Peter Zaki
Verified Expert in Engineering
Cybersecurity Specialist and Developer
Peter is a security professional with 10 years of experience helping major multinational companies secure their infrastructures and customers. He is an experienced security engineer and consultant. Peter designs secure systems and applications, advising on security practices targeting web, cloud applications, and APIs. He works on secure application development, cloud-native security, and DevSecOps. Peter is a certified CISSP, OSCP, and AWS Solutions Architect – Associate.
Portfolio
Experience
Availability
Preferred Environment
Linux, Windows, Git, Python, AWS Cloud Architecture, Google Cloud Platform (GCP), Docker
The most amazing...
...thing I've done is build the security program across the development pipeline for one of the employers I worked for.
Work Experience
Senior Security Engineer
De Bijenkorf
- Worked on the web and cloud application pen testing through DAST and secure code review.
- Acted as a security advisor on proper secure design with the different development teams.
- Integrated CI/CD pipeline security, including GCP security, API security, and web security.
Security Researcher
Synack
- Worked on the web application pen testing for different private clients.
- Established API pen testing and API security integration advisory.
- Managed the web application secure deployments in cloud environments.
- Found bugs like info leaks, IDORs, XSS, and SQL injection.
Senior Principal Cybersecurity Architect
Valeo
- Worked actively on the secure design and security engineering for several cloud and on-premise systems.
- Contributed to developing a new cloud application and handled secure design and security engineering.
- Created security best practices for a new key management system.
- Conducted internal risk assessments for internal applications and projects.
- Developed a correct DevSecOps environment within the company.
- Wrote security best practices and guidelines for web application development.
Security Solutions Expert
Orange Business Services
- Acted as a technical lead of the OBS cloud security portfolio, maintaining its implementation in the build phase and support in the run phase.
- Built and maintained a monitoring solution using Python and Bash scripting.
- Wrote documentation to support the build and run phases, leasing with the vendors, and upscaling the cloud security portfolio.
- Contributed to the project as a Level 3 SOC engineer, acting as the technical reference for consultants and architects in the build phase and for project and product managers.
- Acted as a security consultant on complex design projects, serving as a subject matter expert in cloud security for the customer's teams.
Senior Analyst
RSA Security
- Acted as the subject matter expert of the identity access management portfolio.
- Worked actively on cloud access management technologies, integrating the Security Assertion Markup Language (SAML) and Windows Active Directory Federation Services (AD FS).
- Supported new team members and recent graduates as a technical mentor.
- Handled technical cases on Linux and Windows servers technologies, mainly using PostgreSQL and Java JBoss.
- Integrated different authentication mechanisms in Windows and Nix environments.
Experience
Cloud Monitoring Solution
An SOP document was written to support the daily changes or incidents needed for those servers daily.
SAST Tool Integration in the Git Pipeline
Skillset
Languages
SAML, Bash, Bash Script, Python, PHP, Java
Platforms
Linux, Unix, Debian, Kali Linux, Windows, Linux RHEL/CentOS, Windows Server, Amazon Web Services (AWS), Google Cloud Platform (GCP), Web, Azure, Burp Suite, Docker, Kubernetes
Industry Expertise
Cybersecurity, Network Security
Other
Operations, IT Security, Security, Authentication, Architecture, Single Sign-on (SSO), Computer Security, Data Encryption, Information Security, Cloud Security, Security Engineering, Identity & Access Management (IAM), AWS Cloud Architecture, Cloud, Web App Security, CISSP, Security Architecture, Web Security, Certified Information Systems Security Professional, Security Design, Security Audits, NIST, Antivirus Software, Firewalls, Managed Security Service Providers (MSSP), Security Assessment, Cryptography, Development, Threat Modeling, Networking, APIs, Data Security, Data Privacy, Web Applications, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Cloudflare, Vulnerability Assessment, Networks, GRC, SOC 2, CISO, CI/CD Pipelines, SaaS, GitHub Actions
Tools
ADFS, GitHub, Git, Terraform
Paradigms
Penetration Testing, Web Architecture, DDoS, DevSecOps, Secure Code Best Practices
Storage
Database Security, PostgreSQL, Azure Cloud Services, Amazon S3 (AWS S3), Azure Active Directory
Libraries/APIs
Web API
Education
Technical Diploma in Cybersecurity
Information Technology Institute - Cairo, Egypt
Double Bachelor's Degree in ICT Engineering
Faculty of Engineering, Helwan University and Uninettuno University - Cairo, Egypt and Rome, Italy
Certifications
CISSP – Certified Information Systems Security Professional
(ISC)²
AWS Certified Solutions Architect – Associate
AWS
Offensive Security Certified Professional (OSCP)
Offensive Security
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring