATION
BACKGROUND

1998 Siemens
Alcatel Matra voice telecom engineer

1999 British
Telecom Academia telecom engineer data and voice + Cisco training

2004 Cable
& Wireless training Telecom engineer senior security analyst +
Cisco training all security products PKI Forensics analysis.

LINGUISTIC
SKILLS

French Mother
Tongue

English Fluent

PROJECTS
REALISATIONS

genuix,
Geneva
From 01/2014 up to now

Security
Consultant, Project Manager

Consultant
in Information System Security, for SMEs (Boards, Manager Fortunes …)

Realisations:

Establishing
security solutions for mobile and fixed remote access via secure VPNs
or leased lines MPLS.

Implementation
of web servers for the complete management of web services on linux
platforms, including backups outsourced.

Development
of a secure and redundant accommodation site.

Management,
optimization and integration of computers, Mac and Linux servers in a
Windows Active Directory environment.

Full
virtualization servers park.

Analysis,
consulting and implementation solutions to businesses for IT
security.

Pen
-Test on request to validate security solutions.

Technical
Environment:

Cisco
PIX / ASA
Checkpoint
FW1,
Fortinet,
Sonicwall, IPtables / PF

Scripting
in
different language: Perl,
Powershell, Python, Bash, Ruby, PHP

Virtualisation :
VMware Qemu et Xen

IOS
et Android developments et tests.

Forensic
tools: The Coroner Tool Kit, SANS Investigative Forensics Toolkit –
SIFT, The Sleuth Kit, Bulk Extractor, Mandiant RedLine, Xplico.

Alloa
Informatique sàrl, Geneva
From 01/2008 up 11/2013

Technical
Director

Realisations:

Establishing
security solutions for mobile and fixed remote access via secure VPNs
or leased lines MPLS.

Implementation
of web servers for the complete management of web services on Linux
platforms, including backups outsourced.

Development
of a secure and redundant accommodation site.

Management,
optimization and integration of computers, Mac and Linux servers in a
Windows Active Directory environment.

Full
virtualization servers park.

Technical
Environment:

Cisco
PIX / ASA
Checkpoint
FW1,
Fortinet,
Sonicwall, IPtables / PF

Scripting
in
different language: Perl,
Powershell, Python, Bash, Ruby, PHP

Virtualisation:
VMware Qemu et Xen

IOS
et Android developments et tests.

IOS
Attack and Defence Workshop at HashDays Switzerland 2012.

ARM
and Android exploitation par Stephen Ridley & Stephen Lawler at
Insomni’Hack 2013 by SRTC

Genuix,
GENEVA

From
12/2006 up to 12/2007

Security
Consultant, Project Manager

Independent
consultant in Information System Security, for SMEs (Boards, Manager
Fortunes …)

Realisations:

Establishing
security solutions for mobile and fixed remote access via secure VPNs
or leased lines MPLS.

Implementation
of web servers for the complete management of web services on Linux
platforms, including backups outsourced

Development
of a secure and redundant accommodation site.

Management,
optimization and integration of computers, Mac and Linux servers in a
Windows Active Directory environment.

Full
virtualization servers park.

Analysis,
consulting and implementation solutions to businesses for IT
security.

Pen
-Test on request to validate security solutions.

Technical
environment:

Network
equipment: Cisco ASA 5505 5510 5520 5550 (used as a multi context
firewall)

Virtualisation:
Qemu et Xen

Protocols:
PVLAN, IPVPN, SSL VPN, ISDN, SS7, SIP, IAX, H323

Citovox
SA, Geneva From
01/2004 up to 09/2006

Co-Founder

Development
promotion and marketing of a complete Voice over IP (VoIP) system
bundle based on the Asterisk Open Source Software.

Independent
Consultant System Security Information especially for an
international organization.

Realisations:

Development
promotion and marketing of a complete Voice over IP (VoIP) system
bundle based on the Asterisk Open Source Software, sold at 18 time
for 8 months.

Technical
environment:

Network
equipment: Cisco (Routers, switches, load balancers) Cisco PIX/ASA,
Checkpoint FW1,
Fortinet,
Sonicwall, IPtables/PF.

Protocols:
MPLS, QoS, SIP, IAX, IP, H323, ISDN, Qsig.

Tools:
Asterisk, PHP, Bash, Linux, C, Mysql, Perl, Scripting
in
different language:
Perl,
Powershell, Python, Bash.

Cable&Wireless,
Geneva
From
11/1999 up to 01/2004

Senior
Security Analyst

I
was in charge of the continental Europe as GNS (Global Network
Security) Team member for auditing, monitoring and revising security
polices.

Decision-making
power on the IDB for the validation of all projects of more than 100,
000 Euros.

Assessment
of infrastructure through audits, monitoring reports and
recommendations.

Technical
environment:

Network
equipment: Cisco Router and switch, Cisco ASA, Nokia firewall,
Checkpoint FW1.

Protocols:
MPLS, EIGRP, BGP, QoS, OSPF, IPSec VPN

British
Telecom – Sunrise, Geneva
From
04/1998 up to 10/1999

Field
Engineer Telecom – Data

My
role was to troubleshoot,
stabilize
and analyse customer needs for voice telecom after the Swiss opened
market for whole Switzerland and customer support field engineer
data.

Technical
environment:

Network
equipment: Cisco (routers from 2800 up to the 7500 Series Enterprise
Edge Routers and 3560 through 6500 switches, Firewall PIX),
Checkpoint.

Protocols:
VPN, MPLS, IP, QoS, BGP, X25, SS7, RNIS, PSTN.

THD,
Geneva From
12/1996
up
to
04/1998

Field
Engineer Telecom Voice

My
role was to install, troubleshoot and stabilize private branch
exchange
for
Swisscom concession A at customer promises. system for Roissy Charles
de Gaulle airport. The system had to be resilient to failure to
guarantee high availability.

Technical
environment:

Digital
Private Branch Exchange Siemens Hicom, EWSD, Matra and Alcatels.

Protocols:
RNIS, PSTN, SS7, QSIG.