Fabrice Triboix, Developer in London, United Kingdom
Fabrice is available for hire
Hire Fabrice

Fabrice Triboix

Verified Expert  in Engineering

DevOps Developer

Location
London, United Kingdom
Toptal Member Since
September 6, 2017

Fabrice is a DevOps engineer with extensive experience with AWS, Kubernetes, and Terraform. He is very keen on automation using CI/CD and infrastructure as code and employing the simplest solution to complex problems. He worked for clients such as Cisco, Topps, MyDocSafe, Armedia, HMRC, UK Home Office, and medium-sized companies and startups. Fabrice's greatest joy is to see his work actually being used in production and making a positive impact on his client's business.

Portfolio

Hello Chef
DevOps, Terraform, Kubernetes, Amazon Web Services (AWS), Docker...
ANTBIT, LLC.
DevOps, Docker, Kubernetes, Cloud, Scripting Languages, CI/CD Pipelines...
TechWorld with Nana
Kubernetes, Amazon EKS, Policy as code (PaC), Service Mesh...

Experience

Availability

Full-time

Preferred Environment

Amazon Web Services (AWS), Kubernetes, Terraform, Ansible, Python, Vault, Docker, GitLab CI/CD, Prometheus, Grafana

The most amazing...

...project I've designed is a secure, highly available, and scalable architecture for HelloChef, running on AWS and Kubernetes, from design to production.

Work Experience

Senior DevOps Engineer

2022 - PRESENT
Hello Chef
  • Wrote a set of Terraform codes to deploy an entire environment based on the design and instructions from the resident DevOps engineer. The codebase is made up of modules for better re-usability.
  • Worked on an environment deployed using this codebase comprised of VPC, RDS databases, EKS cluster, Prometheus, Grafana, and ArgoCD apps.
  • Ensured the environment could be deployed and updated through CI/CD pipelines on GitHub Actions. Guaranteed security best practices are applied at every level.
  • Wrote scripts and utilities related to various works, such as copying and sanitizing data from the production environment to the staging environment.
  • Handed my work over back to Hello Chef so they could take ownership of the infrastructure through documentation and handover sessions.
  • Collaborated on the project, which is now in the support and maintenance phase, handled mainly by Hello Chef itself.
Technologies: DevOps, Terraform, Kubernetes, Amazon Web Services (AWS), Docker, CI/CD Pipelines, Amazon EKS, Prometheus, Grafana, GitHub, Helm, Karpenter, Argo CD, GitOps, Loki, Containers, SQL, AWS DevOps, Continuous Delivery (CD), Cloud Infrastructure, Scalable Application, Microservices, CircleCI, Monitoring, AWS ALB, Cloud Architecture, Security, Architecture, Solution Architecture, Scalable Web Services, Web Scalability, AWS VPN, Back-end, Scalability, DevOps Engineer

Senior DevOps Engineer

2024 - 2024
ANTBIT, LLC.
  • Configured Azure Container Registry (ACR) to allow for public images and published various container images.
  • Optimized CPU and memory configuration for large services running on Kubernetes and adjusted horizontal pod autoscalers to maximize resource utilization.
  • Wrote various modules in Terraform in anticipation of migrating the Kubernetes clusters from DigitalOcean to AWS.
Technologies: DevOps, Docker, Kubernetes, Cloud, Scripting Languages, CI/CD Pipelines, Containerization, Orchestration, Security, Infrastructure as Code (IaC), Amazon Web Services (AWS), Azure, Python, Bash, Terraform, GitHub, GitHub Actions, PostgreSQL, DigitalOcean, Back-end, Scalability, DevOps Engineer

DevOps Consultant

2024 - 2024
TechWorld with Nana
  • Improved EKS deployment using Terraform and EKS blueprints.
  • Wrote the Terraform code to deploy ArgoCD using its official Helm chart.
  • Set up GitOps repo to deploy the apps using Kustomize.
  • Deployed Vault with its official Helm chart through Terraform and using AWS KMS for auto-unsealing.
  • Deployed External Secrets Operator with two back ends: AWS Secrets Manager and Vault. This included writing the required Vault configuration to automatically create a key-value store and a read-only policy to allow ESO to fetch secrets from the Vault.
  • Installed Istio using the official Helm chart, enabled mTLS for the app mesh, and deployed an Istio gateway and virtual service to provide access to the app from the Internet.
Technologies: Kubernetes, Amazon EKS, Policy as code (PaC), Service Mesh, Compliance as Code (CaC), Vault, Istio, GitLab, GitLab CI/CD, Argo CD, GitOps, Terraform, DevOps Engineer

DevOps Platform Engineer

2023 - 2024
HMRC
  • Deployed and maintained various environments for a tenant of our platform solution, which is based on Amazon EKS, Amazon RDS, Terraform, HashiCorp Vault, GitLab CI, Helm, Prometheus, and Grafana.
  • Investigated issues experienced by the tenant and resolve them as appropriate.
  • Improved the platform solution itself by investigating and fixing bugs, implementing new features, and updating the documentation.
Technologies: Kubernetes, Amazon Web Services (AWS), Vault, GitLab CI/CD, Git, Terraform, Docker, Linux, Amazon EC2, Python, Python 3, MySQL, AWS IAM, Amazon S3 (AWS S3), Continuous Deployment, Continuous Integration (CI), GitLab, Amazon EKS, Scrum, Jira, Confluence, Bash, Infrastructure as Code (IaC), Bash Script, Amazon Virtual Private Cloud (VPC), Prometheus, Grafana, Shell Scripting, DevOps, Helm, Istio, Elasticsearch, Networking, Architecture, CI/CD Pipelines, Containers, SQL, AWS DevOps, Continuous Delivery (CD), Cloud Infrastructure, Microservices, Multitenancy, Monitoring, DevSecOps, AWS ALB, Cloud Architecture, Security, Solution Architecture, Back-end, DevOps Engineer

DevOps Engineer

2022 - 2023
Home Office
  • Took over a major security system with most of it running on Kubernetes.
  • Imported code repositories into GitLab and configured CI/CD pipeline on them.
  • Enabled automatic exportation of secrets stored in AWS Secrets Manager into Kubernetes secrets.
  • Built various Docker images and automated such builds as part of CI/CD pipelines. Deployed various apps into Kubernetes.
Technologies: Kubernetes, Amazon Web Services (AWS), Drone CI, Linux, Docker, Amazon EC2, AWS IAM, Continuous Deployment, Git, Scrum, Bash, Bash Script, Infrastructure as Code (IaC), Amazon Virtual Private Cloud (VPC), Terraform, Shell Scripting, Continuous Integration (CI), DevOps, Helm, Vault, Jira, Confluence, Networking, Architecture, CI/CD Pipelines, Containers, SQL, AWS DevOps, Continuous Delivery (CD), Cloud Infrastructure, Microservices, DevSecOps, Cloud Architecture, Security, Amazon EBS, Back-end, DevOps Engineer

Technical Writer

2019 - 2023
IOD Cloud Technologies Research Ltd.
  • Wrote technical articles as a ghostwriter for content marketing.
  • Received frequent praise for the quality of the produced articles.
  • Produced technical content, from general to step-by-step instructions.
Technologies: Technical Writing

DevOps Engineer

2022 - 2022
Plural Labs, Inc
  • Integrated Vault into Plural in order to allow clients to easily install it on their Kubernetes cluster.
  • Investigated how to configure Vault into a high availability configuration.
  • Implemented a solution to install Vault in high-availability mode using AWS Secrets Manager to unseal it.
Technologies: Terraform, DevOps, Kubernetes, Vault, Docker, GitHub, Git, Amazon Web Services (AWS), AWS IAM, Continuous Integration (CI), Continuous Deployment, Infrastructure as Code (IaC), OpenID, Helm, Amazon EKS, AWS Secrets Manager, CI/CD Pipelines, Containers, Continuous Delivery (CD), CircleCI, DevOps Engineer

DevOps Engineer

2021 - 2022
HMRC
  • Collaborated with the team, building architectures and making them available to other teams.
  • Took charge of short-term tasks related to designing, implementing, and maintaining cloud architectures for various products used within HMRC.
  • Involved with tasks for on-premise infrastructure as well.
Technologies: Amazon Web Services (AWS), Vault, Terraform, Ansible, GitLab, Linux, Docker, Amazon EC2, Python, Python 3, MySQL, Amazon RDS, Continuous Deployment, Continuous Integration (CI), GitLab CI/CD, PostgreSQL, Git, Scrum, Bash, Bash Script, Shell Scripting, Infrastructure as Code (IaC), Amazon Virtual Private Cloud (VPC), Prometheus, DevOps, Networking, Architecture, CI/CD Pipelines, Containers, SQL, AWS DevOps, Continuous Delivery (CD), Cloud Infrastructure, Microservices, System Administration, Configuration Management, DevSecOps, AWS ALB, Cloud Architecture, Security, Solution Architecture, Back-end, DevOps Engineer

DevOps Architect

2020 - 2021
Armedia LLC
  • Modernized the architecture of ArkCase, a case management system. The architecture was monolithic, with ArkCase and half a dozen dependent services running on the same server.
  • Moved to a modern architecture based on Kubernetes, microservices, and infrastructure as code. Additionally, helped the company build an AWS Marketplace offering for ArkCase.
  • Dockerized various services and wrote Helm charts for various services.
  • Secured the Kubernetes cluster using network policies and RBAC and installed and configured Istio and observability tools. Built an internal PKI using CloudFormation.
Technologies: Kubernetes, Helm, Istio, Loki, Prometheus, Grafana, Docker, Amazon Web Services (AWS), AWS CloudFormation, Ansible, Python, Linux, Amazon EC2, Amazon Virtual Private Cloud (VPC), Amazon CloudWatch, GitHub, Python 3, PostgreSQL, AWS IAM, Amazon S3 (AWS S3), Continuous Deployment, Continuous Integration (CI), Bash, Bash Script, Shell Scripting, Infrastructure as Code (IaC), AWS CLI, SSL, HTTP, DevOps, Observation, Amazon RDS, AWS Lambda, Networking, Architecture, CI/CD Pipelines, Containers, AWS DevOps, Continuous Delivery (CD), Cloud Infrastructure, Scalable Application, Microservices, Configuration Management, Monitoring, AWS ALB, Cloud Architecture, Security, Solution Architecture, Web Hosting, Scalable Web Services, Web Scalability, Back-end, Amazon Simple Queue Service (SQS), DevOps Engineer

Cloud Architect

2020 - 2020
Hatchdata
  • Refactored Terraform scripts to minimize the update anxiety.
  • Advised on the best network architecture involving a Transit Gateway, multiple VPNs, and multiple AWS accounts for a complex flow of IoT data with the right balance between simplicity and efficiency, also being future-proof.
  • Set up AWS Client VPN using Terraform with mutual authentication.
Technologies: Amazon Web Services (AWS), Terraform, VPN, AWS Transit Gateway, GitHub, Git, Python, Python 3, AWS IAM, Continuous Deployment, Continuous Integration (CI), TCP/IP, Infrastructure as Code (IaC), AWS CLI, Amazon Virtual Private Cloud (VPC), Direct Connect (DC), Border Gateway Protocol (BGP), DevOps, Networking, Architecture, CI/CD Pipelines, Containers, AWS DevOps, Continuous Delivery (CD), Cloud Infrastructure, Microservices, Cloud Architecture, Security, Solution Architecture, Web Hosting, DevOps Engineer, Networks

DevOps Engineer

2019 - 2020
SIBOTest
  • Performed various system administration tasks, especially related to SSL certificates.
  • Dockerized the Ruby on Rails web application in order to facilitate deployments.
  • Designed and implemented a MySQL NDB cluster in order to increase the database resiliency.
  • Designed a highly available, microservice-based cloud architecture for the SIBOTest website.
Technologies: Docker, Ruby on Rails (RoR), MySQL, DigitalOcean, SSL, Networking, CI/CD Pipelines, Jenkins, Containers, SQL, Continuous Delivery (CD), Cloud Infrastructure, Microservices, Cloud Architecture, Security, Architecture, Solution Architecture, Web Hosting, Scalable Web Services, Web Scalability, Back-end, DevOps Engineer

DevOps Engineer

2018 - 2020
MyDocSafe
  • Wrote Ansible roles and a playbook to install CloudWatch Agent on EC2 instances and configure Amazon SNS and CloudWatch to notify key people of alarms on EC2 instances.
  • Tweaked Apache configuration to stop it from crashing under heavy load.
  • Wrote Ansible roles and playbook to create letsencrypt SSL certificates using DNS challenge (including making the subdomain on AWS Route53).
  • Installed and configured the ELK stack to monitor Apache logs.
  • Designed a highly available and scalable architecture to run a complex workload reliably.
  • Progressively migrated the existing system to the new architecture.
  • Worked on the new architecture that is now employed in production.
Technologies: Amazon Web Services (AWS), Amazon Virtual Private Cloud (VPC), MySQL, Amazon RDS, Amazon CloudWatch, Infrastructure as Code (IaC), Python, Bash, AWS CloudFormation, DevOps, AWS DevOps, Linux, Continuous Integration (CI), Continuous Deployment, CI/CD Pipelines, Bitbucket, Elastic Load Balancers, Ansible, Amazon EC2, AWS CLI, System Administration, Configuration Management, Monitoring, Cloud Architecture, Security, Architecture, Solution Architecture, Web Hosting, Scalable Web Services, Web Scalability, Back-end, DevOps Engineer

Software Developer

2018 - 2020
Topps Digital
  • Designed, implemented, and tested a back-end microservice in Python 3.6 running on Elastic Beanstalk in AWS.
  • Implemented new services based on Flask and SQLAlchemy as part of a microservice architecture consisting of back-ends to mobile applications allowing users to trade virtual cards.
  • Wrote extensive unit tests using pytest for a number of microservices.
Technologies: Amazon Web Services (AWS), SQLAlchemy, PostgreSQL, Flask-Marshmallow, Flask, Pytest, AWS Elastic Beanstalk, Python 3, Python, Amazon RDS, SQL, Microservices, Postman, Security, Back-end

DevOps Engineer

2019 - 2019
A Shopping-site Startup in the Middle East
  • Designed and implemented workload architecture on AWS suitable for the startup requirements based on Docker and ECS.
  • Designed and implemented a complex system to generate and manage SSL certificates for this multi-tenant application.
  • Automated workload provisioning using infrastructure-as-code (CloudFormation) such that white labeling would be possible.
Technologies: Amazon Web Services (AWS), Let's Encrypt, SSL, Amazon Elastic Container Service (Amazon ECS), Docker, AWS CloudFormation, Networking, Architecture, CI/CD Pipelines, SQL, AWS DevOps, Continuous Delivery (CD), Cloud Infrastructure, Scalable Application, Microservices, Cloud Architecture, Security, Solution Architecture, DevOps Engineer

Blockchain Specialist

2017 - 2018
Blocknet
  • Inspected C++ code for the BlocknetDX wallet and advised on improvements.
  • Designed a protocol for the atomic exchange of bitcoins and ethers, including code for smart contracts.
  • Designed a protocol for the atomic exchange of Ethereum colored coins following the ERC-20 standard.
  • Advised on the Ethereum side of things for the Blocknet whitepaper: blocknet.co/whitepaper/Blocknet_Whitepaper.pdf.
Technologies: C++, Bitcoin, Smart Contracts, Ethereum, Blockchain, Architecture

Senior Software Engineer

2017 - 2017
G4S
  • Added new features to an access control system written in C++11 and Python 3.
Technologies: DBus, Docker, Git, C++11, C++, Python 3, Python, Ubuntu, Linux, Real-time Operating System (RTOS), Embedded Systems, Network Protocols, Embedded Software, Embedded C++

DevOps Engineer

2016 - 2017
Cisco
  • Worked as part of the system team—releasing STB software to a major EU broadcaster.
  • Helped design and implement a black box STB test framework written in Python.
  • Set up and maintained a variety of software tools to enable the smooth running of the continuous integration and development/testing work.
  • Set up Coverity static analysis and nightly automation using Jenkins.
  • Set up Black Duck open source code matching.
  • Configured Nagios and set up of NRPE with custom Git checks.
  • Implemented various Cron/Jenkins jobs in Bash/Python to automate tasks.
  • Installed and configured a DHCP server.
  • Worked within a Scrum process with six weeks iterations, and the team was spread over three countries.
  • Worked with a code base with 20 million+ lines of code.
  • Detected and responded to system problems.
Technologies: ELK (Elastic Stack), Kibana, Logstash, Elasticsearch, VMware vSphere, VMware ESXi, Rally, Git, NMap, Netfilter, Iptables, Bash, Scrum, Continuous Integration (CI), BlackDuck Protex, Jenkins, Coverity, Python, Ubuntu, CentOS, Linux, Networking, Linux Administration, VMware, System Administration, Configuration Management, Monitoring, Architecture, Ethernet, Network Protocols, Real-time Embedded Systems, DevOps Engineer, Networks

Release Manager

2015 - 2016
V-Nova
  • Worked on the Perseus-based contribution encoder.
  • Acted as the link (release manager) between the development and the product teams.
  • Translated high-level business requirements into technical requirements.
  • Established timelines and work breakdown structures in collaboration with the development team.
  • Reported on the progress on a weekly basis and detected and reported impeding difficulties.
  • Devised an Agile process with weekly iterations (based on Scrum).
  • Changed the supplier of video cards to a cheaper product with much better support.
  • Coded new features; including debugging and fixing of bugs and also integrated a TS muxer.
Technologies: MPEG, Kernel, Boost, Standard Template Library (STL), Scrum, Agile, H.264, Git, Linux, C++11, C++, Release Management, Architecture, Ethernet, Real-time Operating System (RTOS), Embedded Systems, Network Protocols, Real-time Embedded Systems, Embedded Software, Embedded C++, Agile Project Management, Project Management, Networks

Senior Software Engineer

2013 - 2015
Ovation Systems Ltd
  • Worked on the next generation of surveillance camera running on ARM9 with embedded Linux.
  • Designed and developed the subsystems managing the date/time, mass storage, and multiplexing of the audio (AAC) and video (H.264) into a Flash file (FLV).
  • Implemented automated unit-testing for the above subsystems.
Technologies: SQLite, H.264, Git, Embedded Linux, ARM, C, Real-time Operating System (RTOS), Embedded Systems, Real-time Embedded Systems, Embedded Software, Embedded C

Senior Software Engineer

2013 - 2013
Samsung
  • Investigated and analyzed the performance of the OpenGL stack for WebKit.
Technologies: WebKit, OpenGL, Real-time Operating System (RTOS), Embedded Systems, Real-time Embedded Systems, Embedded Software, Embedded C

Lead Software Engineer

2011 - 2013
e2v
  • Worked on a modulator for a radiotherapy cancer treatment machine.
  • Worked with a team of 15 people (including five who were under my direct management).
  • Developed software that controls the modulator, from requirements to specifications, design, implementation, unit tests, and integration tests.
  • Made all the critical decisions: choosing the programming language (C++), software compilation suite, coding standards, and RTOS vs bare metal.
  • Defined C++ coding guidelines adapted to this high-integrity software.
  • Designed the software architecture, including the structure of a 1 kHz control loop with hard real-time requirements.
  • Verified the progress against time estimates and regularly reported to the project manager.
  • Demonstrated successfully a proof of concept.
Technologies: DOORS, ASM, Embedded C, Code Composer Studio, RS-232, Serial Peripheral Interface (SPI), I2C, XML, TCP/IP, UML, Redmine, Subversion (SVN), Embedded Linux, BeagleBone Black, DSP, Software Architecture, Project Management, C++, Real-time Operating System (RTOS), Embedded Systems, Real-time Embedded Systems, Embedded Software, Embedded C++, Agile Project Management

Software Engineer

2010 - 2010
AB Tools
  • Made modifications to the Icecast MP3 server to seamlessly insert audio ads for internet radio.
Technologies: AAC, MP3, HTTP, Icecast, C, Network Protocols, Networks

Software Engineer

2009 - 2010
Megger
  • Worked on the next generation of a portable appliance tester running on Integrity.
  • Designed and developed some GUI screens and widgets.
  • Designed and developed C++ classes to access SQLite databases; also designed the database schemas.
  • Proposed an agile iterative software development process; it was partially adopted.
  • Developed a USB printer class driver.
  • Developed a Win32 PC application allowing the user to upgrade the PAT SW.
  • Developed various device drivers: SPI driver, RTC driver, keyboard driver, and more.
  • Made some modifications in U-Boot.
  • Developed a .NET PC application to automate the programming of boards.
Technologies: USB, SQLite, U-Boot, .NET, C, Microsoft Project, UML, Agile, Visual Studio, C#, C++, Systems, Real-time Operating System (RTOS), Embedded Systems, Real-time Embedded Systems, Embedded Software, Embedded C++

Software Engineer

2007 - 2009
Amino
  • Performed various jobs on the next generation of IPTV STB, including a CA integration and MPEG Demux driver.
Technologies: Linux Kernel, Embedded Linux, MPEG, IPTV, C, Real-time Operating System (RTOS), Embedded Systems, Network Protocols, Real-time Embedded Systems, Embedded Software, Embedded C

Software Engineer

2006 - 2007
Imagination Technologies
  • Integrated GStreamer to the next generation of digital radios able to play internet audio streams.
  • Developed the following: an RTSP/RTP/RDT stack, ASF Demux, Real Media Demux, and a HTTP streaming client.
Technologies: GLib, Windows Media Audio (WMA), MP3, Linux, GStreamer, RTCP, RTP, RTSP, SHOUTcast, C, Real-time Operating System (RTOS), Embedded Systems, Network Protocols, Real-time Embedded Systems, Embedded Software, Embedded C

Software Engineer

2006 - 2006
NXP Semiconductors
  • Upgraded some software drivers from an old STB to a new one running on Linux.
Technologies: JTAG, MIPS, Linux Kernel, C, Real-time Operating System (RTOS), Embedded Systems, Network Protocols, Real-time Embedded Systems, Embedded Software, Embedded C

Software Engineer

2006 - 2006
NDS
  • Developed some test tools to test STB drivers that wwere developed by STB manufacturers for the US digital TV market.
Technologies: MPEG, ARM, JTAG, MIPS, PVCS, C, Real-time Operating System (RTOS), Embedded Systems, Network Protocols, Real-time Embedded Systems, Embedded Software, Embedded C, Networks

Software Engineer

2005 - 2006
Ezurio
  • Developed various software components for a tiny WiFi board.
  • Delivered successfully an SW—allowing the demonstration of the smallest WiFi board on the market to a key trade exhibition.
Technologies: WiFi, TCP/IP, C, Real-time Operating System (RTOS), Embedded Systems, Network Protocols, Real-time Embedded Systems, Embedded Software, Embedded C, Networks

Networking Software Engineer

2004 - 2005
Sagem
  • Wrote for an ADSL modem a Linux Bluetooth API calling VxWorks.
  • Developed an ethernet bridge making use of the network processor.
Technologies: MIPS, TCP/IP, Ethernet, VxWorks, Linux Kernel, Embedded Linux, C, Real-time Operating System (RTOS), Embedded Systems, Network Protocols, Real-time Embedded Systems, Embedded Software, Embedded C

Software Engineer

2003 - 2004
Philips CE
  • Worked on the next generation of high-end Philips Digital TV.
  • Integrated the VxWorks USB stack.
  • Developed various plug-ins.
Technologies: MIPS, Continuum, USB, VxWorks, C, Real-time Operating System (RTOS), Embedded Systems, Network Protocols, Real-time Embedded Systems, Embedded Software, Embedded C

Software Engineer

2003 - 2003
Reuters Financial Software
  • Maintained a server providing access services to an Oracle database.
Technologies: CVS, Design Patterns, Standard Template Library (STL), Solaris, Oracle, TIBCO Rendezvous, C++

Validation Manager

2002 - 2002
MBDA
  • Managed the validation of a test bench of a missile launching system.
Technologies: RPM, Solaris, Linux, VxWorks, UDP, Transmission Control Protocol (TCP), CVS, C, Real-time Operating System (RTOS), Embedded Systems, Network Protocols, Real-time Embedded Systems, Embedded Software, Embedded C

Software Engineer

2001 - 2002
Philips MP4NET
  • Developed a network tool to replicate a distant video session.
  • Maintained a video streaming server.
Technologies: RPM, UDP, Transmission Control Protocol (TCP), Solaris, Linux, CVS, Shell Scripting, RTCP, RTP, RTSP, C++, C, Real-time Operating System (RTOS), Embedded Systems, Network Protocols, Real-time Embedded Systems, Embedded Software, Embedded C, Embedded C++

Software Engineer

2000 - 2001
Alcatel Optronics
  • Developed software that was embedded on transmitting laser chips to control the laser's wavelength.
Technologies: Oscilloscopes & Tester Equipment, MPLAB, C, Real-time Operating System (RTOS), Embedded Systems, Real-time Embedded Systems, Embedded Software, Embedded C, Networks

Software Engineer

1998 - 2000
Sagem
  • Developed various software modules embedded on military vehicles and planes.
Technologies: Solaris, CVS, RPM, Microsoft SQL Server, MS-DOS, Linux, C, System Administration, Unix, Real-time Operating System (RTOS), Embedded Systems, Network Protocols, Real-time Embedded Systems, Embedded Software, Embedded C, CAN Bus

Migrating Services from Physical Servers to AWS

ThinkAlpha needed to migrate services from on-premise, physical servers to AWS Cloud to streamline their operations and increase resiliency. They required an unusually high number of environments for various purposes, each one replicating exactly the same services. This was a medium-scale project, with about 25 services, six environments, VPNs and Direct Connect.

I proposed the Terraform as Infrastructure-as-Code tool and built the environments from the ground up, adding each service in turn. Services were either Node-based application or static websites. The Node apps were run as Fargate ECS clusters. I also helped with the Dockerization process. Static websites were run as S3 buckets fronted with CloudFront distributions.

Continuous Deployment was performed with CircleCI. I updated the CircleCI scripts to deploy the services to AWS instead of the physical servers.

ThinkAlpha had some additional requirements in terms of networking, and needed VPNs and Direct Connect to link services. To ease the hand over of the infrastructure to ThinkAlpha, I generated templates from the two types of services and documented how to create new services and update the infrastructure for the various environments.

Modernizing a Web Infrastructure

http://sibotest.com/
SIBOTest needed to move away from a monolithic and fragile approach of having everything on one server and wanted to up their game as a startup.

I proposed an overhaul of the internal structure of the web app to use microservices based on Docker so that the architecture would be robust and scalable.

Work Done:
· Introduced load balancers with SSL termination.
· Separated the production and staging environments.
· Moved the MySQL databases to a separate subnet, using MySQL NDB Cluster.
· Dockerized their Ruby on Rails application.
· Set up a continuous-integration system based on Jenkins to automatically build the Docker images.
· Wrote Ansible scripts to automate the provisioning of new servers and deployment of the docker images.
· Ensured the air-tight security of the overall infrastructure.

In the end, this multitier architecture was working very nicely, with no reported downtime.

Highly Available and Scalable Architecture Design on AWS

https://mydocsafe.com
MyDocSafe needed expert help to design a monitoring system suited to their application. They experienced a lot of instability, server crashes, and performance problems. Once this immediate solution was in place, they required an expert to design and implement a highly available and scalable architecture to run their workload reliably on AWS, complete with automated deployment.

Work done:
• Wrote Ansible roles and playbook to install CloudWatch Agent on EC2 instances and configure Amazon SNS and CloudWatch to notify key people of alarms on EC2 instances.
• Tweaked Apache configuration to stop it from crashing under heavy load.
• Wrote Ansible roles and playbook to create Let's Encrypt SSL certificates using DNS challenge, including creating the subdomain on Amazon Route53.
• Installed and configured ELK stack to monitor Apache logs.
• Designed a highly available and scalable architecture to run a complex workload reliably.
• Progressively migrated the existing system to the new architecture.
• Employed the new architecture in production.

Set up of CI/CD Pipelines for a Startup

PSD2Enabler required the setup of CI/CD pipelines on GitLab for various projects.

Work Done:
· Set up a GitLab pipeline to build and deploy an app to AWS using Terraform and Ansible.
· Set up a GitLab pipeline to build and deploy an app to a Kubernetes cluster hosted on the Google Cloud Platform.
· Set up a GitLab pipeline to build and deploy an app to a Kubernetes cluster hosted on AWS EKS.

Cisco | DevOps Engineering and Python Development

I worked as part of the system team who released set-top-box software to a major EU broadcaster.

Work Done:
· Set up and maintained a variety of software tools to enable the smooth running of the continuous integration process.
· Set up the Coverity static analysis and enabled nightly automation using Jenkins
· Set up BlackDuck open-source code matching.
· Configured Nagios and set up an NRPE with custom Git checks.
· Set up various Cron/Jenkins jobs with Bash/Python to automate tasks.
· Worked in a Scrum process with three-week iterations with a team spread over three countries.
· Worked with a codebase of 20 million+ lines of code.
· Detected and responded to the system problems.

Technologies: Linux, CentOS, Coverity, Jenkins, Black Duck, Continuous Integration, Scrum, Bash, Python, iptables/Netfilter, Nmap, Git, Rally

DevOps Architect

Armedia needed an AWS specialist and DevOps expert to help them modernize the architecture of ArkCase, a case management system. They needed to move from running everything on one server to a modern architecture based on Kubernetes, microservices, and infrastructure as code (IaC). Additionally, they required an AWS expert to help them build an AWS marketplace offering for ArkCase.

Tasks:
- Move from a monolithic architecture to a microservice-based architecture
- Dockerize various services
- Write Helm charts
- Secure the Kubernetes cluster using network policies and RBAC
- Install and configure Istio to encrypt internal traffic and facilitate distributed tracing
- Install and configure observability tools: Loki for log aggregation, Prometheus and Grafana
- Write CloudFormation templates to set up the infrastructure on AWS
- Write Lambda functions in Python as CloudFormation custom resources or for admin tasks such as rotating secrets with the SecretsManager
- Modify existing Ansible roles and playbooks
- Build an internal PKI using IaC on AWS using only serverless services; certificates are renewed automatically when they expire and when CA certificates are renewed themselves.
1995 - 1998

Master of Science Degree in Computer Sciences Applied to Earth Sciences

Pierre and Marie Curie University - Paris, France

FEBRUARY 2022 - FEBRUARY 2024

Certified Kubernetes Security Specialist

Linux Foundation

DECEMBER 2021 - DECEMBER 2024

Certified Kubernetes Administrator

The Linux Foundation

DECEMBER 2021 - DECEMBER 2024

Certified Kubernetes Application Developer

The Linux Foundation

OCTOBER 2021 - OCTOBER 2024

AWS Certified DevOps Engineer Professional

AWS

MARCH 2019 - OCTOBER 2024

AWS Certified SysOps Administrator Associate

AWS

FEBRUARY 2019 - OCTOBER 2024

AWS Certified Developer Associate

AWS

JANUARY 2019 - JANUARY 2025

AWS Certified Solutions Architect Associate

AWS

Libraries/APIs

Standard Template Library (STL), OpenGL, GLib, Flask-Marshmallow, SQLAlchemy, Jenkins Pipeline, OpenID, ArcGIS

Tools

Let's Encrypt, Terraform, GitLab CI/CD, Ansible, Amazon CloudWatch, Amazon Virtual Private Cloud (VPC), AWS CLI, Helm, Git, NGINX, AWS CloudFormation, Amazon Elastic Container Service (Amazon ECS), AWS IAM, AWS Systems Manager, GitLab, Bitbucket, GitHub, Istio, Vault, Amazon EKS, OpenVPN, Amazon EBS, DBus, Coverity, BlackDuck Protex, Iptables, NMap, Rally, VMware vSphere, Logstash, Kibana, Subversion (SVN), Redmine, DOORS, Visual Studio, Microsoft Project, U-Boot, Continuum, TIBCO Rendezvous, CVS, RPM, SHOUTcast, Pytest, VPN, ELK (Elastic Stack), Jenkins, Grafana, Jira, Confluence, Postman, VMware, CircleCI, GIS, Amazon Simple Queue Service (SQS)

Languages

C, Bash Script, Python, C++, Embedded C++, Python 3, Bash, Embedded C, C++11, MIPS, UML, XML, C#, SQL

Platforms

Docker, Amazon Web Services (AWS), Linux, Amazon EC2, Kubernetes, Ubuntu, Blockchain, AWS ALB, CentOS, Kernel, Embedded Linux, VxWorks, BeagleBone Black, Oracle, Solaris, MS-DOS, Ethereum, DigitalOcean, AWS Elastic Beanstalk, AWS Lambda, Drone CI, Unix, Azure

Paradigms

Continuous Integration (CI), DevOps, Continuous Delivery (CD), Continuous Deployment, Scalable Application, Microservices, DevSecOps, Agile Project Management, Scrum, Agile, Design Patterns

Industry Expertise

Project Management

Storage

MySQL, Amazon S3 (AWS S3), Elasticsearch, SQLite, Microsoft SQL Server, PostgreSQL

Frameworks

Netfilter, Boost, ASM, .NET, GStreamer, Ruby on Rails (RoR), Flask

Other

Ethernet, HTTP, Transmission Control Protocol (TCP), UDP, Shell Scripting, SSL, TCP/IP, Infrastructure as Code (IaC), AWS Secrets Manager, Amazon RDS, AWS Certified Solution Architect, Architecture, CI/CD Pipelines, Containers, AWS DevOps, Cloud Infrastructure, Configuration Management, Cloud Architecture, Security, Solution Architecture, Scalable Web Services, Web Scalability, Back-end, Embedded Systems, Network Protocols, Real-time Embedded Systems, Embedded Software, DevOps Engineer, Prometheus, Autoscaling, Loki, Technical Writing, Elastic Load Balancers, Networking, Multitenancy, Linux Administration, System Administration, Monitoring, Web Hosting, Scalability, Real-time Operating System (RTOS), Networks, VMware ESXi, H.264, ARM, WebKit, Linux Kernel, Software Architecture, DSP, I2C, Serial Peripheral Interface (SPI), RS-232, Code Composer Studio, Icecast, MP3, AAC, Systems, USB, IPTV, RTSP, RTP, RTCP, MPLAB, Oscilloscopes & Tester Equipment, Windows Media Audio (WMA), PVCS, JTAG, WiFi, Smart Contracts, Bitcoin, AWS Transit Gateway, MPEG, Observation, Direct Connect (DC), Border Gateway Protocol (BGP), Amazon EventBridge, Karpenter, Argo CD, GitOps, Algorithms, Data Structures, Release Management, Policy as code (PaC), Service Mesh, Compliance as Code (CaC), AWS VPN, Cloud, Scripting Languages, Containerization, Orchestration, GitHub Actions, CAN Bus

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring