Peter Zaki, Developer in Amsterdam, Netherlands
Peter is available for hire
Hire Peter

Peter Zaki

Verified Expert  in Engineering

Cybersecurity Specialist and Developer

Location
Amsterdam, Netherlands
Toptal Member Since
December 12, 2022

Peter is a security professional with 10 years of experience helping major multinational companies secure their infrastructures and customers. He is an experienced security engineer and consultant. Peter designs secure systems and applications, advising on security practices targeting web, cloud applications, and APIs. He works on secure application development, cloud-native security, and DevSecOps. Peter is a certified CISSP, OSCP, and AWS Solutions Architect – Associate.

Portfolio

Mambu
Kubernetes, Kubectl, Kubernetes Security, Argo CD, Helm, Terraform, AWS CLI...
Synack
Web Applications, Web API, Burp Suite, Kali Linux, Penetration Testing...
De Bijenkorf
Google Cloud Platform (GCP), Static Application Security Testing (SAST)...

Experience

Availability

Part-time

Preferred Environment

Linux, Windows, Git, Python, AWS Cloud Architecture, Google Cloud Platform (GCP), Docker

The most amazing...

...thing I've done is build the security program across the development pipeline for one of the employers I worked for.

Work Experience

Senior Security Engineer

2024 - PRESENT
Mambu
  • Deployed a WAF solution within Kubernetes clusters to be a native cloud firewall solution.
  • Integrated new Zero Trust network solution, replacing obsolete network VPN solution built on top of AWS cloud.
  • Worked with development teams to enhance Kubernetes security.
  • Handled vulnerability management and reporting within the organization.
Technologies: Kubernetes, Kubectl, Kubernetes Security, Argo CD, Helm, Terraform, AWS CLI, Git, Google Cloud, Web Application Firewall (WAF), Zero Trust Network Access (ZTNA)

Security Researcher

2020 - PRESENT
Synack
  • Worked on the web application pen testing for different private clients.
  • Established API pen testing and API security integration advisory.
  • Managed the web application secure deployments in cloud environments.
  • Found bugs like info leaks, IDORs, XSS, and SQL injection.
Technologies: Web Applications, Web API, Burp Suite, Kali Linux, Penetration Testing, Vulnerability Assessment, Database Security, Docker, Computer Security

Senior Security Engineer

2023 - 2023
De Bijenkorf
  • Worked on the web and cloud application pen testing through DAST and secure code review.
  • Acted as a security advisor on proper secure design with the different development teams.
  • Integrated CI/CD pipeline security, including GCP, API, and web security.
  • Conducted security training and documentation to serve the development teams.
Technologies: Google Cloud Platform (GCP), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), GitHub, Terraform, Cloudflare, Vulnerability Assessment, Kali Linux, Burp Suite, NIST, Single Sign-on (SSO), Antivirus Software, Docker, Security Audits, Computer Security, Penetration Testing, CISO, DevSecOps, Data Encryption, CI/CD Pipelines, Kubernetes, Secure Code Best Practices

Senior Principal Cybersecurity Architect

2021 - 2023
Valeo
  • Worked actively on the secure design and security engineering for several cloud and on-premise systems.
  • Contributed to developing a new cloud application and handled secure design and security engineering.
  • Created security best practices for a new key management system.
  • Conducted internal risk assessments for internal applications and projects.
  • Developed a correct DevSecOps environment within the company.
  • Wrote security best practices and guidelines for web application development.
Technologies: Cryptography, Information Security, Threat Modeling, Cloud Security, Security Engineering, Web App Security, CISSP, IT Security, Security, Security Architecture, Web Security, Authentication, APIs, Data Security, Web Architecture, Amazon S3 (AWS S3), Certified Information Systems Security Professional, Security Design, Security Audits, Architecture, Data Privacy, NIST, Single Sign-on (SSO), DDoS, Database Security, GRC, SOC 2, Computer Security, CISO, Data Encryption, Secure Code Best Practices

Security Solutions Expert

2018 - 2021
Orange Business Services
  • Acted as a technical lead of the OBS cloud security portfolio, maintaining its implementation in the build phase and support in the run phase.
  • Built and maintained a monitoring solution using Python and Bash scripting.
  • Wrote documentation to support the build and run phases, leasing with the vendors, and upscaling the cloud security portfolio.
  • Contributed to the project as a Level 3 SOC engineer, acting as the technical reference for consultants and architects in the build phase and for project and product managers.
  • Acted as a security consultant on complex design projects, serving as a subject matter expert in cloud security for the customer's teams.
Technologies: Cloud Security, Linux, Python, Bash, Azure Cloud Services, AWS Cloud Architecture, IT Security, Security, SAML, Amazon Web Services (AWS), Security Architecture, Authentication, Web Architecture, Amazon S3 (AWS S3), Security Design, Azure, GitHub, DDoS, Antivirus Software, Networks, Firewalls, Computer Security, Azure Active Directory, Managed Security Service Providers (MSSP)

Senior Analyst

2014 - 2018
RSA Security
  • Acted as the subject matter expert of the identity access management portfolio.
  • Worked actively on cloud access management technologies, integrating the Security Assertion Markup Language (SAML) and Windows Active Directory Federation Services (AD FS).
  • Supported new team members and recent graduates as a technical mentor.
  • Handled technical cases on Linux and Windows servers technologies, mainly using PostgreSQL and Java JBoss.
  • Integrated different authentication mechanisms in Windows and Nix environments.
Technologies: Identity & Access Management (IAM), Windows Server, PostgreSQL, Linux RHEL/CentOS, ADFS, Cloud, IT Security, Security, SAML, Authentication, Single Sign-on (SSO), Database Security, Networks, Computer Security

Cloud Monitoring Solution

A Python Flask plus Bash scripting solution to monitor the health of different services and network connections on Linux servers, then send them back to an ELK stack. The ELK would trigger other alerts as needed and open a support ticket for the SOC team to operate accordingly.

An SOP document was written to support the daily changes or incidents needed for those servers daily.

SAST Tool Integration in the Git Pipeline

I integrated Semgrep, the SAST tool, into the GitHub pipeline using GitHub Actions and webhooks. It scans for secrets, vulnerable code, and misconfiguration. It triggers pull requests and scans on schedule. A notification is sent to the developers/engineers when an issue is triggered. Then, a plan of action/fix is discussed to address the finding after triaging the bug.

Native Cloud WAF

I integrated Fastly WAF within a Kubernetes cluster, built as a sidecar container for NGINX.

The policies and configuration are managed through a web interface. But since it's cloud-native and on multiple clouds, managing the build itself was through local Argo and within GitLab CI/CD.
2013 - 2014

Technical Diploma in Cybersecurity

Information Technology Institute - Cairo, Egypt

2007 - 2012

Double Bachelor's Degree in ICT Engineering

Faculty of Engineering, Helwan University and Uninettuno University - Cairo, Egypt and Rome, Italy

JANUARY 2022 - PRESENT

CISSP – Certified Information Systems Security Professional

(ISC)²

AUGUST 2020 - PRESENT

AWS Certified Solutions Architect – Associate

AWS

OCTOBER 2015 - PRESENT

Offensive Security Certified Professional (OSCP)

Offensive Security

Libraries/APIs

Web API

Tools

ADFS, GitHub, Git, Terraform, Kubectl, Helm, AWS CLI, GitLab, GitLab CI/CD

Platforms

Linux, Unix, Debian, Kali Linux, Windows, Linux RHEL/CentOS, Windows Server, Amazon Web Services (AWS), Google Cloud Platform (GCP), Web, Azure, Burp Suite, Docker, Kubernetes

Languages

SAML, Bash, Bash Script, Python, PHP, Java, YAML

Industry Expertise

Cybersecurity, Network Security

Paradigms

Penetration Testing, Web Architecture, DDoS, DevSecOps, Secure Code Best Practices

Storage

Database Security, PostgreSQL, Azure Cloud Services, Amazon S3 (AWS S3), Azure Active Directory, Google Cloud

Other

Operations, IT Security, Security, Authentication, Architecture, Single Sign-on (SSO), Computer Security, Data Encryption, Information Security, Cloud Security, Security Engineering, Identity & Access Management (IAM), AWS Cloud Architecture, Cloud, Web App Security, CISSP, Security Architecture, Web Security, Certified Information Systems Security Professional, Security Design, Security Audits, NIST, Antivirus Software, Firewalls, Managed Security Service Providers (MSSP), Security Assessment, Cryptography, Development, Threat Modeling, Networking, APIs, Data Security, Data Privacy, Web Applications, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Cloudflare, Vulnerability Assessment, Networks, GRC, SOC 2, CISO, CI/CD Pipelines, SaaS, GitHub Actions, Kubernetes Security, Argo CD, Web Application Firewall (WAF), Zero Trust Network Access (ZTNA)

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring