Zeeshan Bilal, Developer in London, United Kingdom
Zeeshan is available for hire
Hire Zeeshan

Zeeshan Bilal

Verified Expert  in Engineering

Security Architect and Developer

Location
London, United Kingdom
Toptal Member Since
December 2, 2022

Zeeshan is a cutting-edge technology enthusiast with solid experience and a strong interest in security engineering and architecture in digital transformation projects. He specializes in designing and implementing security controls aligned with various industry standards and frameworks to manage cyber-attack risks in hybrid cloud environments. Zeeshan is also the author of seven research articles shared in notable international security conferences and journals.

Portfolio

Camelot Group
Amazon Web Services (AWS), DevSecOps, CI/CD Pipelines...
DAZN
Amazon Web Services (AWS), Incident Response, Vulnerability Assessment...
Stats Perform
Amazon Web Services (AWS), Security Operations Centers (SOC), IT Audits...

Experience

Availability

Part-time

Preferred Environment

Amazon Web Services (AWS), Security Operations Centers (SOC), DevOps, Vulnerability Management, Identity & Access Management (IAM), Threat Modeling, PKI, Microservices Architecture, Digital Transformation, Software Development Lifecycle (SDLC)

The most amazing...

...initiative I've led is a cloud security program for a major financial institution, which helped run its operation smoothly and securely in the cloud.

Work Experience

Lead DevSecOps

2019 - PRESENT
Camelot Group
  • Designed and deployed a CI/CD pipeline with quality gates.
  • Outlined and delivered security controls, including AWS IAM, compliance, infrastructure, application, data, incident response, end-point protection, DDoS protection, bastion, security auditing, logging, and monitoring.
  • Acted as an internal cloud security auditor to meet regulatory and compliance requirements. I also trained, supervised, and helped SecOps teams with digital forensics and incident response (DFIR).
  • Designed and operationalized an incident response and disaster recovery, regulatory compliance, vulnerability, and patch management framework.
  • Integrated and set up the alert configuration to optimize SIEM for cloud use cases.
  • Built IaC modules for implementing security as code.
  • Designed and implemented parity between on-premises and cloud DCs.
Technologies: Amazon Web Services (AWS), DevSecOps, CI/CD Pipelines, Infrastructure as Code (IaC), Endpoint Security, Vulnerability Management, SIEM, Security Operations Centers (SOC), Identity & Access Management (IAM), Threat Modeling, Microservices Architecture, Digital Transformation, Cloud Security, Software Development Lifecycle (SDLC)

Lead DevSecOps

2018 - 2019
DAZN
  • Deployed, optimized, and maintained security logging and monitoring capabilities.
  • Designed, documented, and operationalized an incident response framework.
  • Evaluated, implemented, and maintained database encryption capabilities.
  • Assessed and implemented a Secrets Management solution.
  • Extended vulnerability assessment scanning capabilities to include authenticated, internal, external, and AWS account scanning.
  • Designed, implemented, and maintained cloud compliance processes.
  • Evaluated, implemented, and maintained enterprise threat protection.
  • Assessed and designed a secure big data architecture.
  • Designed and backed security into the CI/CD pipeline.
  • Built Terraform modules for implementing security as code.
Technologies: Amazon Web Services (AWS), Incident Response, Vulnerability Assessment, Cloud Computing, Unified Threat Management (UTM), Data Encryption, Big Data Architecture, CI/CD Pipelines, Secret Management, Terraform, Security Operations Centers (SOC), DevOps, Identity & Access Management (IAM), Threat Modeling, Microservices Architecture, Digital Transformation, Cloud Security, Software Development Lifecycle (SDLC), Cisco Cloud Controls Framework (CCF)

Senior Cloud Security Analyst

2018 - 2018
Stats Perform
  • Designed and rolled out a complete SecOps program for new projects.
  • Outlined and implemented the architecture for applying compliance, auditing, and vulnerability management in AWS.
  • Implemented and configured AWS-leveraged security services, including web application firewall (WAF), AWS Shield Advanced, Amazon GuardDuty, AWS Config, and AWS CloudTrail.
  • Designed and implemented security in the DevOps lifecycle and programs.
  • Outlined the container lifecycle security program incorporated in containerized workloads.
  • Prepared a cross-domain security awareness and training program.
  • Evaluated and implemented SIEM for monitoring cloud-related security incidents.
  • Documented policies and guidelines for infrastructure, applications, and AWS IAM security best practices.
  • Acted as the subject-matter expert for cloud security guidance of architectures, developers, reliability engineers, and pen testers.
Technologies: Amazon Web Services (AWS), Security Operations Centers (SOC), IT Audits, PCI Compliance, Vulnerability Management, DevOps, Secure Containers, Security Policies & Procedures, Security Awareness Training, SIEM, Identity & Access Management (IAM), Threat Modeling, Microservices Architecture, Digital Transformation, Cloud Security, Software Development Lifecycle (SDLC), Cisco Cloud Controls Framework (CCF)

Freelance Module Leader

2017 - 2018
BPP University
  • Developed the IS security and risk management module.
  • Led the digital and technology solution module in a bachelor of science program.
  • Contributed as a lecturer and module developer on information security courses.
Technologies: Online Course Design, Module Development, Information Security, Risk Management, Vulnerability Management, Identity & Access Management (IAM), Threat Modeling, PKI, Cloud Security

Senior Cyber Security Consultant

2014 - 2018
Tripwire
  • Designed enterprise security architecture to implement compliance, auditing, and vulnerability management.
  • Implemented security controls reporting in on-premises, cloud, and hybrid deployments.
  • Worked with R&D and product management for a secure product architecture.
  • Handled escalations and specialized technical investigations.
  • Documented technical knowledge-based articles for clients.
  • Carried out security testing of the new releases to ascertain security by design.
  • Deployed and troubleshot security solutions using best practices and guidelines.
  • Automated troubleshooting and customized controls to suit clients' business goals.
  • Scoped, tailored, and customized vulnerability checks, compliance policies, and audit reports.
Technologies: Enterprise Architecture, Controls, Security, R&D, Product Management, Technical Support, Knowledge Bases, Security Testing, Security Operations Centers (SOC), Amazon Web Services (AWS), Vulnerability Management, Identity & Access Management (IAM), Threat Modeling, PKI, Cloud Security, Software Development Lifecycle (SDLC)

Security Architect

2014 - 2015
Royal Holloway
  • Worked on the security architecture's high- and low-level design in a project involving different organizations headed by GE Aviation.
  • Carried out threat modeling of the proposed architectures.
  • Designed security for aircraft systems database, mobile devices in the flight deck, wireless maintenance, and data load system.
  • Developed attack scenarios for the test bed to simulate threat vectors.
  • Designed confidentiality for link, end-to-end, and multicast channels using layered security based on industry standards.
  • Outlined authentication and message integrity for trusted nodes, near-field communications, wired connections, and power supply systems.
  • Designed a security engine for secure boot, attestation, secure key storage, application installation and updates, and critical management.
  • Consulted relevant standards, including NIST 800-30/39/53, FIPS-140, ISO-27001, RTCA DO-326, and EUROCAE ED-202/203/204.
Technologies: High-performance Design, Design, Threat Modeling, Aircraft Engineering, Database Security, IoT Security, Wireless Protocols, Confidentiality, Authentication, NIST, FIPS, ISO 27001, Vulnerability Management, Identity & Access Management (IAM), PKI

PhD Research Scholar

2010 - 2014
Royal Holloway
  • Performed lightweight cryptographic implementations.
  • Carried out security and performance analysis of existing systems.
  • Analyzed threat vectoring and attack surface of proposed systems.
  • Designed identity and access control management in authentication protocols.
  • Developed mutual authentication and ownership transfer protocols.
  • Proposed anti-counterfeit mechanisms for online commerce and supply chain management systems.
Technologies: Applied Cryptography, Security Analysis, Threat Analytics, Attack Surface Analysis, Access Control, Authentication, Vulnerability Management, Identity & Access Management (IAM), Threat Modeling, PKI

Cloud Migration Program

Led a cloud migration program resulting in a successful and secure migration of two data centers. It involved a lot of planning and strategy definition for each workload. The scope was further augmented by defining crawl, walk, run, and sprint phases in the cloud security program roadmap, thus enabling enterprises to operate their critical workloads and core services without significant disruptions.

Paradigms

DevOps, Microservices Architecture, Security Software Development, DevSecOps

Platforms

Amazon Web Services (AWS)

Other

Security Operations Centers (SOC), Vulnerability Management, Identity & Access Management (IAM), Threat Modeling, Digital Transformation, Cloud Security, PKI, Software Development Lifecycle (SDLC), Cisco Cloud Controls Framework (CCF), IT Governance, Information Assurance, IT Security, Security, Enterprise Architecture, Security Architecture, Applied Cryptography, CI/CD Pipelines, Infrastructure as Code (IaC), Endpoint Security, SIEM, Incident Response, Vulnerability Assessment, Cloud Computing, Unified Threat Management (UTM), Data Encryption, Big Data Architecture, Secret Management, IT Audits, PCI Compliance, Secure Containers, Security Policies & Procedures, Security Awareness Training, Controls, R&D, Product Management, Technical Support, Knowledge Bases, Security Testing, Online Course Design, Module Development, Information Security, Risk Management, High-performance Design, Aircraft Engineering, IoT Security, Wireless Protocols, Confidentiality, Authentication, NIST, FIPS, ISO 27001, Security Analysis, Threat Analytics, Attack Surface Analysis, Access Control, Communication, Implementation, Design, Assets, Operations, Security Engineering, Security Assessment

Languages

Python

Tools

Terraform, Boto 3

Storage

Database Security

Industry Expertise

Network Security

2010 - 2014

PhD in Information Security

Royal Holloway, University of London - London, United Kingdom

MAY 2019 - MAY 2022

AWS Certified Security – Specialty Certification

Amazon Web Services

JANUARY 2018 - JANUARY 2021

AWS Certified Solutions Architect – Associate Certification

Amazon Web Services

NOVEMBER 2017 - PRESENT

Certified Information Systems Security Professional

International Information System Security Certification Consortium

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring