Profile
I am an experienced professional with expertise in cloud security, DevOps, and system administration. My career spans roles as a Senior DevOps, DevSecOps Specialist, Technical Product Owner, DevOps Specialist, Security Analyst, and System Administrator across diverse environments. I excel in designing and implementing secure IT solutions, automating processes, and optimizing performance to strengthen operational resilience and meet business objectives.
Work Experience
Senior DevOps
Sherweb / Sherbrooke, Quebec, Canada / December 2024 - Now
As a Senior DevOps within the Platform Engineering team, I am responsible for ensuring the seamless deployment, management, and scalability of critical infrastructure and platforms:
- Managing Kubernetes clusters hosted in Microsoft Azure AKS to ensure robust and efficient application orchestration
- Administering both cloud-based and on-premise infrastructures using Terraform and Ansible for infrastructure automation and consistency
- Managing the configuration, maintenance, and optimization of Windows and Ubuntu servers, ensuring system reliability and compliance
- Managing and enhancing CI/CD pipelines, primarily through Azure Pipelines to automate the deployment of services in Kubernetes clusters
- Defining the roadmap to align platform engineering goals with organizational objectives and technical innovations
Environments
Kubernetes, Microsoft Azure, Azure Kubernetes Service (AKS), Azure DevOps, Azure Pipelines, Datadog, Elastic Cloud, Windows Server, Ubuntu Server, MicroK8S, Istio, Calico, ArgoCD, Python, MongoDB Atlas
DevSecOps Specialist
PixMob / Montreal, Quebec, Canada / July 2022 - December 2024
As the lead DevSecOps specialist within the Software team, I designed and implemented the cloud infrastructure hosted on the Google Cloud Platform (GCP) and established robust security guidelines and infrastructure:
- Created and executed a strategic security roadmap to improve the security posture and address existing gaps, ensuring alignment with business objectives and regulatory requirements
- Designed and deployed GitLab CI pipelines to automate the deployment of services within our cloud infrastructure, improving the software development life cycle
- Implemented security best practices and fortified our cloud infrastructure, as well as other solutions in our portfolio, to mitigate potential risks and vulnerabilities
- Deployed and integrated advanced security application testing mechanisms, including secret detection and Static Application Security Testing (SAST), to proactively identify and address security vulnerabilities
- Conducted regular security assessments, vulnerability scans, and penetration testing to identify and remediate security weaknesses, ensuring continuous compliance with industry standards and best practices
- Established monitoring and incident response protocols to detect, respond to, and recover from security incidents, minimizing potential impacts
Environments
Google Cloud Platform (GCP), Google Kubernetes Engine (GKE), Datadog, Security Command Center, Cloud Run, Cloud SQL, MongoDB Atlas, PostgreSQL, Terraform, Ansible, GitLab, GitLab CI, Amazon Web Services (AWS), Javascript, Typescript, Next.js, React, Express.js, Python, Docker, Jira
Technical Product Owner
Intact / Sainte-Hyacinthe, Quebec, Canada / August 2021 - June 2022
As a Technical Product Owner in the security operations team, I lead my team in implementing and maintaining solutions to enhance Intact's security posture:
- Created and executed a strategic security roadmap to improve the security posture and address existing gaps, ensuring alignment with business objectives and regulatory requirements
- Worked with internal and external auditors to design and implement necessary security controls, ensuring compliance with industry standards and best practices
- Collaborated with the architecture team to design and optimize the existing SIEM infrastructure, enhancing detection and response capabilities
- Partnered closely with the security incident response team (SIRT) to ensure our SIEM solution met operational needs and improve threat detection and response efficiency
- Planned and prioritized sprint activities, setting clear goals to maximize value delivery and improve overall project outcomes - Regularly communicated with stakeholders, providing updates on SIEM solution progress, gathering feedback, and making data-driven decisions to enhance system performance
- Implemented a continuous improvement process for the SIEM solution, incorporating feedback and new technologies to stay ahead of emerging threats like threat intelligence and threat hunting
Environments
Microsoft Azure, Microsoft Sentinel, Log Analytics Workspace (LAW), Elastic Stack, Microsoft 365 Defender, Ansible, Ubuntu, Logic Apps, Function Apps, Azure AD, GitHub Enterprise, Grafana, MITRE ATT&CK, Jira, Confluence
DevOps Specialist
Intact / Sainte-Hyacinthe, Quebec, Canada / April 2019 - August 2021
As a DevOps Specialist in the identity and access management (IAM) team, I contributed to enhancing the efficiency and security of the IAM infrastructure:
- Developed and refined Ansible playbooks for automating the deployment and configuration of IBM Security Access Manager, IBM Security Directory Suite, and Citrix ADC appliances, ensuring secure and consistent environments
- Implemented configurations, patches, and vulnerability mitigation strategies across various platforms using Ansible, reducing vulnerabilities and ensuring compliance with security policies
- Managed and configured Identity and Access Management (IAM) platforms, streamlining access control and improving security measures
- Set up monitoring and alerting systems to detect and respond to operational and security incidents promptly, minimizing potential impact
- Developed Python scripts for automating security tasks and processes, enhancing operational efficiency
Environments
Ansible, IBM Security Access Manager, IBM Security Directory Suite, Citrix ADC, RHEL, Python, Docker, Terraform, GitHub Enterprise, GitLab, Jira
Full-Stack Developer
SCFJ / Montreal, Quebec, Canada / January 2018 - April 2019
As a Full-Stack Developer, I developed an internal web application to streamline the time-tracking process for freelancers at SCFJ:
- Designed the user experience and user interface of the web application using Figma, ensuring a user-friendly and visually appealing product
- Built the web application from the ground up using React, Redux, and Django REST framework, delivering a robust and responsive solution
- Developed a REST API with Django REST framework to facilitate seamless communication between the front-end and back-end
- Implemented unit tests, integration tests and end-to-end (E2E) tests using Jest, Enzyme and Selenium to ensure code quality and reliability
- Monitored project progress and deliverables, ensuring timely completion and organization
- Applied IaC principles to deploy and configure the Google Kubernetes Engine (GKE) platform using Terraform, enhancing deployment efficiency
- Deployed GitLab CI pipelines to automate the deployment process, ensuring continuous integration and delivery
- Incorporated basic security practices in the application development lifecycle to ensure secure code and deployment
Environments
JavaScript, HTML, SCSS, React, Node.js, Django REST framework, Python, Redis, Jest, Enzyme, Selenium, Docker, Google Cloud Platform (GCP), Google Kubernetes Engine (GKE), Terraform, Ubuntu Server, Figma, Trello
Security Analyst
CGI / Montreal, Quebec, Canada / June 2017 - December 2017
As a Security Analyst within the GTO business unit, I specialized in email security and monitoring to mitigate security risks:
- Analyzed email logs to proactively identify, prevent, and block potential threats such as SPAM, phishing attacks and other attack vectors
- Managed and administered the Proofpoint-on-Demand (POD) platform to enhance email security and threat detection capabilities
- Supported and maintained the Symantec Email Protection (SEP) platform, ensuring reliable email filtering and protection against emerging threats
- Administered the Sophos SafeGuard encryption platform for CGI workstations, safeguarding sensitive data and ensuring compliance with security policies
- Collaborated within ITIL incident and change management processes, ensuring efficient handling of security incidents and changes while adhering to best practices
- Implemented and maintained operational procedures to enhance email security posture and response capabilities
Environments
IT Service Management (ITSM), ServiceNOW, Proofpoint-on-Demand (POD), Symantec Email Protection (SEP), Sophos SafeGuard
System Administrator
CGI / Montreal, Quebec, Canada / November 2013 - October 2017
As a System Administrator within the Microsoft Center of Expertise (MCoE) business unit, I specialized in managing Windows Server, SharePoint, SQL Server, and Microsoft Azure environments to ensure optimal performance and security:
- Developed and maintained PowerShell scripts to automate deployment, configuration, and monitoring for SharePoint environments, improving operational efficiency
- Designed, deployed, and managed multiple Active Directory, ADFS, Web Application Proxy (WAP), and Dynamics CRM environments on Microsoft Azure, ensuring scalable and secure infrastructures
- Installed and configured highly available clustered environments for SharePoint Server (2007, 2010, 2013) and Project Server (2010, 2013), optimizing performance and reliability
- Conducted comprehensive workload tests to identify and address performance bottlenecks, enhancing overall SharePoint environment performance
- Led and executed migrations of SharePoint environments to newer versions, ensuring minimal downtime and seamless transition - Implemented security best practices and configurations across SharePoint, SQL Server, and Azure environments to safeguard data and comply with organizational policies
- Collaborated with cross-functional teams to troubleshoot complex technical issues and provide timely resolutions
Environments
PowerShell, Windows Server (2008 R2, 2012 R2), Active Directory, DNS Server, Group Policies, Microsoft Azure, Dynamics CRM (2011, 2013, 2015, 2016), ADFS, Web Application Proxy (WAP), SQL Server (2008 R2, 2012, 2014), SSRS, SharePoint Server (2010, 2013, 2016), Project Server (2010, 2013, 2016)