Domaines de compétence

People skills

Team management, customer-facing, pre-sales, audit, project management.

Problem solving (strong mathematics background), Working under high pressure, Hard-working, Determinate.

Professional skills

IAM processes & commercial products (EVIDIAN IAM Suite 8, IBM TAM, CA SiteMinder), PKI, Access Control, SSO (Kerberos, GSSAPI, SmartCard-logon), Web-SSO, Directories, Strong authentication (SmartCards, OTP), Digital Signature and Timestamping, Penetration Tests, Reverse Engineering, Exploitation, Risk Analysis.

J2EE and Open-source Frameworks, Eclipse, WSAD, RAD, C++, C, LISP, XML, HTTP, AJAX, JavaScript, JavaScript server-side (GWT), ASP.NET, Assembler, SVN

Software architecture (n-tiers, distributed), SOA, Web-Services, Application & Web Server (JBOSS, IHS, Apache, Tomcat, Glassfish, WAS)

Languages

French (mother tongue), English (Advanced), Spanish (Intermediate), Japanese (beginner)

Expérience professionnelle

October 2007 - July 2009

Security Consultant, SOLUCOM (First French Consultant Group in Security Area)

Responsibilities & Achievements

• Various missions for top-50 France-implanted firms.

• Consultant : IAM, PKI, Network Security

• Auditor and Pen-testing

• Technical Expertise, Developer and Technical Lead

March 2009 - August 2009

Security Architect, La POSTE (First French Delivery Group)

Design, implementation and integration of the Information System Access Control Security Layer.

Responsibilities & Achievements

• Part of the architectural design of the Common Access Control Layer of the Information System.

• Complete design of the main component (J2EE & open-source frameworks) .

• Supervision of the technical part of the project and involution in project orientations.

• Daily management of the programming team and supervision of the realisation.

• Level 3 support and technical expertise for surrounding projects .

• Integration of the middleware platforms (complex / heterogeneous architecture).

• Training of the programming team on technological and internal processes aspects .

Keywords

Complex distributed SOA architecture, Web-SSO, Reverse-Proxy, J2EE with open-source frameworks.

March 2009

Security Consultant, TOTAL

Smartcards readers migration impacts study.

March 2009

Security Consultant, CH Bourg-En-Bresse (Regional Hospital)

Information System Transformation orientations study.

February 2009

Technical Expert, CHU of Angers (Regional hospital, 6000 employees)

Access Control Proof Of Concept.

December 2008 - February 2009

Developer, SOLUCOM

Functional evolution of the internal management application.

Responsibilities & Achievements

• Realisation of several functional evolutions of the internally-maintained management software.

• Redaction of the documentation.

Keywords

VB.NET, Visual Studio 2008, IIS, SQL Server, Internal Management Processes.

December 2008

Security Consultant, La POSTE (First French delivery enterprise)

Workstation Security-Enforcement study

September 2008 – December 2008

Security Developer, CNAM-TS (French national social health assurance)

Evolution of the security layer responsible for SSO for all distributed applications.

Responsibilities & Achievements

• Code-cleaning and redesign of part of the security layer of the Information System based on Tuxedo, DCE and GSSAPI / Kerberos

• Redaction of the complete documentation of the project

• Realisation of functional and technical evolutions of the middleware (authentication-bypass and cipher-less modes for the benchmarking, security logs function...)

Keywords

TUXEDO, DCE, GSSAPI, EVIDIAN ACCESSMASTER, KERBEROS, VISUAL C++

July 2008 – November 2008

Security Architect, La POSTE

Design of the security architecture of the SD2I filial network and datacenter.

June 2008

Pen-tester, UNEDIC (French social unemployment assurance)

Black-box audit and penetration test on the external access gateway.

June 2008

Security Auditor, BIOGARAN

General ISO 27002 audit of a B2B partner.

June 2008 - July 2009

Security Consultant, CHU of Angers

IAM migration.

May 2008

Security Consultant, CHU of Angers

Formalisation of the General Access Control Policy.

May 2008 - May 2009

Security Consultant, CHU of Nantes (Regional hospital, 10000 employees)

IAM Call for Offer.

March 2008 – July 2008

Security Consultant, Air France – KLM

Proven digital signature architecture.

Responsibilities & Achievements

• Level 3 support and evolutions of the proven digital signature architecture part of the dematerialisation one : digital signature applet, digital signature validation server, timestamping server, technical PKI, CRL publication tool.

• Entire rewrite and simplification of the signature applet (J2EE). Design,

• Integration of the EJBCA PKI for test and development environments.

Keywords

Proven digital signature architecture (DICTAO Suite), J2EE, Web-Services, Signature Applet, Signature Validation and Timestamping, EJBCA PKI

February 2008

Security Consultant, TOTAL

Secured devices documentation.

January 2008

Security Consultant, La Poste

Formalisation of Identity directory processes.

December 2007

Security Consultant, La Poste

Redaction of the Security Assurance Plan model.

October 2007 – January 2008

Security Consultant, La Poste

Elaboration of the Security Strategy of the SD2I filial.

April 2007 - September 2007

Security Architect, THALES

April 2007 – September 2007

Security Architect, THALES Airborne System

Design and realisation of the Smartcards-based Access Control Architecture.

October 2005 - September 2007

Helpdesk support , ORANGE (First French Internet and Telecommunication operator)

October 2005 – September 2007

Internet and Multimedia Support, ORANGE

Level 1 and then Level 2 technical support.

Etudes

September 2007

Master degree in Mathematics and Informatics

University of Sciences and Technology of Bordeaux, 2007.

Specialisation in Algebra, Cryptology and IT Security.