Peter Zaki, Developer in Amsterdam, Netherlands
Peter is available for hire
Hire Peter

Peter Zaki

Verified Expert  in Engineering

Cybersecurity Specialist and Developer

Amsterdam, Netherlands

Toptal member since December 12, 2022

Expertise
SSO EngineeringSystem SecurityLinuxCybersecuritySAMLCloud EngineeringAWS CloudDatabaseWindows DevelopmentPenetration TestingAWSUnixSecurity Engineering
Bio

Peter is a security professional with 10 years of experience helping major multinational companies secure their infrastructures and customers. He is an experienced security engineer and consultant. Peter designs secure systems and applications, advising on security practices targeting web, cloud applications, and APIs. He works on secure application development, cloud-native security, and DevSecOps. Peter is a certified CISSP, OSCP, and AWS Solutions Architect – Associate.

Portfolio

Contracted Work
Cloud, Threat Modeling, Risk Assessment, Security Assessment, OWASP...
Mambu
Kubernetes, Kubectl, Kubernetes Security, Argo CD, Helm, Terraform, AWS CLI...
Synack
Web Applications, Web API, Burp Suite, Kali Linux, Penetration Testing...

Experience

  • Linux - 6 years
  • IT Security - 6 years
  • Information Security - 5 years
  • Cybersecurity - 5 years
  • Cloud Security - 3 years
  • Windows - 3 years
  • Security Engineering - 2 years
  • Web App Security - 2 years

Availability

Part-time

Preferred Environment

Linux, Windows, Git, Python, AWS Cloud Architecture, Google Cloud Platform (GCP), Docker

The most amazing...

...thing I've done is build the security program across the development pipeline for one of the employers I worked for.

Work Experience

Security Expert

2024 - PRESENT
Contracted Work
  • Used threat modeling internal systems, which drives security strategy and efforts.
  • Performed security reviews and assessments for internal IT systems.
  • Conducted risk analysis and reviews for critical banking infrastructure following DORA directives.
Technologies: Cloud, Threat Modeling, Risk Assessment, Security Assessment, OWASP, Dynamic Application Security Testing (DAST), Application Security, Audits

Senior Security Engineer

2024 - 2024
Mambu
  • Deployed a WAF solution within Kubernetes clusters to be a native cloud firewall solution.
  • Integrated new Zero Trust network solution, replacing obsolete network VPN solution built on top of AWS cloud.
  • Worked with development teams to enhance Kubernetes security.
  • Handled vulnerability management and reporting within the organization.
Technologies: Kubernetes, Kubectl, Kubernetes Security, Argo CD, Helm, Terraform, AWS CLI, Git, Google Cloud, Web Application Firewall (WAF), Zero Trust Network Access (ZTNA), OWASP, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Application Security

Security Researcher

2020 - 2024
Synack
  • Worked on the web application pen testing for different private clients.
  • Established API pen testing and API security integration advisory.
  • Managed the web application secure deployments in cloud environments.
  • Found bugs like info leaks, IDORs, XSS, and SQL injection.
Technologies: Web Applications, Web API, Burp Suite, Kali Linux, Penetration Testing, Vulnerability Assessment, Database Security, Docker, Computer Security, OWASP, Application Security

Senior Security Engineer

2023 - 2023
De Bijenkorf
  • Worked on the web and cloud application pen testing through DAST and secure code review.
  • Acted as a security advisor on proper secure design with the different development teams.
  • Integrated CI/CD pipeline security, including GCP, API, and web security.
  • Conducted security training and documentation to serve the development teams.
Technologies: Google Cloud Platform (GCP), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), GitHub, Terraform, Cloudflare, Vulnerability Assessment, Kali Linux, Burp Suite, NIST, Single Sign-on (SSO), Antivirus Software, Docker, Security Audits, Computer Security, Penetration Testing, CISO, DevSecOps, Data Encryption, CI/CD Pipelines, Kubernetes, Secure Code Best Practices, Documentation, OWASP, Java, Application Security

Senior Principal Cybersecurity Architect

2021 - 2023
Valeo
  • Worked actively on the secure design and security engineering for several cloud and on-premise systems.
  • Contributed to developing a new cloud application and handled secure design and security engineering.
  • Created security best practices for a new key management system.
  • Conducted internal risk assessments for internal applications and projects.
  • Developed a correct DevSecOps environment within the company.
  • Wrote security best practices and guidelines for web application development.
Technologies: Cryptography, Information Security, Threat Modeling, Cloud Security, Security Engineering, Web App Security, CISSP, IT Security, Security, Security Architecture, Web Security, Authentication, APIs, Data Security, Web Architecture, Amazon S3 (AWS S3), Certified Information Systems Security Professional, Security Design, Security Audits, Architecture, Data Privacy, NIST, Single Sign-on (SSO), DDoS, Database Security, GRC, SOC 2, Computer Security, CISO, Data Encryption, Secure Code Best Practices, Documentation, OWASP, Audits

Security Solutions Expert

2018 - 2021
Orange Business Services
  • Acted as a technical lead of the OBS cloud security portfolio, maintaining its implementation in the build phase and support in the run phase.
  • Built and maintained a monitoring solution using Python and Bash scripting.
  • Wrote documentation to support the build and run phases, leasing with the vendors, and upscaling the cloud security portfolio.
  • Contributed to the project as a Level 3 SOC engineer, acting as the technical reference for consultants and architects in the build phase and for project and product managers.
  • Acted as a security consultant on complex design projects, serving as a subject matter expert in cloud security for the customer's teams.
Technologies: Cloud Security, Linux, Python, Bash, Azure Cloud Services, AWS Cloud Architecture, IT Security, Security, SAML, Amazon Web Services (AWS), Security Architecture, Authentication, Web Architecture, Amazon S3 (AWS S3), Security Design, Azure, GitHub, DDoS, Antivirus Software, Networks, Firewalls, Computer Security, Azure Active Directory, Managed Security Service Providers (MSSP), Documentation

Senior Analyst

2014 - 2018
RSA Security
  • Acted as the subject matter expert of the identity access management portfolio.
  • Worked actively on cloud access management technologies, integrating the Security Assertion Markup Language (SAML) and Windows Active Directory Federation Services (AD FS).
  • Supported new team members and recent graduates as a technical mentor.
  • Handled technical cases on Linux and Windows servers technologies, mainly using PostgreSQL and Java JBoss.
  • Integrated different authentication mechanisms in Windows and Nix environments.
Technologies: Identity & Access Management (IAM), Windows Server, PostgreSQL, Linux RHEL/CentOS, ADFS, Cloud, IT Security, Security, SAML, Authentication, Single Sign-on (SSO), Database Security, Networks, Computer Security

Experience

Cloud Monitoring Solution

A Python Flask plus Bash scripting solution to monitor the health of different services and network connections on Linux servers, then send them back to an ELK stack. The ELK would trigger other alerts as needed and open a support ticket for the SOC team to operate accordingly.

An SOP document was written to support the daily changes or incidents needed for those servers daily.

SAST Tool Integration in the Git Pipeline

I integrated Semgrep, the SAST tool, into the GitHub pipeline using GitHub Actions and webhooks. It scans for secrets, vulnerable code, and misconfiguration. It triggers pull requests and scans on schedule. A notification is sent to the developers/engineers when an issue is triggered. Then, a plan of action/fix is discussed to address the finding after triaging the bug.

Native Cloud WAF

I integrated Fastly WAF within a Kubernetes cluster, built as a sidecar container for NGINX.

The policies and configuration are managed through a web interface. But since it's cloud-native and on multiple clouds, managing the build itself was through local Argo and within GitLab CI/CD.

Education

2013 - 2014

Technical Diploma in Cybersecurity

Information Technology Institute - Cairo, Egypt

2007 - 2012

Double Bachelor's Degree in ICT Engineering

Faculty of Engineering, Helwan University and Uninettuno University - Cairo, Egypt and Rome, Italy

Certifications

JANUARY 2022 - PRESENT

CISSP – Certified Information Systems Security Professional

(ISC)²

AUGUST 2020 - PRESENT

AWS Certified Solutions Architect – Associate

AWS

OCTOBER 2015 - PRESENT

Offensive Security Certified Professional (OSCP)

Offensive Security

Skills

Libraries/APIs

Web API

Tools

ADFS, GitHub, Git, Terraform, Kubectl, Helm, AWS CLI, GitLab, GitLab CI/CD

Languages

SAML, Bash, Bash Script, Python, PHP, Java, YAML

Platforms

Linux, Unix, Debian, Kali Linux, Windows, Linux RHEL/CentOS, Windows Server, Amazon Web Services (AWS), Google Cloud Platform (GCP), Web, Azure, Burp Suite, Docker, Kubernetes

Industry Expertise

Cybersecurity

Paradigms

Penetration Testing, Web Architecture, DDoS, DevSecOps, Secure Code Best Practices

Storage

Database Security, PostgreSQL, Azure Cloud Services, Amazon S3 (AWS S3), Azure Active Directory, Google Cloud

Other

Threat Modeling, Operations, IT Security, Security, Authentication, Architecture, Single Sign-on (SSO), Computer Security, Data Encryption, OWASP, Information Security, Network Security, Cloud Security, Security Engineering, Identity & Access Management (IAM), AWS Cloud Architecture, Cloud, Web App Security, CISSP, Security Architecture, Web Security, Certified Information Systems Security Professional, Security Design, Security Audits, NIST, Antivirus Software, Firewalls, Managed Security Service Providers (MSSP), Documentation, Application Security, Audits, Security Assessment, Cryptography, Development, Networking, APIs, Data Security, Data Privacy, Web Applications, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Cloudflare, Vulnerability Assessment, Networks, GRC, SOC 2, CISO, CI/CD Pipelines, SaaS, GitHub Actions, Kubernetes Security, Argo CD, Web Application Firewall (WAF), Zero Trust Network Access (ZTNA), Risk Assessment

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring