Security Architect
- Verfügbarkeit einsehen
- 0 Referenzen
- auf Anfrage
- 41200 Romorantin-Lanthenay
- auf Anfrage
- ar | fr | en
- 22.07.2024
Kurzvorstellung
More Focused on Security Architecture
Qualifikationen
Projekt‐ & Berufserfahrung
12/2018 – 12/2021
Tätigkeitsbeschreibung
Expert /Lead Architect IAM/PAM& PKI
• Managing a team of 7 Architects/Experts in order to Address different project in Identity for DXC’s Customers in France and BENLUX.
• CNAF: Authorization Management
o Pre-Sales
o Support to the business teams to define the Business Requirement
o Animation Workshop
o Modelling the Access Data Model (ABAC, RBAC).
o Benchmark solution. (IAM & PAM)
POC IAM Solution based on Forgerock, MIM 2016
POC PAM Solution based on the PAS of Cyberark
o Deploy a pilot of IAM solution based ON MIM 2016
Define the Architecture of the Solution (HA, DR)
Provisioning /reconciliation of new repository based on the existing repositories (>10)
Synchronisation of the identities with the targeting repositories. IBM ISDS as target also.
Strong authentication based on MFA, Mutual Authentication, FIDO2
Managing and implementing the workflow of Newers/Leavers (FIM)
• Ipolice: Attend Bid Response and Phasis 0
o Definition of the IAM / PAM solution to meet the requirements of the Belgian Federal Police.
o Modelling of the Entitlement’s Data Model to be implemented at the IAM solution, to be able to manage the «Fine-grained access"
o Define the architecture using Microservices
o Realize the POC ipolice in cloud AWS with PEGA in front End and SAS.
In terms of authentication of the users
and authorization Access to different resources in IT Police System
• BPOST: auto-Enrollment of Devices in Microsoft Endpoint Manager (ex Intune)
o Implementation of the NDES architecture for BPOST to communicate the PKI On premise with Azure services.
o o Automation of the auto enrollment process from Devices to BPOST infrastructure
o o Realization and Deployment of the solution in Test Environment (Future Production).
• OPCOEP (Ex :AGEFOS) : OPENIAM Solution
o Definition of the architecture of the IAM/PAM solutions (OPENIAM/CyberArk) in private Cloud
o Realization of POCs around the solutions
o Realization of the various connectors for provisioning, reconciliation, recertification of accounts with related systems (O365, Active Directory, Salesforce, ADP,)
o Establishment of the identity federation mechanism, 2FA, SSO based on the OPENIAM solution
o Trusting API access (KONG) using OPENIAM solution
o
• ALSTOM: Managed Access to Linux / Unix servers
o Benchmark of Centrify, CyberArk and Beyond trust PAM solutions to manage access to more than 2,800 servers.
o End-to-end inventory and management of Privilege accounts
o Management of privileged accounts authentication credentials through Vault (Digital Safe).
o Realization of the Cyberark and AD Bridge POC.
Technical Skills: Design-Thinking, TOGAF, C++, python, java 8, apache, tomcat, Forgerock ( openam,
opendj, openidm), Sailpoint (identityiq 8.0), Cyberark (11.7), Keycloak, ,AWS( EC2 et services Réseaux, - Services de gestion, de gouvernance et de sécurité (IAM, config, cloudtrail), MIM 2016, ISDS IBM, OPDK, REST API, kubernetes, Helm, Terraform.,AD, ADFS, NDES, Microsoft PKI, Azure AD, Kerberos, NTLM, Application Proxy, Identity Gouvernance, OPENIAM, groovy, oauth2, Saml2, OKTA
IT Sicherheit (allg.)
Weitere Kenntnisse
Persönliche Daten
- Arabisch (Muttersprache)
- Französisch (Muttersprache)
- Englisch (Gut)
- Spanisch (Grundkenntnisse)
- Europäische Union
- Schweiz
Kontaktdaten
Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.
Jetzt Mitglied werden