Abubakar Siddique
Verified Expert in Engineering
IT Security Consultant and Developer
Riyadh, Riyadh Province, Saudi Arabia
Toptal member since October 31, 2022
Abubakar is an information systems security professional with highly developed and result-driven skills and over 10+ years of experience designing, deploying, securing, operating, and troubleshooting medium and large enterprise networks. His strengths include working with multiple security solutions through industry-leading vendors to serve other clients worldwide.
Portfolio
Experience
Availability
Preferred Environment
Palo Alto Networks, ISE, Cisco, F5 Networks, Firewalls, Networking, Web Application Firewall (WAF), Load Balancers, Architecture, Network Security
The most amazing...
...projects I've worked on: DC migration to the cloud, the Saudi census infrastructure readiness, solution deployment for banks, and healthcare network security.
Work Experience
Consulting Engineer
Cisco
- Worked as BO L3 support for one of the leading ISPs in the Middle East.
- Tracked, fixed bugs, and was involved in escalated cases to resolve the issues.
- Provided technical POC for different security solutions as a Cisco source.
Network Security Consultant
General Authority For Statistics - GASTAT
- Performed as a lead network security consultant to support achieving the Kingdom's Census 2022 Project major enhancements. Led the network security team and assigned duties and role rotation according to skillsets.
- Designed and implemented Microsoft Edge and branch firewall using Palo Alto's next-generation firewall (NGFW). Implemented QoS, SSL Forward Proxy, DoS protection, URL filtering with Palo Alto firewalls, and migrating all the firewalls to panorama.
- Deployed OF-5 WAF and LTM and completed the migration of legacy architecture to recommend best practice design.
- Managed active-passive configuration, protection against top threats, OWASP top 10, custom signatures, WAF policy tuning, and DDOS mitigation.
- Involved in designing, deploying, protecting the network, and securing infrastructure.
- Redesigned the complete network security infrastructure, creating and updating network security HLD, LLD, and deploying Cisco ISE NAC solution. Deployed AlgoSec for firewall audit and policy cleanup.
- Acted as a subject matter expert for security projects and enhancements following best practices.
- Engaged and supported CI/CD pipeline for applications and services to support Saudi Census results. Upgraded, patched, and installed all network security products.
- Migrated GSTAT DC to Deem Cloud and was involved in disaster recovery (DR) planning and hybrid data center buildup.
- Completed the deployment of Blue Coat ProxySG and AlgoSec for firewall audit and policy cleanup.
Network Security Engineer
Bank Albilad
- Administrated and enhanced a network security architecture using F5 LTM/ASM, Cisco, Palo Alto, Fortinet Firewalls, Cisco ISE, pulse secure, DNS security, network traffic analysis Splunk, and AlgoSec.
- Implemented security policies and procedures to harden network security in compliance with regulatory authorities like SAMA (SCB), NCA, and PCI Compliance.
- Completed the deployment of NAC solutions with Cisco ISE and Pulse Secure.
- Deployed and implemented web application security and load balancers.
- Created site-to-site VPNs with third parties and customers within and outside the kingdom.
- Led incident analysis, investigation, and resolution for managed devices.
- Configured scheduled backup, restoration, patching, and software upgrade of all network security products.
- Involved in DR plans to shift whole bank traffic from MDC to SDC as part of the SAMA DR drill plan, providing support and troubleshooting live during the drill.
- Developed network security architecture from conceptual work to implementation and supervision with all vendors.
- Monitored network performance and troubleshoot problems and outages. I was engaged in data network fault investigations and tuning.
Network Security Engineer
Davita
- Implemented Fortinet firewall, configuring from scratch, following best practices.
- Configured Forti manager to be used as a firewall management tool.
- Configured and tuned IPS/IDS to harden network security.
Network and Security Engineer
Creation Source
- Led the DAVITA health care USA project for the Ministry of Health KSA.
- Implemented network security with Cisco FTD and SonicWall Firewalls. I deployed NAC solutions with Cisco ISE for user and device authentication, BIG IP, F5 Load Balancer, and securing web applications with an F5 application firewall.
- Managed interconnectivity of branch networks with each other via site-to-site VPNs. Engaged in data network fault investigations, tuning, and deployed wireless using Cisco Wireless Controllers (WLCs) 5500.
- Designed and implemented a second project for OZ-Lounge-Riyadh. I provided technical support for the network scope.
- Built network scope from scratch and managed surveying as the network engineer for the Golden Nowair Compound project.
- Developed the solution and then completed the project after testing and commissioning.
- Completed network security deployment using Palo Alto Firewalls.
- Used L2VPNs, site-to-site VPNs, Cisco Web Security Appliance, SSL/TLS, and remote VPNs.
- Contributed to wireless network implementation with Cisco 2500 controllers, cryptography, endpoint security, sandboxing, Cisco AMP, IPS/IDS, content filtering, MS NAC/NAS, and radius server.
- Worked on multiple IP telephony products, including Cisco Call Manager Express 2900, 3900, 4300, and 4400; Cisco Unity Express Cisco IP phones 6545, 8845, and 3900; and wireless and conference phones 8800.
Experience
Saudi Census 2022 Project
Davita Health Care KSA
I managed planning, designing, deploying, and maintaining network and security, voice, wireless infrastructure, and system security. Led the team involved in implementing the project's greenfield and brownfield deployment. Formulated budget planning and solution presentations as per customer requirements and presented audit and risk assessment reports.
Oz Lounge Project
Managed the configuration, management, monitoring, and analyzing IDS/IPS signature attacks, firewalls log, systems, applications, and security event logs for comprehensive security monitoring and vulnerability management.
Configured network security infrastructure using Fortigate and Dell SONiC WALL Firewalls, TZ-300, and 2500 NSAs.
NAC Solution Deployment Bank Albilad
IT Support Specialist
I operated and maintained daily tasks. I scheduled the backup of network devices and upgraded security devices. I also supported the system and active directory services, protecting the systems.
Education
Associate's Degree in Computer Networking
Virtual University of Pakistan - Lahore, Pakistan
Certifications
CISSP - Certified Information Systems Security Professional
ISC2
F5 BIG IP Application Security Manager
F5
F5 Certified Administrator
F5
NSE 7 Network Security Architect
Fortinet
CCNP Security
Cisco
Cisco Certified Specialist | Security Identity Management Implementation
Cisco
Palo Alto Certified Network Security Engineer
Palo Alto Networks
CCNP Enterprise
Cisco
Cisco Certified Network Associate
Cisco
Skills
Libraries/APIs
Radius
Tools
VPN, Tcpdump, SolarWinds, BMC Remedy, F5 Load Balancer
Paradigms
DDoS, Security Software Development
Industry Expertise
Network Security, Cybersecurity
Platforms
Linux, Amazon Web Services (AWS), OpenStack
Languages
C++
Other
Palo Alto Networks, Fortinet Firewall Configuration, F5 Networks, Firewalls, Networking, Web Application Firewall (WAF), Remote Access VPN, Load Balancers, Intrusion Prevention Systems (IPS), TACACS, IPsec, IDS/IPS, Deployment, Implementation, Solution Design, Cisco Wireless, DNS, DHCP, TCP/IP, Troubleshooting, IT Networking, Research & Critical Thinking, Unified Threat Management (UTM), Web Security, Security, NIST, PCI Compliance, Zero Trust, IT Security, Networks, IP Networks, ISE, Computer Networking, Threat Modeling, Architecture, Computer Security, Risk & Compliance, Identity & Access Management (IAM), Data Protection, Internetworking, Domain Name System (DNS), Security Engineering, Zero Trust Network Access (ZTNA), Security Audits, Compliance, SOC 2, Risk Management, OWASP Top 10, Risk Modeling, Risk Analysis, Cryptography, Encryption, P2P, Routing, NAT, Security Operations Centers (SOC), PCI DSS, Authentication, PKI, Data Loss Prevention (DLP), GDPR, Cloud Security, Splunk Enterprise Security, FortiManager, FortiGate, Cisco, System Administration, Endpoint Security, IT Operations Management (ITOM), Governance, Risk, Security Testing
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring