01111001 01101111 01110101 00100000 01110111 01100001 01101110 01110100 00100000 01110100 01101111 00100000 01101000 01101001 01110010 01100101 00100000 01101101 01100101
01100111 01101111 01101111 01100100 00100000 01100011 01101000 01101111 01101001 01100011 01100101
Stéphane REVEL
Architect of secure information services
Graduate Engineer, IT manager, 15 years experience, UNIX, ISO 27001 Lead Implementer, GCIH
experience
From 2016 Lead Architect at the European Commission Luxembourg
This program is an SLA-driven managed service at the Directorate-General for IT of the
European Commission. As Lead Architect, I am responsible for Service Design, heading
a team of 15 senior IT architects on technologies such as database, application servers,
web servers, monitoring, CMDB, etc. My main responsibilities are:
coordination of the service design effort across technologies in collaboration
with project management (about 50 projects yearly);
day-to-day team management and recruitement;
transformation of the delivery process to improve its efficiency.
I am also a member of the core team managing the entire 100-persons program, which
is operated by eProseed and 3 other companies.
2014-2016 Head of IT at eProseed Windhof
eProseed is a mid-size Oracle Platinum partner, mainly delivering solutions based on
Oracle Fusion middleware products. I was heading IT, a department dealing with in-
ternal IT, cloud operations and delivery of customer infrastructure projects. The team
was composed of 6 people in Luxembourg and Portugal. My responsibilities included:
the management of the IT infrastructure team;
the internal IT architecture, operations and budget;
the management of IT hosting and managed services operations for customers;
the delivery of IT infrastructure projects to customers;
the relationships with customers and suppliers;
the ISO 27001 certification project.
2009–2014 Operations and Security Manager at VBS (formerly Learch )Capellen
Learch (Luxembourg e-Archiving) was a company offering legal digital archiving as a
service, for which I was the Director of operations, chartered by the CSSF (Financial
Sector Regulation Commission), and Information Security Manager. My responsibili-
ties included:
the architecture and evolutions of the technical platform;
the IT and operations budget;
the management of the IT team, the operations and the projects;
the management of the ISO 27001 certification: from initial setup of the Infor-
mation Security Management System to its operation;
the technical relationships with partners, clients and suppliers.
Learch has been fusioned into Victor Buck Services (VBS) end of 2013.
2010–2012 National expert of IT security at ILNAS Luxembourg
Registered as a National Expert of the Luxembourgish Normalisation Office (ILNAS) for
the ISO/IEC SC27 technical normalisation committee, ”IT security techniques”.
2005–2009 Unix systems architect at the European Commission Luxembourg
At the DataCentre of the European Commission, system administration (25%) and
projects (75%) on a production farm of 700 Solaris servers and 100 Linux servers in
a multicultural team of 10. Intensive use of SunCluster, SunFire 25K platforms, Solaris
zones. Engineering and documentation on projects linked with operational activities.
Some projects:
Definition and implementation of a reference configuration for Solaris 10. Tech-
nologies: Solaris Jumpstart, Zones, ZFS, Cfengine.
Design and setup of a tool and procedures allowing to reinstall Solaris with a min-
imal downtime for users (1 reboot). This has been used to upgrade all servers.
Technologies: Solaris Jumpstart, Perl scripting.
misc
born Aug. 3rd, 1979
French nationality
driver’s license
contact
Living in
Luxembourg-city
+352 661 810 723
contact@srevel.org
http://srevel.org
languages
French
Native
English
Fluent, TOEFL level
647 (2001), main
working language
for 10 years
C1 level
Portuguese
Good understanding
B1 level
German
Good notions
A2 level
interests
travelling, scuba
diving, hiking,
litterature, science,
cooking and wines,
modern art
2002-2005 Systems engineer at AR Systèmes, BNP Paribas group Nanterre
Systems and network engineering in a UNIX environment. Architecture, SAN (HDS
hardware) and SunONE servers deployment. Consulting, specifications, deployment,
project management, tests, support, for middle to large clients and administrations,
mainly in banking. Some projets:
Setup of a pilot architecture for the datacenter BCP of Natexis Banques Popu-
laires. I have been taking care of the AIX part of the project. Technologies: AIX,
booting from SAN (EMC).
— Benchmarking and performance tuning of a Java application running on
AIX/SunONE WebServer at the French Ministery of Finance. Technologies: Ra-
tional Test Manager, SunONE WebServer, Tomcat, Java tuning.
Development of a specific SunCluster agent to make highly available the Trema
Finance Kit application, new trading room back-office software at the Banque de
France. Technologies: Solaris, SunCluster API.
education
1997–2002 Diplôme d'Ingénieur and Master's degree at ESIEE-Paris Noisy-le-Grand
Graduated from ESIEE-Paris, an Engineering School in 5 years where I had a 3-years
scientifical and technical core curriculum, followed by 2 years of specialization in em-
bedded systems and real-time computing.
2000 Bachelor's degree at University of Paris-Est Marne-la-Vallée
During my studies at ESIEE, I obtained a licence EEA (Bachelor’s degree in electronics,
electrotechnics and automatism), systems engineering option.
training and certifications
2015 Oracle Certified Professional certifications Oracle
FS1 Series Systems Implementation Specialist;
Solaris 11 System Administrator.
2014 GCIH certification: security incidents response SANS/GIAC
SANS SEC-504: one week of training on hacker techniques, exploits, and information
security incident handling, followed by the GCIH certification: GIAC Certified Incident
Handler. Certificate valid until Oct. 2018.
2013 Certified ISO 27001 Lead Implementer HSC/LSTI
One week of training and exam on implementing Security Management Systems com-
pliant with ISO 27001. Access to the Lead Implementer grade based on my actual work
experience. LSTI certificate #1104, valid until Sep. 2016.
2010 Information Security Management CRP Henri Tudor
46 hours of training on ISO 27001 Information security management and ISO 27005
Risk analysis.
2008 ITIL v3 Foundation certification EXIN/ITIL
Sun Certified System Administrator for Solaris 10 Sun Microsystems
2004 IBM AIX 5 training and certification IBM
Training: AIX administration on pSeries, part I and II. Certification: IBM Certified Spe-
cialist - pSeries AIX 5L System Administration.
2002 Solaris 9 certifications Sun Microsystems
Sun Certified System Administrator for Solaris 9;
Sun Certified Network Administrator for Solaris 9.
skills
Management
Experience with team management and project management, recruitement, service de-
sign, organizing security audits and responding to audits, setting up and managing an
IT budget (≈700k€), reporting, dealing with suppliers.
Systems
Advanced knowledge of Solaris administration. Experience with Linux, AIX, OS X,
FreeBSD. Experience of Oracle Sun hardware from workgroup to high-end. Solaris Clus-
ter, Veritas VM, ZFS, Solaris Zones. Virtualization with VMware ESX and Oracle VM.
Centralized configurations with Cfengine.
Network
Network architecture. Administration of LAN core switches (Extreme Networks, HP)
and InfiniBand (Mellanox).
Storage
SAN and NAS technologies. Administration of HDS 95xx arrays, Oracle ZFS appliances
and Oracle FS1 systems, Brocade and Cisco MDS switches. Backup based on Net-
Backup, Time Navigator and Netvault.
Security
Security management: Good theoretical and practical knowledge of the ISO 27k family
of standards and the risk-based approach. Theoretical, thanks to the trainings I have
followed and my involvement as a national ISO expert. Practical, because I have imple-
mented and maintained an ISMS which got the ISO 27001 certification.
Security technologies: administration of Fortigate and Juniper firewalls and Cisco Iron-
port email security. Experience of VPNs, access controls, encryption, SIEM solutions
such as Splunk. GCIH certified.
e-Archiving
Good knowledge and experience of digital archiving: standards ISO 14721 (”OAIS”), ISO
15489 (”Records Management”), MoReq2. Advanced experience as an administrator
and integrator of the Infotel Arcsys archiving platform.
Programming
I do not program much anymore but I have been using Perl, Unix Shell, Java and PHP
significantly. I have also had experience with C/C++, assembly (78K0, DSP T.I, ...), m4,
Qt. System and real-time programming, distributed real-time.