Florian Vichot
Principal Engineer

Geelong, Australia
Dual citizen, French/Australian
+61 402 936 579
florian.vichot@gmail.com
fvichot fvichot

PDF
An accomplished software engineer, I have over fifteen years of experience in both development and operations. Well-versed in multiple programming languages, tools and technologies, I'm also a seasoned technical leader and mentor. While particularly drawn to Automation, DevOps, Infrastructure or Backend Engineer roles, I excell that involve varied problems as part of a talented team. Organisations involved in open-source, sustainability or serving the public interest are especially attractive.

Skills

  • Pragmatic approach to complex problems, from tactical short-term goals to long-term strategic vision
  • Experienced in leading teams, acting as technical referent, mentoring other engineers
  • Effective at helping teams plan and prioritise work, negotiating roadmaps with stakeholders
  • Track record of advancing code and infrastructure quality, performance and maintainability
  • Dedicated to automating time-consuming and error-prone tasks

Experience

Cisco MerakiRemote, Australia
Principal Engineer - SRE / Platform EngineeringFebruary 2023 to July 2025
  • Acted as the technical advisor for Platform Engineering, a grouping of 7 teams and 35 engineers, by building a shared vision, advising managers, unblocking projects, and promoting cross-collaboration.
  • Convened with other Principal Engineers, VPs and Directors to identify and align on priorities
  • Mentored several Technical Leaders, with weekly one-on-ones to discuss technical challenges, career aspirations and leadership development.
  • Continued to help lead the monolith transition into Kubernetes, including the creation of in-house bare-metal Kubernetes clusters using ClusterAPI, as well as a custom L3 service mesh using wireguard to ease service migration.
Senior Technical Leader - SREMay 2021 to February 2023
  • Continued to lead the Kubernetes implementation. Grew it to over 40 clusters worldwide, including AWS China, and FedRAMP-certified clusters. Hired and trained a team to take over this platform.
  • Identified a memory leak in the Linux kernel as the source of server crashes using bpftrace and the crash kernel debugger. Implemented a remediation of last resort as a kernel module, which over 18 months mitigated over 25,000 leaks, avoiding thousands of server crashes.
  • Kick-started a multi-year initiative to migrate our monolith from bare-metal into Kubernetes, using custom tools and services.
Technical Leader - SREMarch 2019 to May 2021
  • Led the design and implementation of Meraki's AWS EKS-based Kubernetes platform, provisioned using Terraform and ArgoCD/Helm. It included Grafana SLO/SLI dashboards, Vector/Kinesis logging pipeline, Okta authentication, OTel/Prometheus metrics collection, Gitlab CI deployments, Kyverno admission control, strict default Pod Security Policies and Network Policies.
  • Designed and implemented a Haproxy-based on-prem proxy infrastructure, for exposing customer-facing services running in EKS on IP ranges owned by Meraki. At peak, it was handling 3 million concurrent connections.
  • On-call in a follow-the-sun schedule. Triaged PagerDuty alerts, investigated root-causes, deployed remediations or rollbacks, ran post-mortems.
VMTechSydney, Australia
DevOps EngineerAugust 2018 to February 2019
  • Design and implementation of a customer-facing graphs dashboard, using Python, SQLAlchemy and Flask, using APIs from Splunk, ElasticSearch, ScienceLogic EM7, CommVault and ServiceNow.
  • Improving automation scripts (a mix of Node.js, Python, Bash) for monthly report generation.
WifirstParis, France
Infrastructure & Automation EngineerApril 2016 to May 2018
  • Management of over 10,000 Linux routers using Ansible, to provide internet to ~500,000 users.
  • Developing Python/Bash services to configure iptables, routes, and supervision on Linux routers.
  • Designing and evolving our monitoring infrastructure for a large volume of data (150,000 devices supervised) using Python, Nginx, Django, PostgreSQL, Redis.
  • Writing code to configure various network equipment: Cisco, Zyxel, DLink.
  • Speaker at PyCon France 2017.
Inria, Asclepios LabSophia-Antipolis, France
Senior Software EngineerMarch 2012 to April 2015
  • Lead developer on medInria, a C++/Qt open-source medical image visualisation, processing and manipulation software, to add cardiac related functionalities.
  • Setup CI/CD using Jenkins, to test and build software on Debian, Fedora, OSX and Windows 7+.
  • Improved the reliability of medInria and its code quality by instituting code-reviews and a pull-request based workflow. Migrated the project to GitHub, reorganised, cleaned and simplified the source code, re-architected and updated the build/test system.
  • Evolved medInria's architecture to handle new functionalities, and transformed it into a framework for other projects using a plugin system.
  • Attended and presented at conferences (MICCAI), workshops (CTK), and contributed to scientific articles.
Telecoms Without BordersPau, France
Systems & Network EngineerSept. 2010 to Oct. 2011, April 2015
  • Deployed on various international missions in response to humanitarian emergencies: floods, influx of refugees, cyclone, conflict or famine, for a total of 5 months on mission. Established telephone operations for populations, installed network and satellite equipment for international relief organisations and the United Nations. Provided trainings.
  • Maintained and evolved TSF's infrastructure (website, email servers, storage server, equipment database, OpenBSD firewall).
  • Contributed to the TSFBox, a custom Linux router facilitating monitoring and optimization of internet connections provided during missions, with services written in Perl.
DiateamBrest, France
Software EngineerJune 2008 to April 2010, July/August 2007
  • Implemented a multithread RPC framework in C++/Qt4, and its code generator and test suite.
  • Lead developer on the Hynesim open source project (Hybrid Network Simulator): implementation in C++/Qt4 of virtual network components, custom GUI widget and of wrappers around different virtualization technologies (OpenVZ/LXC containers, Qemu/KVM VMs) using livbirt. Speaker for conferences at OSSIRB and Hack.lu 2008.
  • Contributor to IpMorph : TCP/IP stack fingerprint spoofing for containers and VMs. Speaker during Hack.lu 2009. Co-authored a publication.

Education

  • ENIB, National Engineering School of Brest, France from 2003 to 2008 (Master's Degree in Engineering).

Publications

Cardiac Interventional Guidance using Multimodal Data Processing and Visualisation: medInria as an Interoperability PlatformMidas Journal2012
Authors: F. Vichot, H. Cochet, B. Bleuzé, N. Toussaint, P. Jaïs, M. Sermesant
MedInria is a medical imaging application developed at Inria, which aims to provide clinicians with state-of-the-art algorithms for processing and visualising their images. In this article, we focus on its use in pre-surgery preparation for cardiac interventions, and the difficulties arising from the lack of standardisation of certain data formats and visualisation conventions.
IpMorph: fingerprinting spoofing unificationJournal in computer virology 6, no. 42010
Authors: G. Prigent, F. Vichot, F. Harrouet
Nowadays, there are a variety of tools for easily identifying the TCP/IP stack's fingerprint of a target machine. IpMorph allows this fingerprint to be concealed, and even mimicks the fingerprint of a chosen TCP/IP stack. This is done through live session tracking and packet rewriting. Its effectiveness against tools such as Nmap, Xprobe2, Ring2, SinFP and p0f is also detailed.