Verified Expert in Engineering
Security Architect and Developer
Asif is a seasoned cybersecurity professional with more than 15 years of experience across a wide range of industries, including financial services, healthcare, energy, and consulting. He is an expert in security strategy and architecture, cloud security, identity and access management, and application security. Asif is a SABSA Certified Security Architect and holds numerous industry certifications, including CISSP, CRISC, AWS, and Azure cloud certifications.
Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Confluence, Jira, Slack
The most amazing...
...accomplishment I achieved was developing a bank's cybersecurity and fraud strategy and roadmap.
Australian Energy Market Operator
- Delivered the solution architecture for various initiatives, including a cloud-native SIEM solution, detection and response management, vulnerability management, and attack surface monitoring, as the lead architect on the cybersecurity program.
- Developed patterns and technology roadmaps for security capabilities, including threat detection and response (TDR).
- Provided security architecture and consulting for various business and digital transformation projects.
- Led the solution architecture for various security strategy initiatives as part of the Australia Post security uplift program, which included the endpoint detection and response (EDR), secure email gateway, and privileged access management projects.
- Provided architecture governance across all stages of the project lifecycle, ensuring the effective implementation of the architecture and alignment with the strategic objectives.
- Conducted security risk assessments on various projects to identify threats, assess proposed security controls, quantify and qualify security risks, and ensure risks were properly managed and tracked.
Enterprise Security Architect
National Australia Bank
- Spearheaded the development of the cybersecurity strategy to uplift the National Australia Bank's (NAB) cyber threat detection, prevention, and incident response capabilities in alignment with the business objectives.
- Developed a holistic cyber fraud and investigation strategy and a three-year transformation roadmap.
- Served as the principal architect on various security projects, including a security automation and orchestration platform, a threat intelligence platform, a fraud platform, a SIEM system, and an endpoint detection and response (EDR) solution.
National Australia Bank
- Served as the lead security architect on the financial crime and cyber fraud uplift program that delivered near real-time fraud detection solutions for the new payments platform (NPP).
- Delivered the security solution architecture for NAB's internet banking transformation project.
- Conducted security risk assessments on various projects to identify threats, assess proposed security controls, quantify and qualify security risks, and ensure risks were adequately managed and tracked.
Technical Information Security Officer
- Acted as the technical information security officer, providing end-to-end security architecture and security consulting for applications used within consumer banking across 11 countries in the Asia Pacific.
- Served as the primary point of contact for the application development teams in the areas of information security technologies, security architecture, and security risk management.
- Implemented secure SDLC processes to manage the information security risk during the development of new products and applications and provide continuous oversight throughout the application lifecycle.
- Performed ongoing reviews and risk assessments on applications to identify possible areas of vulnerabilities and assist in the development of corrective action plans.
Consultant | Security and Risk
- Served as the application security consultant on a national electronic health record implementation project, responsible for designing secure SDLC processes and ensuring the effective implementation, testing, and deployment of security controls.
- Conducted information security risk and vulnerability assessments for multiple clients, including for a leading bank in Asia Pacific on their multi-country core banking solution deployment.
- Provided consultancy in infrastructure deployment and Active Directory configuration for an identity and access management (IAM) solution at a global chemical company.
Implementing Zero Trust Architecture: A Practical Approachhttps://www.youtube.com/watch?v=cy1qVkxgJyw&t=50s
As a subject-matter expert in the field, I held the Implementing Zero Trust Architecture: A Practical Approach presentation at the BSides Islamabad conference.
A video of the presentation is available at:
Cybersecurity, Network Security
Security Architecture, Information Security, Risk Management, Cloud Security, Strategy, Security Planning, Computer Networking, Vulnerability Assessment, Application Security, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Identity & Access Management (IAM), Risk Assessment, Infrastructure, Data Protection, ISO Standards, Threat Detection and Response (TDR), Roadmaps, Microsoft Azure, Security, IT Security, Regulatory Compliance, Zero Trust
Amazon Web Services (AWS), Google Cloud Platform (GCP), Azure
Confluence, Jira, Slack
Bachelor's Degree in Computer Engineering
National University of Singapore - Queenstown, Singapore
Microsoft Certified Azure Security Engineer (AZ-500)
AWS Certified Security – Specialty
AWS Certified Solutions Architect - Associate
Certified in Risk and Information System Controls (CRISC)
Certified Information System Security Professional (CISSP)
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.Start hiring