Icham Berreghioua
Senior Integration & API Architect
47 years old
Employed
Open to opportunities
Integration & API architect specializing in backlog management and prioritization, bridging
business requirements with critical platform capabilities including performance, security, and reliability. I orchestrate the design, build, & delivery of cross-system exchanges, ensuring robust release management through CI/CD pipelines and IaC. This approach has significantly enhanced the stability of our production "Enterprise Integration Platform" - something I'm particularly proud of.
My drive in IT comes from simple principles: precision, efficiency, and doing things right the first time. Within Agile frameworks, I've learned to always start with the people and processes involved before
jumping to technical solutions. This helps our team develop and maintain scalable middleware platforms that actually meet business needs while delivering on performance (those SLAs matter!) & balancing the eternal triangle of scope, schedule, and budget.
business requirements with critical platform capabilities including performance, security, and reliability. I orchestrate the design, build, & delivery of cross-system exchanges, ensuring robust release management through CI/CD pipelines and IaC. This approach has significantly enhanced the stability of our production "Enterprise Integration Platform" - something I'm particularly proud of.
My drive in IT comes from simple principles: precision, efficiency, and doing things right the first time. Within Agile frameworks, I've learned to always start with the people and processes involved before
jumping to technical solutions. This helps our team develop and maintain scalable middleware platforms that actually meet business needs while delivering on performance (those SLAs matter!) & balancing the eternal triangle of scope, schedule, and budget.
- English: Professional working proficiency (B2).
-
- Environments & Configuration Management,
- Environments & Configuration Management,
-
- Technical Dependencies Management,
- Technical Dependencies Management,
-
- Cross-team Technical Coordination & Arbitration,
- Cross-team Technical Coordination & Arbitration,
-
- Service Continuity as outcome for Disaster Recovery Plan,
- Service Continuity as outcome for Disaster Recovery Plan,
-
- Technical Communication & Documentation,
- Technical Communication & Documentation,
-
- Roadmap Management & Strategic Planning.
- Roadmap Management & Strategic Planning.
-
- API Governance & Integration Architecture,
- API Governance & Integration Architecture,
-
- API Lifecycle Management & API Gateway patterns
- API Lifecycle Management & API Gateway patterns
-
- Integrated Environments Configuration & Services Release Management,
- Integrated Environments Configuration & Services Release Management,
-
- DevOps, CI/CD Pipeline Processes Implementation,
- DevOps, CI/CD Pipeline Processes Implementation,
-
- System Observability & Cross-environment Monitoring.
- System Observability & Cross-environment Monitoring.
-
- Hybrid Cloud Architecture (Azure/On-prem integration)
- Hybrid Cloud Architecture (Azure/On-prem integration)
- Azure EntraID & AD B2C for consumer/resource owner identity in API integration
- Azure Landing Zones & Hub’n’Spoke infrastructure implementation
- Azure Services: App Services, Functions, APIM, Event Grid
- Certification Path: AZ-104 in progress → AZ-305 (Solutions Architect)
- Security Architecture Design & Integration,
- Multi-vendor Security Solutions,
- Security Testing, Auditing & Incident Response,
- Risk Analysis & Compliance Frameworks
-
- OSI Model as systems communication framework,
- OSI Model as systems communication framework,
-
- API-First as design approach,
- API-First as design approach,
-
- DevOps as cultural mindset,
- DevOps as cultural mindset,
-
- ITIL / TSDANC as service management framework,
- ITIL / TSDANC as service management framework,
-
- Agile and waterfall as project management methodologies,
- Agile and waterfall as project management methodologies,
-
- GitOps as operational framework.
- GitOps as operational framework.
-
- Implemented three-stage release process (VALIDATE-CREATE-DEPLOY) across DEV→QA→ACP→PROD environments
- Implemented three-stage release process (VALIDATE-CREATE-DEPLOY) across DEV→QA→ACP→PROD environments
-
- Minimized cross-environment inconsistencies through standardized deployment protocols
- Minimized cross-environment inconsistencies through standardized deployment protocols
-
- Drove declarative YAML-based deployment configuration contracts with environment-specific overrides
- Drove declarative YAML-based deployment configuration contracts with environment-specific overrides
-
- Enhanced deployment efficiency using differential deployment technology
- Enhanced deployment efficiency using differential deployment technology
-
- Established automated dependencies validation gates between environments
- Established automated dependencies validation gates between environments
-
- Developed Git tagging system and ELK dashboards for real-time environment monitoring
- Developed Git tagging system and ELK dashboards for real-time environment monitoring
-
- Standardized testing using Postman collections and reference transaction logs
- Standardized testing using Postman collections and reference transaction logs
-
- Created CoVAT Framework: Technical Architecture Validation Committee now used IT-wide
- Created CoVAT Framework: Technical Architecture Validation Committee now used IT-wide
-
- Security-by-Design Integration: Embedding security from DEV to PROD without impacting agility
- Security-by-Design Integration: Embedding security from DEV to PROD without impacting agility
-
- Team Leadership: leads 8 technical experts through influence without hierarchy
- Team Leadership: leads 8 technical experts through influence without hierarchy
Technical Product Owner & Platform Architect - Enterprise Integration Platform (EIP)
Touring Club Suisse
Since June 2022
Switzerland
- Product Innovation: Created "TCS API Factory" - a self-service integration product enabling seamless project delivery across TCS. The underlying EIP platform provides the technical foundation and governance framework supporting this business-facing solution.
TCS API Factory Capabilities:
- Product-as-a-Service: Self-service integration for TCS projects with standardized templates
- Developer Experience: GitOps-driven deployment reducing 60% design-to-delivery time
- Enterprise Governance: Built-in security validation and compliance frameworks
- Business Impact: 40% reduction in production issues through standardized patterns
Built on robust EIP technical foundation:
Technical oversight of mission-critical Enterprise Integration Platform with 8 Subject Matter Experts & through a clear Backlog as the single source of work for our Scrum transversal team. We establish the standards, reusable services, and platform capabilities that enable integration developers to deliver quickly and consistently—ensuring all business services follow unified patterns. This standardization dramatically simplifies operational maintenance and impact analysis when changes are needed.
The platform operates at scale, supporting:
- 1.5 million members
- 2.5 million insurance policies
- 400,000 annual interventions
- 340+ exposed APIs
- 100+ client applications
Technical Leadership & Architecture Governance:
- Member of TCS Architecture Board
- Founder and co-facilitator of TCS Technical Architecture Review Board
- Technical authority for IT Platforms non-functional requirements
- Technical Product Owner of the EIP
"EIP" Platform Governance structured across:
-
Control Plane:
- Orchestrating platform component configurations & deployments
- Managing secure release lifecycle across environments & dependencies between integrated components
- Coordinating deployment activities between technical teams i.e. Dev/Ops
- Orchestrating platform component configurations & deployments
-
Data Plane:
- Processing & routing traffic within the integration ecosystem
- Ensuring reliable runtime operations for data flows
- Processing & routing traffic within the integration ecosystem
-
Management Plane:
- Comprehensive monitoring of Data Plane traffic, errors & performance
- End-to-end tracking of Control Plane deployment activities
- Providing visibility on environment configurations
- Comprehensive monitoring of Data Plane traffic, errors & performance
Data Modeling Support:
Supported Business Object Model (BOM) implementation enabling business teams to standardize domain objects, then drove the design of the corresponding Exchange Object Models (EOM) for JSON-based API data transformation.
Key Achievements:
- 40% reduction in production issues achieved through:
- Component-specific templates implementation for streamlined artifact building with comprehensive AAA framework
- Standardization of deployment processes across environments
- Unified CI/CD pipeline establishment through standardized build and deployment processes
- Definition of OPS-validated, as secured-by-design, integration patterns ensuring production readiness
- Risk mitigation via standardized security patterns and environment-specific access controls
- Component-specific templates implementation for streamlined artifact building with comprehensive AAA framework
- 60% improvement in design-to-delivery timeframes via:
- Development of self-service tools through GitOps
- Optimization of technical experts and resources allocation
- Standardization of deployment processes with clear validation gates
- Implementation of security validation gates within CI/CD pipelines
- Development of self-service tools through GitOps
- Product-as-a-Service: Self-service integration for TCS projects with standardized templates
IT Solutions Architect
Touring Club Suisse
January 2020
to May 2022
Full-time
Geneva
Switzerland
- Architecture & Integration:
- Led design, build & deployment of 30 communication interfaces for our new insurance policy center solution,
- Developed an API-First integration framework structured in three areas:
- Enterprise Core Systems for applications with long release cycles and complex testing environments,
- API Integration Layer for standardized systems exchanges,
- Agile Applications Ecosystem for applications with rapid release cycles.
- Enterprise Core Systems for applications with long release cycles and complex testing environments,
- Integrated security frameworks (OidC, OAuth 2.0, mTLS) throughout API ecosystem,
- Established security validation processes for environment-specific compliance requirements.
- Azure landing zone implementation supporting critical enterprise data platform and SAS Viya analytics solution
Environment Standardization:
- Established "System Process" diagram templates to represent end-to-end interactions, including AAA security frameworks and integration patterns,
- Transformed manual practices into formal environment-specific configuration standards and documentation,
- Enhanced cross-team collaboration through accessible technical documentation.
- Led design, build & deployment of 30 communication interfaces for our new insurance policy center solution,
Senior Network & Security Engineer
Touring Club Suisse
April 2011
to December 2019
Full-time
Genève
Switzerland
- Infrastructure & Middleware:
- Supported selection & implemented platform technologies, establishing foundation for our New Integration Platform,
- Designed and deployed it as a three-tier platform with clear separation of concerns:
- API Gateways - as Single Point of Secure Access for Data in Transit,
- Enterprise Service Bus - as Single Point of Orchestration for Data in Transit,
- Message Queues - as Single Point of Safety for Data in Transit,
- API Gateways - as Single Point of Secure Access for Data in Transit,
- Redesigned and deployed Internet Edge infrastructure for multi-environment CRM SaaS access.
Service Continuity:
- Implemented automated failover procedures between production and disaster recovery environments,
- Designed and implemented high-availability architecture with environment-specific redundancy levels across DEV, QA, ACP and PROD thus enhancing protection for production systems,
- Conducted periodic HA/DR testing according to FMEA scenarios.
Security & Compliance:
- Implemented PCI DSS compliant architecture with segmentation and access controls,
- Deployed behavioral analysis systems for workstation monitoring and threat detection,
- Configured SIEM correlation for security event analysis and compliance reporting,
- Established multi-vendor WAF protection for web application security.
- Supported selection & implemented platform technologies, establishing foundation for our New Integration Platform,
Network & Security Engineer
Touring Club Suisse
March 2008
to March 2011
Full-time
Geneve
Switzerland
- Executed zero-downtime Data Centers migrations with minimal impact across systems and applications environments,
- Disaster Recovery architecture implementation for critical systems (CRM, case management, policy center),
- Optimized WAN performance and consolidated IT services according environments constraints,
- Ensured security compliance across DEV, QA, ACP and PROD environments.
- Executed zero-downtime Data Centers migrations with minimal impact across systems and applications environments,
Previous Experience
British Telecom, Orange Business Services & other IT services company
July 1998
to February 2008
-
Network & Security Engineer | IT services company, France | 2007-2008
-
Technical Support then Network Operations Center Support | IT services companies, France | 2002-2007
-
Global Customer Assistance Tech Support | British Telecom, Netherlands | 1998-2001
Key skills: Incident management (ITIL/TSDANC methodologies), network & security infrastructure deployment, technical documentation standardization & cross-team coordination across distributed systems and environments.-
Network & Security Engineer | IT services company, France | 2007-2008
DUT Génie des Télécommunications & Réseaux
Institut Universitaire de Technologie de Béthune (62 - France)
September 1996
to June 1998
Certifications
Cisco Certified Network Associate
from 2001 to 2020
Microsoft AZ-104 (Azure Administrator Associate)
in progress as prerequisite to get Microsoft AZ-305 (Azure Solutions Architect Expert)