Salam is available for hire
Hire SalamSalam Houchou
Verified Expert in Engineering
Security Architect and Developer
Location
Zürich, Switzerland
Toptal Member Since
March 15, 2022
Salam is an IT security architect and consultant in information, cyber, and cloud security. With 20 years of experience, a master's degree in cyber security, and Microsoft Azure, GCP, and AWS security certifications, he excels in designing and implementing initiatives to manage security risks and compliance while maximizing safety and security expectations. Salam is keen on re-organizing, streamlining, and strengthening existing operations by implementing cutting-edge, cost-effective solutions.
FirewallsSecurityInformation SecurityCiscoSystem AdministrationSecurity ArchitectureGRCData EncryptionNISTData ProtectionWeb SecurityWeb App SecuritySecurity Policies & ProceduresData GovernanceSaaSZero TrustSaaS SecurityEndpoint SecurityIPsecCyberArkInfrastructure SecurityScalabilityCloud Security FrameworkVulnerability ManagementContinuous Data Protection (CDP)
Portfolio
Colleva, Inc.
IT Security, SecOps, Azure, Security, SOC 2, GDPR, IDS/IPS, SaaS Security...
Vizen Analytics, LLC
IT Security, GCP Security, Snowflake, Azure Cloud Security, Advisory...
Lloyds Banking Group
AWS Cloud Security, AWS Cloud Architecture, Azure, Cloud Security, CyberArk...
Experience
Availability
Full-time
Preferred Environment
Google Cloud Platform (GCP), Application Security, Microsoft Azure, Security Architecture, Information Security, Compliance, SOC 2, AWS Cloud Security, NIST, Risk Assessment
The most amazing...
...project I've worked on is engineering, designing, and implementing information security controls to one of the biggest monitoring platforms in Switzerland.
Work Experience
Security Architect
2024 - PRESENT
Colleva, Inc.
- Crafted and implemented a suite of robust security policies tailored to the company's specific needs and industry requirements. These policies covered areas such as data protection, access control, incident response, and risk management.
- Guided the company through the SOC 2 compliance process from start to finish, ensuring adherence to industry-leading security standards and best practices.
- Provided expert mentorship and support to internal teams, facilitating their understanding of SOC 2 requirements and helping them implement necessary controls and procedures.
- Leveraged Azure's built-in security features such as Azure Security Center, Azure Policy, Azure Firewall, and Azure Identity and Access Management (IAM) to enhance visibility, protect against threats, and enforce compliance requirements.
- Configured Azure Security Center to provide continuous monitoring and threat detection capabilities, allowing for real-time detection of suspicious activities, unauthorized access attempts, and potential security breaches.
- Implemented a proactive approach to security through continuous improvement and optimization of Azure security controls.
Technologies: IT Security, SecOps, Azure, Security, SOC 2, GDPR, IDS/IPS, SaaS Security, Microsoft Power Apps, Infrastructure Security, Network Architecture, Cloud Infrastructure, CloudOps, IPsec, VPN, Network Engineering, Cloudflare, OpenVPN, AWS Certified Solution Architect, Jira, Confluence, Vulnerability Scanning, Certifications, Data Migration, Kubernetes, Security Advisory, Azure Cloud Security, Advisory, Infrastructure, Managed Services, Azure Active Directory, Amazon EKS
SecOps for GCP Consultation
2024 - 2024
Vizen Analytics, LLC
- Created a design for GCP infrastructure using GCP best practices architecture and best security practices.
- Designed secure connectivity to share data securely between the Snowflake platform and SaaS deployment on GCP.
- Built security policy for the company and the security controls for client satisfaction.
Technologies: IT Security, GCP Security, Snowflake, Azure Cloud Security, Advisory, Infrastructure, Managed Services, Azure Active Directory, Amazon EKS, Security Information and Event Management (SIEM)
Cybersecurity Architect
2022 - 2024
Lloyds Banking Group
- Deployed identity and access management on the client's AWS cloud environment following the least privilege and zero-trust principle.
- Automated the cloud infrastructure provision with Terraform in AWS and the Google Cloud Platform and developed plans to migrate hosted on-premises services to Amazon AWS.
- Ensured the wider cybersecurity architecture, team-designed solutions that balanced the security risk, protected customers with user experience and business innovation, and articulated risk mitigation requirements to the business.
- Architected security controls for SaaS integrations against the security framework. Validated and guided the implementation of the best security practices across the business.
Technologies: AWS Cloud Security, AWS Cloud Architecture, Azure, Cloud Security, CyberArk, SaaS, IT Security, Compliance, Consulting, ISO 27001, Security Architecture, Cybersecurity, IP Networks, Security Engineering, Vulnerability Management, Intrusion Prevention Systems (IPS), SIEM, Cloud, Enterprise Risk Management (ERM), SQL, Financial Services, Data Privacy, Telecommunications, Identity & Access Management (IAM), Threat Modeling, ISO 27002, Insurance, Network Security, Remote Access Security, NIST, Documentation, Microsoft Azure, Information Security, Cloud Architecture, Networks, Cisco, Risk Management, Database Security, Endpoint Security, Security, Web Security, Web App Security, Google Cloud, Vulnerability Assessment, Single Sign-on (SSO), SOC 2, System Administration, DevSecOps, DevOps, Monitoring, Intrusion Detection Systems (IDS), Security Policies & Procedures, Zero Trust, SAML-auth, OWASP, Data Protection, Group Policy, IT Governance, Data Governance, Governance, GRC, Security Audits, CISO, Microsoft 365, Computer Security, Load Balancers, Scaling, Security Management, Risk Assessment, Information Assurance, Stakeholder Management, GitHub, Critical Security Controls (CIS Controls), ConfigServer Security & Firewall (CSF), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, Data Integrity Testing, CI/CD Pipelines, GDPR, OpenID, OAuth, Terraform, Managed Security Service Providers (MSSP), Data Loss Prevention (DLP), Azure Cloud Services, Audits, Networking, IDS/IPS, Endpoint Detection and Response (EDR), GCP Security, SaaS Security, Microsoft Power Apps, Infrastructure Security, Network Architecture, Cloud Infrastructure, CloudOps, IPsec, VPN, Network Engineering, Cloudflare, OpenVPN, AWS Certified Solution Architect, Jira, Confluence, Vulnerability Scanning, Certifications, Data Migration, Kubernetes, Security Advisory, Azure Cloud Security, Advisory, Infrastructure, Managed Services, Azure Active Directory, Shell Scripting, Amazon EKS, Security Information and Event Management (SIEM)
Enterprise Security Engineer
2022 - 2023
Databricks - Security Team (UK)
- Strengthened, validated, and guided the implementation of security best practices across the business, focusing expertise on using processes, systems, and how to use them to promote safe practices.
- Defined and developed the organization's approach to corporate assets and worked to ensure their security and availability.
- Documented security standards that IT teams can implement and use their SaaS apps for hardening.
- Architected security controls for SaaS integrations against security frameworks.
- Provided security controls for diverse applications and infrastructure in multi-cloud environments, including AWS, Azure, and GCP.
Technologies: Security, NIST, Amazon Web Services (AWS), ISO 27001, Okta, SecOps, IT Security, FedRAMP, IP Networks, Security Engineering, Vulnerability Management, Threat Modeling, Documentation, Microsoft Azure, Information Security, Cloud Architecture, Networks, Database Security, Cybersecurity, Web Security, Web App Security, Google Cloud, Single Sign-on (SSO), SOC 2, System Administration, DevSecOps, DevOps, Monitoring, Intrusion Detection Systems (IDS), Security Policies & Procedures, Zero Trust, SAML, OWASP, Data Protection, Group Policy, IT Governance, Data Governance, Governance, GRC, CISO, Microsoft 365, Computer Security, Load Balancers, Scaling, Security Management, Risk Assessment, Information Assurance, Stakeholder Management, GitHub, Critical Security Controls (CIS Controls), ConfigServer Security & Firewall (CSF), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, Data Integrity Testing, CI/CD Pipelines, OpenID, OAuth, Terraform, Data Loss Prevention (DLP), Azure Cloud Services, GCP Security, SaaS Security, Microsoft Power Apps, Network Architecture, Cloud Infrastructure, CloudOps, IPsec, VPN, Network Engineering, Cloudflare, OpenVPN, AWS Certified Solution Architect, Confluence, Vulnerability Scanning, Certifications, Data Migration, Kubernetes, Security Advisory, Azure Cloud Security, Advisory, Infrastructure, Shell Scripting, Security Information and Event Management (SIEM)
Security Architect
2011 - 2021
Swisscom
- Designed and developed security architectures for cloud and hybrid cloud-based systems with a solid understanding of AWS and Microsoft Azure platforms.
- Established strong relationships with the application development teams, facilitating cloud environment sizing and formulating disaster recovery capabilities to meet the application needs.
- Deployed cloud infrastructure with Terraform in AWS and Google Cloud Platform. Developed plans to migrate hosted on-premises services to Amazon AWS, ensuring data security and privacy and providing continuous monitoring and logging.
Technologies: Cloud Security, Security Architecture, IT Security, Compliance, Consulting, ISO 27001, Cybersecurity, Firewalls, IP Networks, Security Engineering, Vulnerability Management, Intrusion Prevention Systems (IPS), SIEM, Cloud, Enterprise Risk Management (ERM), AWS Cloud Architecture, Financial Services, Data Privacy, Telecommunications, Identity & Access Management (IAM), ISO 27002, Network Security, Remote Access Security, NIST, Documentation, Microsoft Azure, Information Security, Cloud Architecture, Networks, Cisco, Palo Alto Networks, Risk Management, Database Security, Endpoint Security, Security, Web Security, Web App Security, Vulnerability Assessment, Single Sign-on (SSO), SOC 2, DevSecOps, DevOps, Monitoring, Intrusion Detection Systems (IDS), Zero Trust, SAML-auth, Data Protection, Group Policy, IT Governance, Data Governance, Governance, GRC, Security Audits, CISO, Computer Security, Scaling, Security Management, Risk Assessment, Information Assurance, Stakeholder Management, GitHub, Critical Security Controls (CIS Controls), ConfigServer Security & Firewall (CSF), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, Data Integrity Testing, GDPR, OAuth, Terraform, Managed Security Service Providers (MSSP), Data Loss Prevention (DLP), Azure Cloud Services, Audits, Networking, IDS/IPS, Endpoint Detection and Response (EDR), GCP Security, SaaS Security, Microsoft Power Apps, CloudOps, IPsec, VPN, Network Engineering, Infrastructure
Security Consultant
2010 - 2010
CRYPTO AG
- Designed and deployed hardened network and security architectures for global military, defense, and government customers. Presented information on infrastructure plans, progress, and resolution of information security gaps to higher management.
- Executed complex projects and delivered essential security and business requirements by leveraging existing processes, assessing, managing, and reporting risks and issues, and providing mitigation options to key stakeholders.
- Reinforced information security across all government departments. Contributed to establishing the security operations center, which supported the achievement of business goals.
Technologies: Architecture, Cryptography, IT Security, Compliance, Consulting, ISO 27001, Security Architecture, Cybersecurity, Firewalls, IP Networks, Security Engineering, Vulnerability Management, Intrusion Prevention Systems (IPS), SIEM, Cloud, Enterprise Risk Management (ERM), Network Security, Remote Access Security, NIST, Documentation, Information Security, Networks, Cisco, Database Security, Endpoint Security, Security, Web Security, Web App Security, Vulnerability Assessment, Single Sign-on (SSO), SOC 2, DevOps, Monitoring, Intrusion Detection Systems (IDS), Group Policy, IT Governance, Data Governance, Governance, GRC, Computer Security, Scaling, Security Management, Risk Assessment, Information Assurance, Critical Security Controls (CIS Controls), ConfigServer Security & Firewall (CSF), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, GDPR, Managed Security Service Providers (MSSP), Data Loss Prevention (DLP), Audits, Networking, IDS/IPS, Endpoint Detection and Response (EDR), IPsec, VPN, Infrastructure
Architect
2009 - 2010
Roche
- Identified design and security gaps in existing and proposed architectures and recommended changes or enhancements. Acted as the technical security design authority for the IT program.
- Built strong relationships with technology providers and businesses and identified security technologies that would add value to the company.
- Devised a global remote-access and security project distributed to 20,000 users and deployed the business application.
Technologies: Architecture, Security, IT Security, Compliance, Consulting, ISO 27001, Security Architecture, IP Networks, Security Engineering, Vulnerability Management, Intrusion Prevention Systems (IPS), SIEM, Cloud, Enterprise Risk Management (ERM), Pharmaceuticals, ISO 27002, Network Security, Remote Access Security, NIST, Documentation, Information Security, Networks, Cisco, Single Sign-on (SSO), Data Governance, Computer Security, Risk Assessment, Critical Security Controls (CIS Controls), ConfigServer Security & Firewall (CSF), CrowdStrike, Threat Intelligence, GDPR, Managed Security Service Providers (MSSP), Networking, Infrastructure
Experience
e-Government Security
I reinforced information security across all government departments and contributed to establishing the security operations center, supporting the business goals. My responsibilities involved:
• Designing and developing hardened network and security architectures
• Presenting infrastructure plans, progress data, and solutions for information security gaps
• Leveraging existing security processes
• Assessing, managing, and reporting risks and issues and providing mitigation options
• Designing and developing hardened network and security architectures
• Presenting infrastructure plans, progress data, and solutions for information security gaps
• Leveraging existing security processes
• Assessing, managing, and reporting risks and issues and providing mitigation options
Remote Access Solution
I developed and designed a global remote access and security project. My responsibilities involved:
• Deploying the business application and handling the distribution for 20 thousand users
• Identifying design and security gaps in the existing and proposed architectures
• Recommending changes and improvements
• Deploying the business application and handling the distribution for 20 thousand users
• Identifying design and security gaps in the existing and proposed architectures
• Recommending changes and improvements
Security Management Project
I contributed to this project as a consultant in cloud security solutions working on a new cloud offering, infrastructure migration, and implementation of cloud security principles according to the National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO), and Cloud Security Alliance (CSA). My responsibilities involved delivering:
• A data loss prevention (DLP) solution
• Content filtering
• Firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS)
• Endpoint protection
• Log management
• Analytics solutions
• A data loss prevention (DLP) solution
• Content filtering
• Firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS)
• Endpoint protection
• Log management
• Analytics solutions
Skillset
Languages
SAML, SQL, Snowflake
Libraries/APIs
OpenID
Tools
GitHub, ConfigServer Security & Firewall (CSF), Terraform, GCP Security, Microsoft Power Apps, CloudOps, VPN, OpenVPN, Jira, Confluence, Amazon EKS
Paradigms
DevSecOps, DevOps
Platforms
Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Kubernetes
Industry Expertise
Cybersecurity, Telecommunications, Insurance, Network Security, Security Advisory
Storage
Database Security, Google Cloud, Azure Cloud Services, Azure Active Directory
Other
Firewalls, Intrusion Prevention Systems (IPS), SaaS, Architecture, Networking, SIEM, Cryptography, Cloud, Enterprise Risk Management (ERM), AWS Cloud Security, Cloud Security, Security Architecture, IP Networks, Security Engineering, Security, Remote Access Security, IT Security, Compliance, Consulting, ISO 27001, Okta, NIST, Documentation, SecOps, Endpoint Security, FedRAMP, Vulnerability Management, Application Security, Microsoft Azure, Information Security, ISO 27002, Financial Services, Data Privacy, Pharmaceuticals, Identity & Access Management (IAM), Threat Modeling, Cloud Architecture, Networks, Cisco, Palo Alto Networks, Risk Management, Web Security, Web App Security, Vulnerability Assessment, Single Sign-on (SSO), SOC 2, System Administration, Monitoring, Intrusion Detection Systems (IDS), Security Policies & Procedures, Audits, Zero Trust, SAML-auth, OWASP, Data Protection, Group Policy, IT Governance, Data Governance, Governance, GRC, CISO, Computer Security, Load Balancers, Scaling, Security Management, Risk Assessment, Information Assurance, Stakeholder Management, Critical Security Controls (CIS Controls), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, Data Integrity Testing, CI/CD Pipelines, GDPR, OAuth, Managed Security Service Providers (MSSP), Data Loss Prevention (DLP), IDS/IPS, Endpoint Detection and Response (EDR), SaaS Security, Infrastructure Security, Network Architecture, Cloud Infrastructure, IPsec, Network Engineering, Cloudflare, AWS Certified Solution Architect, Vulnerability Scanning, Certifications, Data Migration, Azure Cloud Security, Advisory, Infrastructure, Managed Services, Security Information and Event Management (SIEM), AWS Cloud Architecture, Security Audits, Microsoft 365, Shell Scripting, CyberArk, Forensics
Education
2017 - 2019
Master of Science Degree in Cyber Security
University of Liverpool - Liverpool, United Kingdom
Certifications
MAY 2023 - PRESENT
AWS Solutions Architect Professional
Amazon Web Services
SEPTEMBER 2021 - PRESENT
Microsoft Certified: Azure Security Engineer Associate
Microsoft
JULY 2021 - PRESENT
AWS Certified Security - Specialty
Amazon Web Services (AWS)
JULY 2020 - PRESENT
Aviatrix Certified Engineer Multi-Cloud Network Associate
Aviatrix
FEBRUARY 2020 - FEBRUARY 2023
AWS Certified Solutions Architect Associate
AWS
Collaboration That Works
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
1
Share your needs
Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2
Choose your talent
Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3
Start your risk-free talent trial
Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.
Top talent is in high demand.
Start hiring