Jean Prat - Systems and networks expert

About me

Having practised a lot of self-training during my 18 years of experience and listening to experienced people around me, self-taught in many fields, I have built up a knowledge base over the years.

This has allowed me to have my skills recognized and to be able to put forward my expertise in incident management and technical vision.

I started working on Unix environments as a SAP administrator in 2004 to become today Infrastructure and Security Administrator. Today I work mainly on Linux and Open Source software.

As an autonomous person, I know how to get information where it is accurate and how to be reactive to adapt to complex situations, whether they are technical, human or organizational.

I have successfully entered the development cycle, combining this with my responsiveness, I have enabled the team to meet its delivery deadlines. I work closely with the developers throughout the application’s lifecycle.

I have experience in finance systems constraints, personnal data management and card payment security auditing.

Created with Highcharts 8.2.0Jean PratAutonomyEffectivenessWar machineParanoïaConviviality50510Highcharts.com

Professional experiences

Since 2020 – Sinch

Operations, Security & Software Engineer
Global deployment of Campaign Manager
  • Moving from baremetal to cloud:
    • Step by step moving from Baremetal to cloud.
    • Adding infrastucture as code.
    • Extracting components to use managed ones.
  • Being aware of what’s happening:
    • Getting a clear monitoring and alerting solution.
    • Adding telemetry to the existing applications.
    • Worked with security team to send them the good logs.
    • Holacracy organization for clear accountabilities and roles.
  • Enabling team:
    • Sharing knowledge is the most important thing.
    • Don’t hide the complexity, learn how to manage it easily and reducing it.
    • Code review, peer programming, mob programming.
Achievements
  • Successfully deployed on multiple regions the Campaign Manager:
    • Reduced to some configuration a new region creation.
    • Moved from Baremetal server runing applications to ECS services.
    • Adding CI tool able to deploy on barmetal servers and cloud services at the same time.
  • Implementing Opentelemetry to legacy applications
  • Adding an On call system focused on the heart on the business.
Created with Highcharts 8.2.0SkillsSystemsDatabasesCloud providersCloud abstratorsPerformance monitoringAutomationLanguagesMiscellaneousHighcharts.com
Linux
Postgresql
Influxdb
DynamoDB
MongoDB
AWS
Scaleway
GCP
Azure
Kubernetes
Crossplane
Knative
Opentelemetry
Prometheus
Terraform
Packer
CDK
Ansible
Gitlab
Bash
Python
Opsgenie
Checkly

2018-2020 – LGO

Infrastructure and security engineer
Creation and maintenance of platforms dedicated to the finance in the cloud
  • Infrastructure as code :
    • Build, development and maintenance of immutable infrastructures.
    • Automation of tests, builds and deployments.
    • Systems bounded contexts breakdowns to reflect the application.
  • The research for performance and security:
    • A centralized distributed platform logging infrastructure.
    • Application and system performance monitoring.
    • Security event monitoring.
  • Within an experienced team:
    • Strong XP team, trustworthy and giving the necessary autonomy to be efficient.
    • Fascinating cryptography topics.
    • Code review, peer programming, mob programming.
    • Participation in events such as the Agile Open forum or Newcrafts.
    • Threat of real hacking, it’s millions of dollards that pass through our infrastructure every day.
Achievements
  • Guarantee of the functional state of the platform via an immutable infrastructure:
    • Planning and execution of updates are simple.
    • Auto healing system.
    • Duplication and updates of environments facilitated and automated throught the CI
  • Build of a zero trust network with Consul Connect.
  • Centralized logging with Elastic and performance monitoring via Prometheus and centralization via Thanos or Jaeger Tracing.
  • Build a program and analysis of the reports of the Bug Bounty (Yeswehack).
Created with Highcharts 8.2.0SkillsSystemsDatabasesHa/webVirtualizationAutomationNetworkMiscellaneousHighcharts.com
Linux
MySQL
Elasticsearch
HA-Proxy
Keepalived
Corosync
Apache
Tomcat
RHVM/Ovirt
Libvirt
Docker
Vagrant
Ansible
Puppet
Gitlab-CI
Ansible AWX
Cisco ASA
Juniper
Stormhield
Cisco Catalyst
H3C
HP Procurve
Snort
Rsyslog
Logstash
Kibana
Grafana
Telegraf

2013-2018 – Orange Applications for Business

Responsible for system and network architecture of payment platforms, security and support Level 3
Administrator on nearly 200 machines and 70 network equipments
  • In charge of building, securing, day to day operations and PCI-DSS compliance. Participation in audits, definition of remediation plans:
    • Network on all PCI-DSS OAB platforms (virtual credit card service, web stores, …).
    • Systems and networks of the Credit card payment platform of the orange.fr store and various major accounts.
  • In charge of the security, design and administration of the payment platforms: :
    • IBAN entry and their tokenization of the stores sosh.fr and orange.fr.
    • Credit card payment servers via short code on the Orange France SS7 mobile.
Achievements
  • Interventions on high traffic portals, involving night operations, research of solutions to reduce downtime.
  • Development through Ansible role testing, implementation of continuous integration and use of lynis to perform CIS scoring.
  • Implementation of a PCI-DSS compatible continuous delivery system via Gitlab-CI, Ansible and AWX.
  • Build of a RHVM-based private cloud.
  • Transition from single site architecture to multi-site active-active architecture pemitting updates during office hours.
  • Reduction of firewall cluster update times and zero downtime upgrades.
  • Creation of bench indicators, auditing and performance optimization from the hardware of servers to applications such as MySQL or Apache.
  • Upgrade of tri-site infrastructure hosting the Orange voice services for end users so that there are no more service interruptions.
  • Redesign and automation of the installation with Ansible of the Voice Server infrastructure to switch to VOIP, in active-active bi-site.
  • Reducing deployment time from 2 days for a server to 10 servers in 2 days.
Created with Highcharts 8.2.0SkillsSystemsDatabasesHa/webErpMonitoringVirtualizationNetworkBackupMiscellaneousHighcharts.com
HP/UX
Linux
Oracle
MySQL
Elasticsearch
Citrix Netscaler
Redhat cluster suite
Apache
SAP
Nagios
Thruk
Cacti
PNP4Nagios
Icinga
Gearmand
HPSIM
SNMP
VMware Vsphere
HyperV
Fortinet
NetAsq
Cisco PIX
H3C
HP Procurve
HP IMC
Dataprotector
Symantec Backup Exec
TINA
GLPI
OCS Inventory
mediawiki
Rsyslog
Logstash
Kibana

2007-2013 – Cheops Technology France

Monitoring manager, Level 3 support
In charge of the monitoring of more than 2000 devices and Level 3 support
  • Around-the-clock support, administration, audit and optimization.
  • Incident Manager from 2008 to 2010.
Achievements
  • We have built up an outsourcing service from scratch for clients ranging from cosmetics giants to clinics or high traffic webshops.
  • Certification as a Health Data Hosting provider.
  • Implementation of multi-site DRP/BCP (Load balancing, geoDNS, boot on SAN, DB replication).
  • Network administration in a private and shared cloud environment.
  • Adaptation of tools using PHP, MySQL and JavaScript, including the creation of a Nagios/GLPI communication interface.
  • Business process development and application of ITIL methodology:
    • Implementation of a CMDB, an SLA and incident management based on GLPI and OCS inventory.
    • Implementation of a documentation and knowledge base under mediawiki and design of page templates.
    • Writing of operating procedures, incidents and architecture documents linked with monitoring alarms and incident procedures.
  • Build of an ELK log management system ingesting more than 2000 messages per second.
Created with Highcharts 8.2.0SkillsSystemsDatabasesErpBackupHighcharts.com
HP/UX
Linux
FreeBSD
Oracle
MySQL
SAP 47/46/40B
SAP BW 7.0
Dataprotector
Fbackup

2004-2007 – Arexia SAS

SAP Administrator
In charge of SAP, Oracle and Unix administration
  • SAP software bug report management.
  • Implementation and management of backup strategies.
  • Management, intervention and resolution of hardware and software incidents.
  • Development of programs reducing the time of daily tasks.

Personally

  • My experience of server security was originally a personal need, because I practice self-hosting: Github
  • Being passionate about home automation, I have a solution that does not require a cloud provider.
  • I maintain archlinux packages either on the AUR or on github : Me or Another Me
  • I have tested technologies such as OCR, computer vision and speech recognition. These tests are available on my github.

Background

  • 2021 – Domain Driven Design stratégique
  • 2016 – EC-Council Certified Ethical Hacker v8
  • 2013 – MySQL Tuning
  • 2004 – BTS Informatique de gestion
  • 2002 – Baccalauréat S

Languages

  • French
  • English