Zeeshan Bilal
Verified Expert in Engineering
Security Architect and Developer
London, United Kingdom
Toptal member since December 2, 2022
Zeeshan is a cutting-edge technology enthusiast with solid experience and a strong interest in security engineering and architecture in digital transformation projects. He specializes in designing and implementing security controls aligned with various industry standards and frameworks to manage cyber-attack risks in hybrid cloud environments. Zeeshan is also the author of seven research articles shared in notable international security conferences and journals.
Portfolio
Experience
- Threat Modeling - 12 years
- Identity & Access Management (IAM) - 12 years
- Security Operations Centers (SOC) - 8 years
- Cloud Security - 8 years
- Cisco Cloud Controls Framework (CCF) - 8 years
- Digital Transformation - 6 years
- Amazon Web Services (AWS) - 6 years
- DevOps - 5 years
Availability
Preferred Environment
Amazon Web Services (AWS), Security Operations Centers (SOC), DevOps, Vulnerability Management, Identity & Access Management (IAM), Threat Modeling, PKI, Microservices Architecture, Digital Transformation, Software Development Lifecycle (SDLC)
The most amazing...
...initiative I've led is a cloud security program for a major financial institution, which helped run its operation smoothly and securely in the cloud.
Work Experience
Lead DevSecOps
Camelot Group
- Designed and deployed a CI/CD pipeline with quality gates.
- Outlined and delivered security controls, including AWS IAM, compliance, infrastructure, application, data, incident response, end-point protection, DDoS protection, bastion, security auditing, logging, and monitoring.
- Acted as an internal cloud security auditor to meet regulatory and compliance requirements. I also trained, supervised, and helped SecOps teams with digital forensics and incident response (DFIR).
- Designed and operationalized an incident response and disaster recovery, regulatory compliance, vulnerability, and patch management framework.
- Integrated and set up the alert configuration to optimize SIEM for cloud use cases.
- Built IaC modules for implementing security as code.
- Designed and implemented parity between on-premises and cloud DCs.
Lead DevSecOps
DAZN
- Deployed, optimized, and maintained security logging and monitoring capabilities.
- Designed, documented, and operationalized an incident response framework.
- Evaluated, implemented, and maintained database encryption capabilities.
- Assessed and implemented a Secrets Management solution.
- Extended vulnerability assessment scanning capabilities to include authenticated, internal, external, and AWS account scanning.
- Designed, implemented, and maintained cloud compliance processes.
- Evaluated, implemented, and maintained enterprise threat protection.
- Assessed and designed a secure big data architecture.
- Designed and backed security into the CI/CD pipeline.
- Built Terraform modules for implementing security as code.
Senior Cloud Security Analyst
Stats Perform
- Designed and rolled out a complete SecOps program for new projects.
- Outlined and implemented the architecture for applying compliance, auditing, and vulnerability management in AWS.
- Implemented and configured AWS-leveraged security services, including web application firewall (WAF), AWS Shield Advanced, Amazon GuardDuty, AWS Config, and AWS CloudTrail.
- Designed and implemented security in the DevOps lifecycle and programs.
- Outlined the container lifecycle security program incorporated in containerized workloads.
- Prepared a cross-domain security awareness and training program.
- Evaluated and implemented SIEM for monitoring cloud-related security incidents.
- Documented policies and guidelines for infrastructure, applications, and AWS IAM security best practices.
- Acted as the subject-matter expert for cloud security guidance of architectures, developers, reliability engineers, and pen testers.
Freelance Module Leader
BPP University
- Developed the IS security and risk management module.
- Led the digital and technology solution module in a bachelor of science program.
- Contributed as a lecturer and module developer on information security courses.
Experience
Cloud Migration Program
Certifications
AWS Certified Security – Specialty Certification
Amazon Web Services
AWS Certified Solutions Architect – Associate Certification
Amazon Web Services
Certified Information Systems Security Professional
International Information System Security Certification Consortium
Skills
Tools
Terraform, Boto 3
Paradigms
DevOps, Microservices Architecture, Security Software Development, DevSecOps
Platforms
Amazon Web Services (AWS)
Languages
Python
Storage
Database Security
Industry Expertise
Network Security
Other
Security Operations Centers (SOC), Vulnerability Management, Identity & Access Management (IAM), Threat Modeling, Digital Transformation, Cloud Security, PKI, Software Development Lifecycle (SDLC), Cisco Cloud Controls Framework (CCF), IT Governance, Information Assurance, IT Security, Security, Enterprise Architecture, Security Architecture, Applied Cryptography, CI/CD Pipelines, Infrastructure as Code (IaC), Endpoint Security, SIEM, Incident Response, Vulnerability Assessment, Cloud Computing, Unified Threat Management (UTM), Data Encryption, Big Data Architecture, Secret Management, IT Audits, PCI Compliance, Secure Containers, Security Policies & Procedures, Security Awareness Training, Controls, R&D, Product Management, Technical Support, Knowledge Bases, Security Testing, Online Course Design, Module Development, Information Security, Risk Management, High-performance Design, Aircraft Engineering, IoT Security, Wireless Protocols, Confidentiality, Authentication, NIST, FIPS, ISO 27001, Security Analysis, Threat Analytics, Attack Surface Analysis, Access Control, Communication, Implementation, Design, Assets, Operations, Security Engineering, Security Assessment
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring