Zeeshan Bilal
Verified Expert in Engineering
Security Architect and Developer
Zeeshan is a cutting-edge technology enthusiast with solid experience and a strong interest in security engineering and architecture in digital transformation projects. He specializes in designing and implementing security controls aligned with various industry standards and frameworks to manage cyber-attack risks in hybrid cloud environments. Zeeshan is also the author of seven research articles shared in notable international security conferences and journals.
Portfolio
Experience
Availability
Preferred Environment
Amazon Web Services (AWS), Security Operations Centers (SOC), DevOps, Vulnerability Management, Identity & Access Management (IAM), Threat Modeling, PKI, Microservices Architecture, Digital Transformation, Software Development Lifecycle (SDLC)
The most amazing...
...initiative I've led is a cloud security program for a major financial institution, which helped run its operation smoothly and securely in the cloud.
Work Experience
Lead DevSecOps
Camelot Group
- Designed and deployed a CI/CD pipeline with quality gates.
- Outlined and delivered security controls, including AWS IAM, compliance, infrastructure, application, data, incident response, end-point protection, DDoS protection, bastion, security auditing, logging, and monitoring.
- Acted as an internal cloud security auditor to meet regulatory and compliance requirements. I also trained, supervised, and helped SecOps teams with digital forensics and incident response (DFIR).
- Designed and operationalized an incident response and disaster recovery, regulatory compliance, vulnerability, and patch management framework.
- Integrated and set up the alert configuration to optimize SIEM for cloud use cases.
- Built IaC modules for implementing security as code.
- Designed and implemented parity between on-premises and cloud DCs.
Lead DevSecOps
DAZN
- Deployed, optimized, and maintained security logging and monitoring capabilities.
- Designed, documented, and operationalized an incident response framework.
- Evaluated, implemented, and maintained database encryption capabilities.
- Assessed and implemented a Secrets Management solution.
- Extended vulnerability assessment scanning capabilities to include authenticated, internal, external, and AWS account scanning.
- Designed, implemented, and maintained cloud compliance processes.
- Evaluated, implemented, and maintained enterprise threat protection.
- Assessed and designed a secure big data architecture.
- Designed and backed security into the CI/CD pipeline.
- Built Terraform modules for implementing security as code.
Senior Cloud Security Analyst
Stats Perform
- Designed and rolled out a complete SecOps program for new projects.
- Outlined and implemented the architecture for applying compliance, auditing, and vulnerability management in AWS.
- Implemented and configured AWS-leveraged security services, including web application firewall (WAF), AWS Shield Advanced, Amazon GuardDuty, AWS Config, and AWS CloudTrail.
- Designed and implemented security in the DevOps lifecycle and programs.
- Outlined the container lifecycle security program incorporated in containerized workloads.
- Prepared a cross-domain security awareness and training program.
- Evaluated and implemented SIEM for monitoring cloud-related security incidents.
- Documented policies and guidelines for infrastructure, applications, and AWS IAM security best practices.
- Acted as the subject-matter expert for cloud security guidance of architectures, developers, reliability engineers, and pen testers.
Freelance Module Leader
BPP University
- Developed the IS security and risk management module.
- Led the digital and technology solution module in a bachelor of science program.
- Contributed as a lecturer and module developer on information security courses.
Senior Cyber Security Consultant
Tripwire
- Designed enterprise security architecture to implement compliance, auditing, and vulnerability management.
- Implemented security controls reporting in on-premises, cloud, and hybrid deployments.
- Worked with R&D and product management for a secure product architecture.
- Handled escalations and specialized technical investigations.
- Documented technical knowledge-based articles for clients.
- Carried out security testing of the new releases to ascertain security by design.
- Deployed and troubleshot security solutions using best practices and guidelines.
- Automated troubleshooting and customized controls to suit clients' business goals.
- Scoped, tailored, and customized vulnerability checks, compliance policies, and audit reports.
Security Architect
Royal Holloway
- Worked on the security architecture's high- and low-level design in a project involving different organizations headed by GE Aviation.
- Carried out threat modeling of the proposed architectures.
- Designed security for aircraft systems database, mobile devices in the flight deck, wireless maintenance, and data load system.
- Developed attack scenarios for the test bed to simulate threat vectors.
- Designed confidentiality for link, end-to-end, and multicast channels using layered security based on industry standards.
- Outlined authentication and message integrity for trusted nodes, near-field communications, wired connections, and power supply systems.
- Designed a security engine for secure boot, attestation, secure key storage, application installation and updates, and critical management.
- Consulted relevant standards, including NIST 800-30/39/53, FIPS-140, ISO-27001, RTCA DO-326, and EUROCAE ED-202/203/204.
PhD Research Scholar
Royal Holloway
- Performed lightweight cryptographic implementations.
- Carried out security and performance analysis of existing systems.
- Analyzed threat vectoring and attack surface of proposed systems.
- Designed identity and access control management in authentication protocols.
- Developed mutual authentication and ownership transfer protocols.
- Proposed anti-counterfeit mechanisms for online commerce and supply chain management systems.
Experience
Cloud Migration Program
Education
PhD in Information Security
Royal Holloway, University of London - London, United Kingdom
Certifications
AWS Certified Security – Specialty Certification
Amazon Web Services
AWS Certified Solutions Architect – Associate Certification
Amazon Web Services
Certified Information Systems Security Professional
International Information System Security Certification Consortium
Skills
Tools
Terraform, Boto 3
Platforms
Amazon Web Services (AWS)
Paradigms
DevOps, Microservices Architecture, Security Software Development, DevSecOps
Languages
Python
Storage
Database Security
Industry Expertise
Network Security
Other
Security Operations Centers (SOC), Vulnerability Management, Identity & Access Management (IAM), Threat Modeling, Digital Transformation, Cloud Security, PKI, Software Development Lifecycle (SDLC), Cisco Cloud Controls Framework (CCF), IT Governance, Information Assurance, IT Security, Security, Enterprise Architecture, Security Architecture, Applied Cryptography, CI/CD Pipelines, Infrastructure as Code (IaC), Endpoint Security, SIEM, Incident Response, Vulnerability Assessment, Cloud Computing, Unified Threat Management (UTM), Data Encryption, Big Data Architecture, Secret Management, IT Audits, PCI Compliance, Secure Containers, Security Policies & Procedures, Security Awareness Training, Controls, R&D, Product Management, Technical Support, Knowledge Bases, Security Testing, Online Course Design, Module Development, Information Security, Risk Management, High-performance Design, Aircraft Engineering, IoT Security, Wireless Protocols, Confidentiality, Authentication, NIST, FIPS, ISO 27001, Security Analysis, Threat Analytics, Attack Surface Analysis, Access Control, Communication, Implementation, Design, Assets, Operations, Security Engineering, Security Assessment
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring