Salam Houchou
Verified Expert in Engineering
Security Architect and Developer
Salam is an IT security architect and consultant in information, cyber, and cloud security. With 20 years of experience, a master's degree in cyber security, and Microsoft Azure, GCP, and AWS security certifications, he excels in designing and implementing initiatives to manage security risks and compliance while maximizing safety and security expectations. Salam is keen on re-organizing, streamlining, and strengthening existing operations by implementing cutting-edge, cost-effective solutions.
Portfolio
Experience
Availability
Preferred Environment
Google Cloud Platform (GCP), Application Security, Microsoft Azure, Security Architecture, Information Security, Compliance, SOC 2, AWS Cloud Security, NIST, Risk Assessment
The most amazing...
...project I've worked on is engineering, designing, and implementing information security controls to one of the biggest monitoring platforms in Switzerland.
Work Experience
Security Architect
Colleva, Inc.
- Crafted and implemented a suite of robust security policies tailored to the company's specific needs and industry requirements. These policies covered areas such as data protection, access control, incident response, and risk management.
- Guided the company through the SOC 2 compliance process from start to finish, ensuring adherence to industry-leading security standards and best practices.
- Provided expert mentorship and support to internal teams, facilitating their understanding of SOC 2 requirements and helping them implement necessary controls and procedures.
- Leveraged Azure's built-in security features such as Azure Security Center, Azure Policy, Azure Firewall, and Azure Identity and Access Management (IAM) to enhance visibility, protect against threats, and enforce compliance requirements.
- Configured Azure Security Center to provide continuous monitoring and threat detection capabilities, allowing for real-time detection of suspicious activities, unauthorized access attempts, and potential security breaches.
- Implemented a proactive approach to security through continuous improvement and optimization of Azure security controls.
SecOps for GCP Consultation
Vizen Analytics, LLC
- Created a design for GCP infrastructure using GCP best practices architecture and best security practices.
- Designed secure connectivity to share data securely between the Snowflake platform and SaaS deployment on GCP.
- Built security policy for the company and the security controls for client satisfaction.
Cybersecurity Architect
Lloyds Banking Group
- Deployed identity and access management on the client's AWS cloud environment following the least privilege and zero-trust principle.
- Automated the cloud infrastructure provision with Terraform in AWS and the Google Cloud Platform and developed plans to migrate hosted on-premises services to Amazon AWS.
- Ensured the wider cybersecurity architecture, team-designed solutions that balanced the security risk, protected customers with user experience and business innovation, and articulated risk mitigation requirements to the business.
- Architected security controls for SaaS integrations against the security framework. Validated and guided the implementation of the best security practices across the business.
Enterprise Security Engineer
Databricks - Security Team (UK)
- Strengthened, validated, and guided the implementation of security best practices across the business, focusing expertise on using processes, systems, and how to use them to promote safe practices.
- Defined and developed the organization's approach to corporate assets and worked to ensure their security and availability.
- Documented security standards that IT teams can implement and use their SaaS apps for hardening.
- Architected security controls for SaaS integrations against security frameworks.
- Provided security controls for diverse applications and infrastructure in multi-cloud environments, including AWS, Azure, and GCP.
Security Architect
Swisscom
- Designed and developed security architectures for cloud and hybrid cloud-based systems with a solid understanding of AWS and Microsoft Azure platforms.
- Established strong relationships with the application development teams, facilitating cloud environment sizing and formulating disaster recovery capabilities to meet the application needs.
- Deployed cloud infrastructure with Terraform in AWS and Google Cloud Platform. Developed plans to migrate hosted on-premises services to Amazon AWS, ensuring data security and privacy and providing continuous monitoring and logging.
Security Consultant
CRYPTO AG
- Designed and deployed hardened network and security architectures for global military, defense, and government customers. Presented information on infrastructure plans, progress, and resolution of information security gaps to higher management.
- Executed complex projects and delivered essential security and business requirements by leveraging existing processes, assessing, managing, and reporting risks and issues, and providing mitigation options to key stakeholders.
- Reinforced information security across all government departments. Contributed to establishing the security operations center, which supported the achievement of business goals.
Architect
Roche
- Identified design and security gaps in existing and proposed architectures and recommended changes or enhancements. Acted as the technical security design authority for the IT program.
- Built strong relationships with technology providers and businesses and identified security technologies that would add value to the company.
- Devised a global remote-access and security project distributed to 20,000 users and deployed the business application.
Experience
e-Government Security
• Designing and developing hardened network and security architectures
• Presenting infrastructure plans, progress data, and solutions for information security gaps
• Leveraging existing security processes
• Assessing, managing, and reporting risks and issues and providing mitigation options
Remote Access Solution
• Deploying the business application and handling the distribution for 20 thousand users
• Identifying design and security gaps in the existing and proposed architectures
• Recommending changes and improvements
Security Management Project
• A data loss prevention (DLP) solution
• Content filtering
• Firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS)
• Endpoint protection
• Log management
• Analytics solutions
Education
Master of Science Degree in Cyber Security
University of Liverpool - Liverpool, United Kingdom
Certifications
AWS Solutions Architect Professional
Amazon Web Services
Microsoft Certified: Azure Security Engineer Associate
Microsoft
AWS Certified Security - Specialty
Amazon Web Services (AWS)
Aviatrix Certified Engineer Multi-Cloud Network Associate
Aviatrix
AWS Certified Solutions Architect Associate
AWS
Skills
Languages
SAML, SQL, Snowflake
Libraries/APIs
OpenID
Tools
GitHub, ConfigServer Security & Firewall (CSF), Terraform, GCP Security, Microsoft Power Apps, CloudOps, VPN, OpenVPN, Jira, Confluence, Amazon EKS
Paradigms
DevSecOps, DevOps
Platforms
Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Kubernetes
Industry Expertise
Cybersecurity, Telecommunications, Insurance, Network Security, Security Advisory
Storage
Database Security, Google Cloud, Azure Cloud Services, Azure Active Directory
Other
Firewalls, Intrusion Prevention Systems (IPS), SaaS, Architecture, Networking, SIEM, Cryptography, Cloud, Enterprise Risk Management (ERM), AWS Cloud Security, Cloud Security, Security Architecture, IP Networks, Security Engineering, Security, Remote Access Security, IT Security, Compliance, Consulting, ISO 27001, Okta, NIST, Documentation, SecOps, Endpoint Security, FedRAMP, Vulnerability Management, Application Security, Microsoft Azure, Information Security, ISO 27002, Financial Services, Data Privacy, Pharmaceuticals, Identity & Access Management (IAM), Threat Modeling, Cloud Architecture, Networks, Cisco, Palo Alto Networks, Risk Management, Web Security, Web App Security, Vulnerability Assessment, Single Sign-on (SSO), SOC 2, System Administration, Monitoring, Intrusion Detection Systems (IDS), Security Policies & Procedures, Audits, Zero Trust, SAML-auth, OWASP, Data Protection, Group Policy, IT Governance, Data Governance, Governance, GRC, CISO, Computer Security, Load Balancers, Scaling, Security Management, Risk Assessment, Information Assurance, Stakeholder Management, Critical Security Controls (CIS Controls), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, Data Integrity Testing, CI/CD Pipelines, GDPR, OAuth, Managed Security Service Providers (MSSP), Data Loss Prevention (DLP), IDS/IPS, Endpoint Detection and Response (EDR), SaaS Security, Infrastructure Security, Network Architecture, Cloud Infrastructure, IPsec, Network Engineering, Cloudflare, AWS Certified Solution Architect, Vulnerability Scanning, Certifications, Data Migration, Azure Cloud Security, Advisory, Infrastructure, Managed Services, Security Information and Event Management (SIEM), AWS Cloud Architecture, Security Audits, Microsoft 365, Shell Scripting, CyberArk, Forensics
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring