Abubakar Siddique, Developer in Riyadh, Riyadh Province, Saudi Arabia
Abubakar is available for hire
Hire Abubakar

Abubakar Siddique

Verified Expert  in Engineering

IT Security Consultant and Developer

Riyadh, Riyadh Province, Saudi Arabia

Toptal member since October 31, 2022

Bio

Abubakar is an information systems security professional with highly developed and result-driven skills and over 10+ years of experience designing, deploying, securing, operating, and troubleshooting medium and large enterprise networks. His strengths include working with multiple security solutions through industry-leading vendors to serve other clients worldwide.

Portfolio

Cisco
F5 Networks, Palo Alto Networks, Firewalls, ISE, Threat Modeling, DNS...
General Authority For Statistics - GASTAT
Load Balancers, Firewalls, ISE, F5 Networks, FortiGate, Security, NIST...
Bank Albilad
Palo Alto Networks, F5 Networks, ISE, Cisco, FortiGate, VPN, Remote Access VPN...

Experience

Availability

Full-time

Preferred Environment

Palo Alto Networks, ISE, Cisco, F5 Networks, Firewalls, Networking, Web Application Firewall (WAF), Load Balancers, Architecture, Network Security

The most amazing...

...projects I've worked on: DC migration to the cloud, the Saudi census infrastructure readiness, solution deployment for banks, and healthcare network security.

Work Experience

Consulting Engineer

2023 - PRESENT
Cisco
  • Worked as BO L3 support for one of the leading ISPs in the Middle East.
  • Tracked, fixed bugs, and was involved in escalated cases to resolve the issues.
  • Provided technical POC for different security solutions as a Cisco source.
Technologies: F5 Networks, Palo Alto Networks, Firewalls, ISE, Threat Modeling, DNS, Load Balancers, Web Application Firewall (WAF), Computer Security, Endpoint Security, Network Security, Architecture, Cisco, Cisco Wireless, OpenStack, Linux, BMC Remedy, IT Operations Management (ITOM), Troubleshooting, Networking, IT Networking, Computer Networking, System Administration, Risk & Compliance, Tcpdump, Security Engineering, Internetworking, Data Protection, Zero Trust Network Access (ZTNA), DDoS, Domain Name System (DNS), PKI, IP Networks, Networks, Web Security, Security, NIST, Compliance, Cybersecurity, GDPR, SOC 2, Risk Management, OWASP Top 10, Risk Modeling, Risk Analysis, Cryptography, Encryption, P2P

Network Security Consultant

2022 - 2023
General Authority For Statistics - GASTAT
  • Performed as a lead network security consultant to support achieving the Kingdom's Census 2022 Project major enhancements. Led the network security team and assigned duties and role rotation according to skillsets.
  • Designed and implemented Microsoft Edge and branch firewall using Palo Alto's next-generation firewall (NGFW). Implemented QoS, SSL Forward Proxy, DoS protection, URL filtering with Palo Alto firewalls, and migrating all the firewalls to panorama.
  • Deployed OF-5 WAF and LTM and completed the migration of legacy architecture to recommend best practice design.
  • Managed active-passive configuration, protection against top threats, OWASP top 10, custom signatures, WAF policy tuning, and DDOS mitigation.
  • Involved in designing, deploying, protecting the network, and securing infrastructure.
  • Redesigned the complete network security infrastructure, creating and updating network security HLD, LLD, and deploying Cisco ISE NAC solution. Deployed AlgoSec for firewall audit and policy cleanup.
  • Acted as a subject matter expert for security projects and enhancements following best practices.
  • Engaged and supported CI/CD pipeline for applications and services to support Saudi Census results. Upgraded, patched, and installed all network security products.
  • Migrated GSTAT DC to Deem Cloud and was involved in disaster recovery (DR) planning and hybrid data center buildup.
  • Completed the deployment of Blue Coat ProxySG and AlgoSec for firewall audit and policy cleanup.
Technologies: Load Balancers, Firewalls, ISE, F5 Networks, FortiGate, Security, NIST, Research & Critical Thinking, DNS, Palo Alto Networks, Fortinet Firewall Configuration, Network Security, Web Application Firewall (WAF), Remote Access VPN, IPsec, DDoS, Routing, Unified Threat Management (UTM), Amazon Web Services (AWS), TCP/IP, Solution Design, Implementation, Deployment, IDS/IPS, TACACS, Radius, Cloud Security, Intrusion Prevention Systems (IPS), Zero Trust, Authentication, Cisco, IT Security, Networks, IT Networking, Linux, Data Loss Prevention (DLP), SolarWinds, Networking, Threat Modeling, Computer Security, Architecture, Risk & Compliance, Tcpdump, Security Engineering, Internetworking, Data Protection, Zero Trust Network Access (ZTNA), Domain Name System (DNS), PKI, IP Networks, Web Security, Security Audits, Compliance, Cybersecurity, GDPR, SOC 2, Risk Management, OWASP Top 10, Risk Modeling, Risk Analysis, Cryptography, Encryption, P2P

Network Security Engineer

2019 - 2022
Bank Albilad
  • Administrated and enhanced a network security architecture using F5 LTM/ASM, Cisco, Palo Alto, Fortinet Firewalls, Cisco ISE, pulse secure, DNS security, network traffic analysis Splunk, and AlgoSec.
  • Implemented security policies and procedures to harden network security in compliance with regulatory authorities like SAMA (SCB), NCA, and PCI Compliance.
  • Completed the deployment of NAC solutions with Cisco ISE and Pulse Secure.
  • Deployed and implemented web application security and load balancers.
  • Created site-to-site VPNs with third parties and customers within and outside the kingdom.
  • Led incident analysis, investigation, and resolution for managed devices.
  • Configured scheduled backup, restoration, patching, and software upgrade of all network security products.
  • Involved in DR plans to shift whole bank traffic from MDC to SDC as part of the SAMA DR drill plan, providing support and troubleshooting live during the drill.
  • Developed network security architecture from conceptual work to implementation and supervision with all vendors.
  • Monitored network performance and troubleshoot problems and outages. I was engaged in data network fault investigations and tuning.
Technologies: Palo Alto Networks, F5 Networks, Cisco, ISE, FortiGate, VPN, Remote Access VPN, Fortinet Firewall Configuration, Security Operations Centers (SOC), DDoS, Unified Threat Management (UTM), PCI Compliance, NIST, Security, Research & Critical Thinking, DNS, Network Security, Web Application Firewall (WAF), IPsec, TCP/IP, Solution Design, Implementation, Deployment, IDS/IPS, TACACS, Radius, Intrusion Prevention Systems (IPS), Firewalls, PCI DSS, Zero Trust, Splunk Enterprise Security, Authentication, Threat Modeling, Computer Security, Architecture, Risk & Compliance, Tcpdump, Security Engineering, Internetworking, Data Protection, Identity & Access Management (IAM), Zero Trust Network Access (ZTNA), PKI, IP Networks, Networks, Web Security, Security Audits, Compliance, Cybersecurity, GDPR, SOC 2, Risk Management, OWASP Top 10, Risk Modeling, Risk Analysis, Cryptography, Encryption, P2P

Network Security Engineer

2016 - 2019
Davita
  • Implemented Fortinet firewall, configuring from scratch, following best practices.
  • Configured Forti manager to be used as a firewall management tool.
  • Configured and tuned IPS/IDS to harden network security.
Technologies: Fortinet Firewall Configuration, FortiManager, FortiGate, Intrusion Prevention Systems (IPS), Authentication, Threat Modeling, Computer Security, Architecture, Risk & Compliance, Tcpdump, Security Engineering, Internetworking, Data Protection, Zero Trust Network Access (ZTNA), DDoS, Domain Name System (DNS), PKI, IP Networks, Networks, Web Security, Security, NIST, Compliance, Cybersecurity, Risk Management, OWASP Top 10, Risk Analysis, SOC 2, Cryptography, Encryption, P2P

Network and Security Engineer

2016 - 2019
Creation Source
  • Led the DAVITA health care USA project for the Ministry of Health KSA.
  • Implemented network security with Cisco FTD and SonicWall Firewalls. I deployed NAC solutions with Cisco ISE for user and device authentication, BIG IP, F5 Load Balancer, and securing web applications with an F5 application firewall.
  • Managed interconnectivity of branch networks with each other via site-to-site VPNs. Engaged in data network fault investigations, tuning, and deployed wireless using Cisco Wireless Controllers (WLCs) 5500.
  • Designed and implemented a second project for OZ-Lounge-Riyadh. I provided technical support for the network scope.
  • Built network scope from scratch and managed surveying as the network engineer for the Golden Nowair Compound project.
  • Developed the solution and then completed the project after testing and commissioning.
  • Completed network security deployment using Palo Alto Firewalls.
  • Used L2VPNs, site-to-site VPNs, Cisco Web Security Appliance, SSL/TLS, and remote VPNs.
  • Contributed to wireless network implementation with Cisco 2500 controllers, cryptography, endpoint security, sandboxing, Cisco AMP, IPS/IDS, content filtering, MS NAC/NAS, and radius server.
  • Worked on multiple IP telephony products, including Cisco Call Manager Express 2900, 3900, 4300, and 4400; Cisco Unity Express Cisco IP phones 6545, 8845, and 3900; and wireless and conference phones 8800.
Technologies: Firewalls, ISE, Cisco, Deployment, Implementation, Solution Design, Load Balancers, Cisco Wireless, DNS, DHCP, TCP/IP, F5 Networks, NIST, Security, Research & Critical Thinking, Palo Alto Networks, Fortinet Firewall Configuration, Network Security, Web Application Firewall (WAF), Remote Access VPN, IPsec, DDoS, Routing, Unified Threat Management (UTM), IDS/IPS, Intrusion Prevention Systems (IPS), Zero Trust, Authentication, System Administration, Threat Modeling, Computer Security, Architecture, Risk & Compliance, Tcpdump, Security Engineering, Internetworking, Data Protection, Zero Trust Network Access (ZTNA), Domain Name System (DNS), PKI, IP Networks, Networks, Web Security, Compliance, Cybersecurity, F5 Load Balancer, OWASP Top 10, Cryptography

Saudi Census 2022 Project

Worked as a lead network security consultant to support the Kingdom's Census 2022 Project major enhancements, leading the network security team, assigning duties, and rotating roles according to skill sets.

Davita Health Care KSA

I was the duty supervisor for each project's active and passive deployment teams.

I managed planning, designing, deploying, and maintaining network and security, voice, wireless infrastructure, and system security. Led the team involved in implementing the project's greenfield and brownfield deployment. Formulated budget planning and solution presentations as per customer requirements and presented audit and risk assessment reports.

Oz Lounge Project

My team and I deployed and implemented the F5 web application firewall and cisco web security appliance.

Managed the configuration, management, monitoring, and analyzing IDS/IPS signature attacks, firewalls log, systems, applications, and security event logs for comprehensive security monitoring and vulnerability management.

Configured network security infrastructure using Fortigate and Dell SONiC WALL Firewalls, TZ-300, and 2500 NSAs.

NAC Solution Deployment Bank Albilad

I started from the monitoring stage to the production rollout. Managed Cisco ISE for network access control, posturing, and profiling, device administration using Radius and Tacacs+, wireless guest access, and BYOD with CWA.

IT Support Specialist

Provided operational support to the business.

I operated and maintained daily tasks. I scheduled the backup of network devices and upgraded security devices. I also supported the system and active directory services, protecting the systems.
2014 - 2018

Associate's Degree in Computer Networking

Virtual University of Pakistan - Lahore, Pakistan

FEBRUARY 2024 - MARCH 2027

CISSP - Certified Information Systems Security Professional

ISC2

NOVEMBER 2022 - NOVEMBER 2024

F5 BIG IP Application Security Manager

F5

SEPTEMBER 2022 - SEPTEMBER 2024

F5 Certified Administrator

F5

NOVEMBER 2021 - NOVEMBER 2023

NSE 7 Network Security Architect

Fortinet

DECEMBER 2020 - DECEMBER 2023

CCNP Security

Cisco

DECEMBER 2020 - DECEMBER 2023

Cisco Certified Specialist | Security Identity Management Implementation

Cisco

JANUARY 2019 - JUNE 2025

Palo Alto Certified Network Security Engineer

Palo Alto Networks

DECEMBER 2014 - DECEMBER 2023

CCNP Enterprise

Cisco

JULY 2013 - DECEMBER 2023

Cisco Certified Network Associate

Cisco

Libraries/APIs

Radius

Tools

VPN, Tcpdump, SolarWinds, BMC Remedy, F5 Load Balancer

Paradigms

DDoS, Security Software Development

Industry Expertise

Network Security, Cybersecurity

Platforms

Linux, Amazon Web Services (AWS), OpenStack

Languages

C++

Other

Palo Alto Networks, Fortinet Firewall Configuration, F5 Networks, Firewalls, Networking, Web Application Firewall (WAF), Remote Access VPN, Load Balancers, Intrusion Prevention Systems (IPS), TACACS, IPsec, IDS/IPS, Deployment, Implementation, Solution Design, Cisco Wireless, DNS, DHCP, TCP/IP, Troubleshooting, IT Networking, Research & Critical Thinking, Unified Threat Management (UTM), Web Security, Security, NIST, PCI Compliance, Zero Trust, IT Security, Networks, IP Networks, ISE, Computer Networking, Threat Modeling, Architecture, Computer Security, Risk & Compliance, Identity & Access Management (IAM), Data Protection, Internetworking, Domain Name System (DNS), Security Engineering, Zero Trust Network Access (ZTNA), Security Audits, Compliance, SOC 2, Risk Management, OWASP Top 10, Risk Modeling, Risk Analysis, Cryptography, Encryption, P2P, Routing, NAT, Security Operations Centers (SOC), PCI DSS, Authentication, PKI, Data Loss Prevention (DLP), GDPR, Cloud Security, Splunk Enterprise Security, FortiManager, FortiGate, Cisco, System Administration, Endpoint Security, IT Operations Management (ITOM), Governance, Risk, Security Testing

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring