Hire the best Information Security Audit professionals

Check out Information Security Audit professionals with the skills you need for your next job.
Clients rate Information Security Audit professionals
Rating is 4.6 out of 5.
4.6/5
based on 205 client reviews
  • US$60 hourly
    Transforming Information Security into a Competitive Advantage! I have the ability to translate complex compliance requirements into clear and concise language that resonates with the business. I'm a certified senior professional specializing in implementing and managing diverse security frameworks, including ISO 27000 family, SOC 2, PCI, GDPR, HIPAA, FedRAMP and CMMC. With a proven track record of guiding businesses to successful certification, I can help you achieve compliance while mitigating risks. Don't wait until it's too late! Contact me now and avoid drowning in compliance requirements. I'm well-versed in compliance platforms like Thoropass, Drata, StrikeGraph, and TrustCloud. Explore how I can assist you and inquire about my 10% referral discount.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    CMMC
    Risk Management
    Microsoft SQL Server
    Security Framework
    NIST Cybersecurity Framework
    HIPAA
    GDPR
    NIST SP 800-53
    Data Privacy
    Compliance
    Governance, Risk Management & Compliance
    ISO 27001
    SOC 2 Report
    Information Security
  • US$99 hourly
    Let me help you unlock business opportunities and growth (๐Ÿ’ฒmillions) and sell to the likes of Disney, Pfizer, Uber, Siemens, Google, PWC, and so on. In the B2B space, you need Security, Privacy, and Compliance to sell to Enterprises! You focus on the business, and I'll take care of security, privacy, and compliance. Sleep well overnight because you know you are in good hands with the ๐Ÿฅ‡ Upwork virtual CISO, Security, Privacy, and Compliance consultant (1M+ earnings, 20+ years of enterprise experience)! CEO selling to Morgan Stanley: ๐Ÿฅ‚"The certification is enabling us to strike a deal with a Fortune 100 client." CEO selling to Philips: ๐Ÿพ "We have achieved the ISO 27001:2022 certification in record time." CEO selling to Pepsi:๐ŸŽ‰ "Attila supported the growth of our business into Fortune 100 accounts." COO selling to Fannie Mae:๐Ÿ‘ "We achieved a successful SOC 2 Type II attestation with no exception." ๐Ÿ’ญSecuring your business, passing security assessments by clients or prospects, and achieving a security certification ๐™จ๐™๐™ค๐™ช๐™ก๐™™ ๐™ฃ๐™ค๐™ฉ ๐™—๐™š ๐™– ๐™˜๐™ช๐™ข๐™—๐™š๐™ง๐™จ๐™ค๐™ข๐™š ๐™–๐™ฃ๐™™ ๐™ฅ๐™–๐™ž๐™ฃ๐™›๐™ช๐™ก ๐™š๐™ญ๐™š๐™ง๐™˜๐™ž๐™จ๐™š. ๐Ÿ‘Œ All you need to do is ping me on Upwork, bring your problem, and after a 15-minute scoping call, I will provide you with a detailed Scope of Work. Specialized in business-to-business clients, providing ๐Ÿ’ธmoney-back guaranteed๐Ÿ’ธ ISO 27001, SOC 2, GDPR, HIPAA, PCI-DSS, CMMC, and FedRAMP projects and affordable virtual CISO (vCISO) services. ----> If you donโ€™t get certified, all my fees will be refunded! <---- We are a good match if you are: ๐Ÿ˜ขBusy developing your product or business and donโ€™t have time and resources to be consumed by compliance efforts and endless meetings, halting your production for months ๐Ÿค”Already purchased a DIY compliance tool (Drata, Vanta, Thoropass/HeyLaika, Sprinto, Tugboat Logic, SecureFrame, Strike Graph, Audit Board, Trust Cloud, and so on) but ๐™™๐™ค๐™ฃโ€™๐™ฉ ๐™ ๐™ฃ๐™ค๐™ฌ ๐™ฉ๐™๐™š ๐™ฃ๐™š๐™ญ๐™ฉ ๐™จ๐™ฉ๐™š๐™ฅ ๐™ค๐™ง ๐™™๐™ค๐™ฃโ€™๐™ฉ ๐™๐™–๐™ซ๐™š ๐™ฉ๐™ž๐™ข๐™š. ๐Ÿ˜ขYou quickly need quick security or privacy awareness training, cloud security posture assessment (AWS, GCP, Azure), endpoint security (MS 365 - Intune, Jumpcloud, Google Workspace), or penetration testing? ๐Ÿ’ชWant to decrease your sale cycle by being compliant and having all the answers for the security and privacy questionnaires? ๐Ÿ’ชFacing challenges with the security and privacy implications of AI products? ๐Ÿ’ชWant continuous access to a certified, creditable security, compliance, and privacy professional to manage your security framework? -> Continous virtual CISO (vCISO / fractional CISO) service with affordable weekly payments! ๐Ÿ˜ŸNeed world-class, battle-proof security and privacy policies and you need it quickly? The kind of ones that have passed audits by KMPG, Deloitte, E&Y, Pepsi, Uber, Verizon, Philips, Facebook, and many others. ๐Ÿ’ชYou want problems to be solved by the BEST Working with me, you will: โ— Stop struggling with compliance requirements, security questionnaires, or useless document templates. โ— Make the first steps on the journey to selling Enterprises โ— Receive turnkey, Enterprise-grade security operation framework ensuring long-term effectiveness โ— Work with an experienced senior team (architects, pen testers, endpoint engineers, developers, auditors, consultants) that regularly helps clients score Enterprise accounts. My stats are: โœ…Saved tens of thousands $$$$$ for clients, advising them on the right security tools, solutions, and approach โœ…#1 in Information Security and IT compliance categories (1M+ earned) โœ…Supporting all time zones โœ…Long-term engagements โœ…Professional certifications (CISA, CISSP, ISO 27001 IA) About the Security Consultants team: QUALITY over QUANTITY is our ethos. Excellent quality, on time, always. We only take on projects when we can deliver outstanding results. The team consists of (only) senior experts in AWS, Azure, GCP DevOps, SecOps, Penetration testing, Google Workspace, MS 365 Intune, AppSec, auditing, and compliance. Professional Integrity: We are strongly committed to moral and ethical principles and values, such as honesty, honor, responsibility, trustworthiness, and objectivity. What we look for in a new client: โ— Open-minded, relaxed attitude โ— Values integrity & long-term relationships โ— Willing to accept advice and guidance (security is a complex niche) Security questionnaire and vendor assessment tools: CyberGRX, Panorays, KY3P (S&P, PWC), RSM, CyberVadis, SIG, SIG Lite, CAIQ, VAS, HECVAT, OneTrust, Graphite Connect, Centrl, Whistic, Process Unity Security/Compliance frameworks: ISO 27001, SOC 2, FedRAMP, NIST 800-53, NIST 800-171, NIST CSF, TISAX, HIPAA, HITRUST CSF, GDPR, NERC, ISO 27017, ISO 27018, CMMC, CMMI, TX-RAMP, StateRAMP, AZ-RAMP, NY DFS 23 / NYCRR Part 500, PCI-DSS, FFIEC, C5, ENISA, Center of Information Security (CIS) CSAT, IRAP, PIPEDA, ISO 42001
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Information Security Consultation
    GDPR
    Security Management
    Insurance & Risk Management
    ISO 27001
    SOC 2
    AI Security
    HIPAA
    SOC 2 Report
    Cloud Security
    Certified Information Systems Security Professional
    Information Security
    Cybersecurity Management
    Security Policies & Procedures Documentation
  • US$85 hourly
    I am a Certified Information Security Auditor (CISA) . I am an expert leading SOC 1/SOC 2 engagements and it's variations (Type I/Type II), ISO27001, HIPAA and HiTrust. I have extensive experience leading compliance design and implementations in preparation for audit engagements including both evidence gathering and report reviews. I have worked both in the internal audit and external audit sectors for one of the largest public accounting firms in the US. I work with businesses of varying sizes from start-up to Cloud 100. I am passionate about "right sizing" business process to narrow down the focus areas to drive efficient implementation of controls on an ongoing business. If you have any technology compliance needs or require answers to general compliance questions or guidance feel free to reach out to me.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Business Continuity Plan
    Security Infrastructure
    Regulatory Compliance
    Information Security Governance
    Policy Writing
    Compliance
    GDPR Compliance Review
    SaaS
    SOC 1 Report
    HIPAA
    Compliance Consultation
    IT Compliance Audit
    Risk Assessment
    Sarbanes-Oxley Act
  • US$60 hourly
    I am a Certified Compliance and Ethics Professional - International (provided by SCCE). I have an Advanced Diploma in Accounting and Business (provided by ACCA). I am ACCA certified. I have 15 years of experience in Compliance, Internal Audit, and Risk Management in Fortune 500 companies in diverse industries (Information Technology, Financial Services, Pharmaceuticals, FMCG, Telecom, and others). I am an experienced professional with a proven track record of delivering profitability, sustainable business growth, operational optimization, and driving innovation. My areas of focus: 1. Information Security (ISO 27001, SOC2, NIST). 2. Data Privacy (GDPR, HIPAA, CCPA, PECR, etc). 3. PCI:DSS Compliance. 4. Risk Management (ERM). 5. Internal Audit. 6. Contracts and Policies writing. 7. MSA and ADA compliance. 8. FCPA, UKBA Compliance. 9. AML/CTF. 10. KYC (Due Diligence). Feel free to contact me whenever it will be convenient for you. Looking forward to hearing from you and hope for our productive cooperation. Regards,
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    ISO 27001
    ISO 9001
    PCI
    Policy Writing
    GDPR
    Anti-Money Laundering
    IT Compliance Audit
    Due Diligence
    Internal Control
  • US$30 hourly
    Looking for a penetration test? We'll give you access to our next-generation penetration testing solution. By combining the power of manual and automated penetration tests, we deliver the real-time insights companies need to remediate risk quickly. Through our Pentest as a Service (PTaaS) platform our clients receive comprehensive assessments. Our methodology follows the National Institute of Standards and Technology Special Publication (NIST SPโ€‹ 800-115), along with the latest techniques, tactics and tools used by hackers to compromise systems and applications. Providing real-time findings and unlimited retests to ensure gaps are closed is our key differentiator. Please check my Upwork work history and client feedbacks. I look forward to hearing from you!
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Website Security
    OWASP
    Web Application Security
    Certified Information Systems Security Professional
    Information Security
    Vulnerability Assessment
    Security Testing
    Network Security
    Penetration Testing
  • US$55 hourly
    IT Professional with over 30 years experience. 15+ years experience in web development. 8+ Years experience in PCI-DSS Consultation, including level 1 companies, working with QSA's to swiftly obtain compliance. For the past five years, I have been providing GDPR consultation to many small to medium-sized companies. Three years experience with ISO 27001 helping clients get and maintain ISO 27001 accredited certification. I spent 20 years working in various IT roles, mainly support, engineering, and web development, within one of the largest companies in the world. I was awarded Charted IT Professional status from the British Computer Society in July 2008. Since then, I have run my own company with a small team producing web-based platforms and services and offering freelance compliance consultation to small businesses. I have also worked as a CTO on several start-up projects managing their entire IT infrastructure and gaining valuable PCI compliance experience, essential to all e-commerce projects. Due to my experience and varied IT roles, I have a good knowledge of web design, programming, databases, security, SEO, troubleshooting, technical writing & more. I am a highly organised and reliable individual, utilising existing knowledge and experiences to find practical solutions to even the most complex project.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Compliance Consultation
    Data Privacy
    Vulnerability Assessment
    Information Security
    PCI DSS
    Data Protection
    Website Security
    PCI
    Compliance
    ISO 27001
    Risk Assessment
    GDPR
    Web Content Accessibility Guidelines
    Security Analysis
  • US$150 hourly
    I am the CEO & founder of BetterCyber Consulting, a cybersecurity consulting, technology, and managed services company helping startups and micro, small, and mid-sized companies create secure operating environments to increase business opportunities. I am also part of Upwork's Expert-Vetted Talent program. My priority is to create cost-effective, business-focused, and risk-driven cybersecurity solutions to help my clients secure their information assets against cyber threats. Before leaving corporate America, I held several cybersecurity positions, from operations to strategy and architecture, in Fortune 100 companies, such as PayPal Holdings, Inc. and Marathon Petroleum Corporation. I hold a bachelor's degree in Telecommunications Engineering from the Airforce University in Argentina, a master's degree in Information Security Engineering from the SANS Technology Institute, and many cybersecurity certifications, including CISSP (Certified Information Systems Security Professional) and GSE (GIAC Security Expert).
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    WordPress Malware Removal
    Malware Removal
    CMMC
    Risk Assessment
    Cloud Security
    Internet Security
    Information Security Awareness
    Security Engineering
    Security Analysis
    Email Security
    Penetration Testing
    Information Security
    Security Policies & Procedures Documentation
    Cybersecurity Management
  • US$140 hourly
    Ex-Big 4 senior consultant with 10+ years of experience in assisting clients in cybersecurity, IT compliance, AI security management and security risk assessment projects. โ—You have lost contracts because you were not certified? โ—Your clients pressure you to provide them with an information security certification (PCI-DSS, SOC 2, ISO 27001, HIPAA, FedRAMP, CMMC, ISO 42001) ? โ—You don't know what to answer to the security assessment questionnaire you recently received from your biggest client & it's taking too much time ? โ—You don't have time and resources to be consumed by compliance efforts and endless meetings? โ—You are struggling to understand the certification process, the related cost, and the timelines? โ—You just purchased a compliance tool (Drata, Vanta, Thoropass/HeyLaika, Sprinto, OneTrust/Tugboat, SecureFrame, Strike Graph, Audit Board, TrustCloud) but don't know the next step or don't have time for it? Services provided: ๐Ÿ“ Policies & Procedure writing & review ๐Ÿ“ Security gap analysis (based on frameworks on your choice, ISO 27001, NIST, SOC 2, etc.) ๐Ÿ“ IT and Compliance Audits ๐Ÿ“ Performing Risk Assessments, risk treatments, and establishing actions plans & roadmaps. ๐Ÿ“ Evaluation of the existing IT security state of maturity against established standards & regulatory requirements. ๐Ÿ“ Organization-wide security strategy ๐Ÿ“ Support in Governance, Risk & Compliance (GRC) projects ๐Ÿ“ Cloud security governance, management and strategy ๐Ÿ“ Security Operations ๐Ÿ“ DPO service: I can provide you with assistance with regards to GDPR/CCPA compliance, policy writing/reviewing, GDPR gap assessment analysis, and accompanying you in your GDPR compliance journey and Data Privacy requirements. ๐Ÿ“ CISO service: I can provide you with assistance and support in defining your security strategy, putting in place action plans and following up implementation over the long run. ๐Ÿ’ฅWHY ME AND NOT ANOTHER FREELANCER?๐Ÿ’ฅ โœ… Big 4 consultant expertise. End-to-end managed security services. โœ… All work is completed by myself, with constant communication with you and taking into account your every remark & need. โœ… Excellent Client Reviews: I focus on providing you with VALUE and earning your TRUST. โœ… Over-Delivering: I focus on GIVING you more than what I expect to RECEIVE. I am happy when my client's expectations are exceeded. โœ… Responsiveness: All lines of communications are open, and I can be reached very easily. โœ… Kindness & Ethics: As security and compliance professional, we hold ourselves to high ethical values, treating everyone with respect, understanding and genuinely IMPROVING my client's situation. Let's get in touch. (The hourly rate shown is indicative only, as I adapt depending on the project and client's budget) Security questionnaire and vendor assessment tools: CyberGRX, Panorays, KY3P (S&P, PWC), RSM, CyberVadis, SIG, CAIQ, VAS, HECVAT, OneTrust, Graphite Connect, Centrl, Whistic, Compliance management tools: Drata, Vanta, Onetrust Compliance Automatization - Tugboat Logic, Sprinto, SecureFrame, Thoropass (HeyLaika), Trust Cloud, Strike Graph, Audit Board, ISMS.online, Instant27001.com Security/Compliance frameworks: ISO 27001, SOC 2, FedRAMP, NIST 800-53, NIST 800-171, NIST CSF, TISAX, HIPAA, HITRUST CSF, GDPR, NERC, ISO 27017, ISO 27018, CMMC, CMMI, TX-RAMP, StateRAMP, AZ-RAMP, NY DFS 23 / NYCRR Part 500, PCI-DSS, FFIEC, C5, ENISA, Center of Information Security (CIS), IRAP, ISO 42001
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Certified Information Systems Security Professional
    Cloud Security
    Governance, Risk & Compliance Software
    Security Management
    Data Privacy
    SOC 2 Report
    GDPR
    IT Compliance Audit
    Risk Assessment
    ISO 27001
    Information Security
    Security Policies & Procedures Documentation
    Vulnerability Assessment
    Information Security Consultation
  • US$25 hourly
    Welcome to my profile! As an accredited ISO 9001 and ISO 27001 Lead Auditor, I bring a wealth of expertise in driving quality management and information security standards for businesses of all sizes. My passion lies in helping organizations streamline their processes, enhance operational efficiency, and secure their information assets. What I Offer: โšก Comprehensive Auditing: In-depth audits for ISO 9001 (Quality Management Systems) and ISO 27001 (Information Security Management Systems), ensuring compliance and identifying areas for improvement. โšก Customized Solutions: Tailored advice and strategies to meet your specific organizational needs, while aligning with international standards. โšก Continuous Improvement: Guidance on implementing best practices for ongoing quality and security enhancements. โšก Risk Management: Expert analysis and recommendations to mitigate risks, ensuring robust and resilient systems. โšก Training and Support: Providing staff training and support to understand and effectively implement ISO standards. Why Choose Me? โšก Proven Track Record: Years of experience successfully auditing and consulting various companies, leading to enhanced quality and security standards. โšก Client-Centric Approach: I prioritize understanding your unique challenges and goals to provide the most effective solutions. โšก Up-to-Date Knowledge: Constantly updating my skills and knowledge to stay at the forefront of ISO standards and auditing techniques. โšก Detail-Oriented: Meticulous attention to detail, ensuring no aspect of your systems is overlooked. โšก Effective Communication: Clear and concise communication to ensure you are informed and engaged throughout the auditing process. Whether you're looking to achieve initial ISO certification, maintain compliance, or improve your existing systems, I am here to guide you every step of the way. Let's work together to elevate your organization's quality and security standards to new heights! Contact Information: โœ‰๏ธ Email: heeanaacharya@outlook.com ๐Ÿ“ฑ Phone: +91 9718835704 ๐Ÿ—“๏ธ Calendar: calendly.com/heenasharma/isoconsultation
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    HIPAA
    SOC 3
    GDPR
    SOC 2 Report
    ISO 9000
    ISO 9001
    CMMC
    SOC 1
    Six Sigma
    ISO/IEC 20000
    ISO 27017
    ISO 27018
    ISO 27001
    ISO 14001
    SOC 2
  • US$20 hourly
    Welcome to my profile! I am a master's graduate with a passion for information security. I have extensive experience in developing and implementing documentation for compliance with ISO 27001, HIPAA, and HITRUST standards. With a solid background in finance and a deep understanding of information security best practices, I am well-equipped to help organizations protect their sensitive data and achieve compliance with industry regulations. I have a track record of success in developing comprehensive and easy-to-understand documentation that is tailored to the specific needs of each organization.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Report Writing
    Policy Development
    Gap Analysis
    ISO 27001
    HITRUST Common Security Framework
    Internal Auditing
    Risk Management
    Procedure Documentation
    ISO 9001
    HIPAA
    Information Security
  • US$25 hourly
    โšก TOP RATED Freelancer | โšก 12+ Years Experience I'm a Top Rated Upwork Freelancer and Offer Services in Malware Removal, Virus Removal, Ethical Hacking / Internet Security, WordPress Speed Optimization, Websites Transfer, SSL Installation, WordPress Development, Linux Server Administration and Zen Cart / Drupal / MODX / Moodle / Joomla Upgrade. Over the last 12 years, I Have Worked on 5000+ Websites Security (Cleaning from Malicious Code and Hardening Security), 1000+ Websites Transfer, 200+ WordPress Websites Speed Optimization (Delivered Results As Per Google PageSpeed Insights, GTmetrix) and 500+ SSL Installs (Including HTTP to HTTPS migration). Service Description: 1. Malware / Virus Removal from Websites (Cleaning Hacked Websites) and Servers. โœ”100% Malware Cleanup Including Database Clean โœ”Japanese Keyword Hack, SEO Spam / Pharma Hack Fix โœ”Credit Card Stealers and Ecommerce Malware Fix โœ”Google Blacklist Removal (This Site may be Hacked), Google Deceptive Warning Fix โœ”McAfee SiteAdvisor, Norton Blacklist or Any VirusTotal Based Blacklist Fix โœ”WP-VCD Malware, Backdoor / Malicious Javascript / Conditional Redirects Fix 2. Website Security Maintenance (Implementing Future Security Measures and Guiding How to Maintain Security for the Future). 3. Website Transfer/Migrate to New Host / Domain (Any PHP-based CMS or Custom-coded Website). 4. SSL Install, HTTP to HTTPS Migration with Secure Padlock. 5. WordPress (Websites Development and Troubleshooting Which Includes Fixing Critical Error / Fatal Errors). 6. Linux Server Administration. 7. Optimize and Increase the Speed of WordPress Websites. 8. Zen Cart / Drupal / MODX / Moodle / Joomla Upgrade (Upgrade to the Latest Stable Version). 9. Penetration Testing (Checking Websites for Security Vulnerabilities).
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Website Migration
    WordPress Malware Removal
    WordPress
    SSL
    McAfee VirusScan
    Internet Security
    Website Security
    Virus Removal
    Penetration Testing
    Malware Removal
    Firewall
    Vulnerability Assessment
    Network Security
  • US$29 hourly
    Certifications that I hold: CEH ( Certified Ethical Hacker) 740 MCSA ( Installation, Storage and Compute with Windows Server 2016) To whom it may concern, In the last years I did more than 400 Penetration Tests and Security Assessments. Most of them on Web and Mobile ( Android and iOS ) applications with Finance Background implemented with various technologies and frameworks, server security testing and hardening. Sample reports can be provided who is interested. Prompt responses to your needs. You can consider me as and internal staff of your company , always helping you to do the best in security. --------------------------------------------------------------------- Phishing simulation for your company needs ___________________________________________________________ Professional Load and Stress Testing if you are interested for your application __________________________________________________________
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Security Engineering
    Web Application Security
    Internet Security
    NIST SP 800-53
    Windows Server
    OWASP
    Ethical Hacking
    Manual Testing
    Security Infrastructure
    Network Security
    Penetration Testing
    Application Security
    Kali Linux
    Vulnerability Assessment
    Security Assessment & Testing
  • US$220 hourly
    Former private sector and government executive with leadership, consulting, advising, strategic and business development at the forefront of my professional skills. Compliance expertise in: FISMA, NIST CSF, NIST SPs 800 Series, HIPAA, FedRAMP, PCI DSS, Sarbanes Oxley, GLBA, GDPR, ISO 27001. CISSP with more than 20 years in cybersecurity and IT. Cybersecurity professor and skilled trainer in risk management and compliance, with expertise in developing professionals into the cyber managers and leaders they want to become. I teach fundamentals and advanced coursework in risk assessments, security testing, business continuity, secure application development, and securing emerging technologies. Business expertise in grant and proposal writing, as well as policy and procedure development. Technical writing to include strategic plans, white papers, briefing papers, and presentations. I have been writing, convincing, persuading, and communicating effectively through writing my entire career. I am also effective in providing business capture and business development support.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Nonprofit Organization
    Certified Information Systems Security Professional
    Data Protection
    Policy Writing
    Compliance
    Tech & IT
    Risk Analysis
    Business Continuity Plan
    Business Consulting
    Enterprise Risk Management
    Risk Assessment
    Project Risk Management
    Technical Writing
    Technical Documentation
  • US$150 hourly
    ๐Ÿ“ฃ Unlock Enterprise Sales with Expert Compliance and Security ๐Ÿ“ฃ Struggling to meet compliance requirements like ISO 27001, SOC 2, or FedRAMP? Losing clients and revenue due to security gaps? Overwhelmed by the complexity of securing AI products? Your Solution: A Virtual CISO (vCISO) Service that has been an actual CISO at a Silicon Valley Startup and has successfully taken each and every client through audit on the first attempt Why Choose Me? ๐Ÿ”’ Experienced: I have over 25 years of experience in Cybersecurity and compliance including multiple SOC2 Type 1 and Type 2. CMMC, NIST 800-171, ISO 27001, FedRAMP, PCI-DSS, HIPAA projects delivered.โ€จ ๐Ÿ”’ Expertise in AI Security: Specialize in securing AI-focused SaaS solutions for enterprise clients (Responsible AI).โ€จ ๐Ÿ”’ Cost-Efficient: Save thousands by choosing the right security tools and strategies.โ€จ ๐Ÿ”’ US Based with Global Support: Available across all time zones for long-term engagements.โ€จ ๐Ÿ”’ Certified Professional: CISSP, CCSP. ๐Ÿ”’ US Veteran ๐Ÿ“ฃ Client Testimonials ๐Ÿ“ฃ โ€œHuge impactโ€ We are an early stage startup that was lucky to get Debra to come in as vCISO. She is running our SOC2 program and helps us navigate the space. She is responsive, experienced, and easy to work with, I highly recommend using TrustedCISO services. - CTO, Uniform.dev "Debra played a critical in RedSealโ€™s SOC 2 audit, third party risk management, and security programs. She authored many of the security policies, interviewed prospective auditors, and worked with the rest of the organization to prepare them for the SOC 2 audit. Debra ran the initial risk assessment and crafted associated controls that best aligned with RedSeal's goals. She successfully interfaced with the auditors to obtain SOC 2 Type 1 and Type 2 within the planned timelines and budget." - CTO, RedSeal ๐Ÿ’ช Tools and Frameworks Security Questionnaire Tools: CyberGRX, OneTrustโ€จ Compliance Management: Drata, Vanta, SecureFrameโ€จ Frameworks: SOC 2, ISO 27001, FedRAMP, NIST 800-53, HIPAA, CMMC, StateRAMP, PCI-DSS Not a Fit For โŒ Hacking or unauthorized access requestsโ€จ โŒ Filling out security questionnaires without implementing controlsโ€จ โŒ Creating falsified audit reports Contact Me Click the green invite button to get started. Let's secure your business and accelerate your enterprise sales.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Policy Writing
    Company Policy
    Disaster Recovery
    SOC 2
    CMMC
    Cloud Computing
    Cloud Security Framework
    Information Security Awareness
    Governance, Risk Management & Compliance
    Cloud Security
    Information Technology
    ISO 27001
    Public Speaking
    Information Security
  • US$50 hourly
    An experienced cyber-security specialist & quality assurance & regulatory professional with a proven track record in governance, risk & compliance. I bring a wealth of hands-on experience in Information Security audits, Risk Management, Risk Assessment, Vendor Risk Assessment, Information Security Policy and procedures formulation, compliance with various security standards for several global clients and also performed cyber-security compliance assessments using NIST 800-53, NIST CSF based controls and supports remediation and mitigation activities. I also have experience in managing Quality Management System (single-handedly), drafting Standard Operating Procedures (SOP), managing Corrective & Preventive Action (CAPA) & Non-conformances/deviations, Training & Development, Document Management, KPI Management, Audit (Internal/External) Management in adherence to MDSAP, EU MDR 2017/745 & ISO 13485:2016 with deep understanding of these laws and standards. I have a deep understanding of various laws such as HIPAA. GDPR, Data Protection Act, MDSAP, EU MDR 2017/745 and standards such as ISO 27001:2013, PCI-DSS, SOC2, ISO 13485:2016 etc.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Financial Audit
    PCI
    Cybersecurity Management
    GDPR
    IT Compliance Audit
    PCI DSS
    Data Privacy
    Risk Assessment
    ISO 27001
  • US$30 hourly
    ๐Ÿ† 12+ years of experience in eDiscovery and digital forensics industry. ๐Ÿ† Certified eDiscovery Professional ๐Ÿ† Certified Digital Forensics Professional ๐Ÿ† Worked with legal industries and the team of lawyers and CA. ๐Ÿ† 30k Projects delivered in real world ๐Ÿ† Trained more than 10k professionals ๐Ÿ† Helped legal companies to improve their workflows and SOPs. My services include: โœ…eDiscovery and litigation support โœ…Digital Forensics Analysis โœ…Data recovery and analysis โœ…Expert witness testimony โœ…Mobile device forensics โœ…Incident Response and Data Breach Investigations โœ…eDiscovery Consulting โœ…Data Recovery Services โœ…Cybersecurity Consulting โœ…Training and Workshops โœ…Compliance and Data Governance โœ… IT Support Professional Skills - โœ…eDiscovery - Delivered a number of projects by using Nuix, Relativity, Law Pre Discovery, eCapture IPRO and Brainspace. โœ…Computer Forensics - Analyzing computer system crimes, recovering data from electronic devices like USB, HDD & others. Gathering evidence and information from suspected computer/source by using legal & most popular forensics tools like Encase, FTK, Nuix, Magnet Forensics & Digital Imaging Tools and devices(FTK Imager, Encase Imager & Tableau TD2/3).Password Cracking or Recovering manually and automatically by using legal password cracking tools. Reconstructing damaged computer systems. โœ…Mobile Forensics โ€“ Logical and Physical Extraction from suspected mobile/source mobile in forensics manner by using Mobile forensics tools like โ€“ Ufed, XRY, Tarantula, MPE, Oxygen Forensics Tool, MobilEdit Forensic & others. โœ…CDR Analysis, Link Analysis. โœ…Vulnerability Assessment & Penetration Testing - Performs real-time monitoring, investigation, analysis, reporting of security events from multiple sources including Windows, Network devices, Firewall logs, IPS/IDS, Proxy Logs, applications and databases by tools like Nessus, Nexpose, Metasploit, Armitage & others. โœ…IT Solutions โ€“ All types of computer, laptop software, hardware & networking solutions. โœ…Extensive experience in installation, administration, and networking in various environments. โœ… Thorough knowledge of Windows Vista; Windows XP; Windows 2000 Server; Windows Server 2003; Windows Server 2008, Windows Server 2012; โœ…Active Directory; DNS; DHCP; Group Policy Windows Firewall; PowerShell; FTP & IIS. โœ…Utilized Install software package for application deployment. โœ…Excellent command of running projects employing industry-standard project management techniques. โœ…Extensive documentation and training experience. โœ…Email Clients configuration. โœ…Successful project and technical team member and motivator. I can assist with cases involving civil litigation, criminal matters, internal investigations, and more. I am meticulous in my work, ensuring that all evidence is handled in a professional and ethical manner and that all findings are presented in a clear and concise manner. You can rest assured that your eDiscovery and digital forensics needs will be met with professionalism.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Search Engine Optimization
    Ediscovery
    Security Analysis
    TCDI EDiscovery
    Security Operation Center
    Lead Generation
    Penetration Testing
    Incident Response Plan
    Information Security Consultation
    Digital Forensics
    Malware Removal
    Network Security
  • US$70 hourly
    "Excellent ethical hacker. Very prompt, knowledgeable, and comprehensive" "Working with Konstantin was a good experience. Well rounded security experience helped us with number of different issues." My business motto is "Nil Satis Nisi Optimum" ("Nothing but the best is good enough") - because I know you feel the same about your business! CompTIA Security+ and Pentest+ seasoned certified security expert. My main specialization is information security system design, audit, vulnerability assessment and solutions implementation. I have experience with cloud (AWS, GCP) and on-prem infrastructure security, Linux and Windows OS, Active directory infrastructure and many different tools and software for specific security needs. In my job, I follow the best practice, local laws and international standards such as ISO 27000 and NIST 800 families.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Network Penetration Testing
    Security Analysis
    Security Infrastructure
    Internet Security
    Financial Audit
    System Hardening
    Compliance
    Web Application Security
    IT Compliance Audit
    Security Engineering
    Security Policies & Procedures Documentation
    Application Security
    Information Security
    Network Security
    Firewall
  • US$150 hourly
    I focus on providing cybersecurity compliance, cyber risk assessment, and cybersecurity consulting services to small businesses specializing on the implementation of and compliance with CMMC, DFARS 252.204-7012, and NIST 800-171 requirements. I have worked with NIST 800-171 since 2019 providing guidance to small businesses on meeting the requirements of NIST-171. This includes System Security Plan (SSP) development, Plan of Actions and Milestones (POA&M) creation, Policy and Procedure Development, and technical control implementation. There is more to CMMC compliance than buying a set of pre-made policy and procedure templates. As recent government legal action shows, the Department of Defense is pursuing legal action against companies not meeting CMMC and DFARS requirements after claiming to meet the requirements to win DoD contracts. Let me help your organization meet compliance and more importantly - stay compliant! I provide recommendations to small business owners that are cost-effective to meet cybersecurity compliance requirements and lessen cybersecurity risk. Specialties: cyber risk assessments, security gap analysis, policy and procedure development, system security plan (SSP) development, Plan of Action and Milestones (POA&M) creation Frameworks: CMMC, NIST 800-171, NIST Cybersecurity Framework Education: Doctorate - Cybersecurity (in-progress), Masters โ€“ Administration, Masters โ€“ Computer Science, Bachelors โ€“ IT Management Certifications: Certified CMMC Professional (CCP), CISSP, CRISC, CCSP, HCISPP, AWS Cloud Practitioner
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Policy Analysis
    Security Analysis
    Information Security Governance
    Certified Information Systems Security Professional
    Cybersecurity Management
    Information Security
    Information Security Consultation
  • US$38 hourly
    Information Technology Auditor | ISMS Implementer As an experienced IT professional, I have a proven track record in IT system support, administration, and client service. My current responsibility is implementing and maintaining ISO 27001-compliant under ISMS team. I have collaborated with cross-functional teams to achieve ISO certification and have been maintaining the ISMS successfully for two years. My passion lies in information security, and I am committed to helping organizations mitigate risks and protect their digital assets.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Internal Auditing
    Governance, Risk Management & Compliance
    IT Compliance Audit
    Technical Project Management
    ISO 27001
    Information Security
  • US$50 hourly
    I'm a senior offensive security engineer conducting and leading penetration testing engagements. I have conducted and led security audits, penetration tests, and red team engagements for a variety of companies, ranging from enterprise level with thousands of hosts in scope to startups or small clients that want to have an edge over their competition security-wise. Daily activities include, but are not limited to: - Client meetings - Scoping - Hands-on activities (pentesting, etc) - Researching new vulnerabilities - Report writing My skillsets include: - Penetration Testing (web applications, APIs, internal/external networks, mobile (android) applications, server security review) - Vulnerability Assessments - Red Teaming Exercises - Phishing Simulation Owner of CVE-2023-4843. Volunteer at Hackout (a project/platform having collaboration with CERT) where I responsibly disclose vulnerabilities. Former contributor member/content creator at Try Hack Me. Certificates owned: [+] Certified Professional Penetration Tester (eCPPT) from eLearnSecurity [+] Network Defense Professional (eNDP/PND) from eLearnSecurity [+] Certified Red Team Professional (CRTP) from Pentester Academy [+] Certified Red Team Expert (CRTE) from Pentester Academy [+] Web Application Penetration Tester from eLearnSecurity [+] Red Team Operations - Windows Privilege Escalation from Sektor7 [+] Certified Enterprise Security Specialist (PACES) from Pentester Academy [+] Certified Penetration Tester Extreme - eLearnSecurity [+] Certified Red Team Operator - Zero Point Security [+] Offensive Security Experienced Pentester (OSEP) - Offensive Security
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Ethical Hacking
    Web Application Security
    Linux
    OWASP
    Security Testing
    Information Security Consultation
    Security Assessment & Testing
    Application Security
    Network Penetration Testing
    Penetration Testing
    Web App Penetration Testing
    Vulnerability Assessment
    Information Security
    Network Security
  • US$88 hourly
    Experienced Information Systems Professional with over two decades of technical expertise and a strong background in Information Security and Systems Administration. I hold a Master of Science Degree in Cybersecurity and possess relevant industry certifications that underline my proficiency in safeguarding digital assets and ensuring regulatory compliance. In my current role as an Information Security Consultant and Senior Systems Administrator, I have consistently delivered exceptional value to organizations by leveraging my comprehensive knowledge and experience. My recent focus has been on assisting companies in preparing for audits, with a specialization in a wide range of compliance standards and regulations, including SOC2, ISO 27001, GDPR, NIST-CSF, and more. I excel in helping organizations navigate complex regulatory landscapes, including GDPR for data protection, FedRAMP for government systems, and the implementation of CIS Controls for enhanced cybersecurity measures. By closely collaborating with clients, I ensure that their systems and processes are audit-ready and fully compliant with the most stringent industry standards. My track record of success, coupled with my commitment to staying abreast of the latest developments in the field, positions me as a valuable asset for any organization seeking an Information Security professional who can drive compliance, security, and efficiency in an ever-evolving digital landscape.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    SOC 2
    Security Infrastructure
    Cloud Security Framework
    Network Monitoring
    IT Asset Management
    FedRAMP
    Incident Response Plan
    Cybersecurity Management
    ISO 27001
    Information Security
    Network Security
    SaaS
  • US$50 hourly
    With a rich background spanning over 5+ years in designing and executing robust cybersecurity solutions, I am a Cybersecurity Specialist Consultant dedicated to safeguarding digital landscapes. My journey has taken me from the foundational steps of security analysis to spearheading roles as a Co-Founder and CTO, alongside pivotal positions in cybersecurity engineering and ethical hacking across global landscapes from Jakarta to Dallas, and Sydney to the Netherlands. My expertise lies in a deep understanding of cyber threats and vulnerabilities, backed by a Bachelor's degree in Cybersecurity from Deakin University and certified mastery in Blockchain Security, Advanced Penetration Testing, and Fuzzing and Crash Analysis. I've successfully led comprehensive security initiatives, including developing XDR and SIEM solutions, managing multi-layered security systems, and pioneering full-scale cybersecurity startups. My approach is rooted in innovation and efficiency, aiming to protect organizational assets against ever-evolving cyber threats with customized security strategies. At the heart of my service is a commitment to operational excellence and a proactive stance on cybersecurity, ensuring I'm always ready to counteract cyber threats swiftly. Through Encripti, my cybersecurity startup, and various contractor roles, I've honed my skills in vulnerability assessments, red/blue team engagements, and crafting defensive architectures against complex cyber attacks. My portfolio is a testament to my ability to communicate complex security concepts effectively and to collaborate towards enhancing cybersecurity resilience in dynamic environments. In seeking new opportunities on Upwork, I aim to bring my wealth of experience and a proactive approach to cybersecurity to organizations looking to fortify their defenses. Whether through strategic consulting, hands-on penetration testing, or crafting comprehensive security frameworks, my goal is to deliver unparalleled value and security assurance to my clients.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Blockchain Security
    API Testing
    Cyber Threat Intelligence
    Cybersecurity Monitoring
    Risk Analysis
    Virus Removal
    Web Application Security
    Data Analytics
    Smart Contract
    Malware Removal
    Security Testing
    Vulnerability Assessment
    Application Security
    Cybersecurity Management
    Penetration Testing
    Digital Forensics
  • US$30 hourly
    I am a Cyber Security Expert and Researcher with 5 Years of Experience in the field with hands-on Ethical Hacking and Penetration Testing Practice. I am also working as a Lead Research Associate. I can do at least following jobs for you Cyber Security services Wordpress , Website Security Services Website Malware Removal Ethical Hacking Services Report and Research (Cyber Security and Computer Science Domain) Information analysis Network Security Audit Penetration Testing Digital Forensics Network Administration My services are Exact match to my capabilities and I ensure Quality and Uniqueness of Services. 24/7 Free of Cost Suggestions is Available for everyone. If you need any of my services, just ping me. I will be more than Happy to Help You.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Internet Security
    Network Penetration Testing
    Security Testing
    Ethical Hacking
    Kali Linux
    Information Security
    Computer Network
    Network Administration
  • US$50 hourly
    As a certified penetration tester, I perform vulnerability assessment, penetration testing and source code analysis with both manual and automated methods. Also I am experienced with bug bounty hunting and programming. ๐Ÿ“‹ What can I offer for you? โœ“ Vulnerability Assessment & Penetration Testing - OWASP Top 10 - Web, Android & iOS Mobile App, API and Network - Internal/External Applications - Detailed report with fix suggestions โœ“ Offensive code review - Python, PHP, Java, ASP, JavaScript ๐Ÿ›  Tools โœ“ Burp Suite โœ“ Acunetix โœ“ Metasploit โœ“ Nessus โœ“ Nmap ๐Ÿ… Achievements โœ“ CVE-2021-41886 โœ“ CVE-2021-41887 โœ“ CVE-2021-41888
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Cybersecurity Tool
    Network Penetration Testing
    Vulnerability Assessment
    System Security
    Ethical Hacking
    Information Security Consultation
    Penetration Testing
    Information Security
    WordPress Malware Removal
    Internet Security
    Web Application Security
    Reverse Engineering
    Source Code Scanning
    Website Security
  • US$15 hourly
    A Certified Information Systems Security Professional with 20+ years of experience, expertise in Information Security Management System (ISMS). I can help you with Information Security Governance, Risk and Compliance (GRC), ISO27001 certification (end-to-end), HITRUST/ HIPAA, SOC2, CMMC compliance and certifications, risk management, incident management, internal audit, awareness programs, BCP/DR, and Policy documentation. My Professional Qualification Includes CISSP, ISO27001:2013 LA, ISO22301, ISO31000:2009, CCSE, CCSA, CCNA, Qualys VA certifications, and Educational Qualification include Bachelor of Engineering degree in Electrical and Electronics Engineering.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Policy Writing
    Information Security Governance
    SOC 2 Report
    Security Framework
    ISO 27001
    Cloud Security Framework
    Data Privacy
    Information Security Awareness
    Cyber Threat Intelligence
    Risk Analysis
    Cybersecurity Management
    Information Security
    Security Policies & Procedures Documentation
    Firewall
  • US$17 hourly
    ๏‚ฆ A seasoned professional with over 18 years of experience in IT Strategic Planning, Budgeting, Project Management, Infrastructure Management, System Administration, Networking, and Team Management. ๏‚ฆ Demonstrated skills as Lead Auditor for ISO 27001:2005 ISMS for any medium to large scale organization. ๏‚ฆ Acknowledged for integrity, high professional standards, โ€œbig-pictureโ€ vision, & sensitivity to deliver projects within time & cost parameters. ๏‚ฆ Proven skills as Lead Auditor for ISO 22301:2012 Business Continuity Management Systems for any medium to large scale organization. ๏‚ฆ Conversant with setting up and maintaining entire WAN/ LAN, PABX Management and ITIL Stdd. Implementation. ๏‚ฆ Well-versed with analyzing network security needs, software/ hardware installation and other services. ๏‚ฆ Proficient in attending to various software and hardware problems, detecting the reason of malfunctioning and resolving various problems. ๏‚ฆ Change Recognized for tackling challenging issues and delivering innovative solutions that enhance system functionality and end-user productivity while meeting clients' budget and time constraints. ๏‚ฆ Expertise in attending to various networking issues, and resolving various problems; adept in fine tuning of networks and ensuring maximum performance. ๏‚ฆ Exceptional work ethic, routinely use available time to solve organisational problems, ability in multi-tasking and timely completion of all assignments.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Project Management
    ISO/IEC 20000
    Agile Software Development
    Helpdesk
    IT Management
    Business Continuity Plan
    Compliance Consultation
    ISO 27001
    ITIL
    GDPR
    SOC 2 Report
    Information Security
  • US$40 hourly
    โœ… Top Rated Plus Expert โœ… 1000+ Hours โœ… Professional Penetration Tester Senior Penetration Tester with more than 6+ years of rich industry experience in Web, Mobile, API, and Network Penetration Testing. I have successfully completed 500+ Web application Pentests, 200+ Mobile Application Penetration Tests, 300+ API Penetration Tests, 100+ External Network Penetration Tests and 30+ Internal Penetration Tests. I am also a Security researcher acknowledged by Yahoo (among other notable companies like SolarEdge, Imgur, Artsy, etc.) for disclosing a number of vulnerabilities via the HackerOne bug bounty platform. My core competency is Blackbox, Greybox Testing on Web, API, Mobile, and Network applications. I am familiar with all attacks and mitigations and am well-versed in OWASP, NIST, and PTES Frameworks. My Pentesting reports include clear documentation of the vulnerabilities found along with the remediations to make sure the client is 100% satisfied. I am also certified in AWS, and Azure and have a very keen knowledge of Cloud Security and cloud administration. โœ… I have conducted Penetration Tests, Vulnerability Assessments and delivered professional reports to companies around the world complying with the following: โ–บOWASP Web Security Top 10 Vulnerability โ–บOWASP API Security Top 10 Vulnerability โ–บOWASP Mobile Security Top 10 Vulnerability โ–บExternal Network Penetration Testing โ–บInternal Network Penetration Testing โ–บPayment Card Industry Data Security Standard (PCI DSS) โ–บSystem and Organization Controls 2 (SOC2) โ–บGeneral Data Protection Regulation (GDPR) โ–บCommon Vulnerability Scoring System (CVSS) โ–บOpen Source Security Testing Methodology Manual (OSSTMM) My Certs include: โ–บCompTIA Pentest+ โ–บAWS Solutions Architect โ–บAzure Administrator Tools: Burp Suite, Nikto, Nmap, Zap, Metasploit, Nessus, W3af, Ffuf, Dirb, etc... I am available 24/7. If you are interested in cooperation, drop me a line :)
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Web Application Security
    Network Penetration Testing
    Web App Penetration Testing
    Cloud Security
    Mobile App Testing
    Information Security
    Metasploit
    Vulnerability Assessment
    Network Security
    Penetration Testing
  • Want to browse more freelancers?
    Sign up

How it works

1. Post a job

Tell us what you need. Provide as many details as possible, but donโ€™t worry about getting it perfect.

2. Talent comes to you

Get qualified proposals within 24 hours, and meet the candidates youโ€™re excited about. Hire as soon as youโ€™re ready.

3. Collaborate easily

Use Upwork to chat or video call, share files, and track project progress right from the app.

4. Payment simplified

Receive invoices and make payments through Upwork. Only pay for work you authorize.

Trusted by

How do I hire a Information Security Audit Freelancer on Upwork?

You can hire a Information Security Audit Freelancer on Upwork in four simple steps:

  • Create a job post tailored to your Information Security Audit Freelancer project scope. Weโ€™ll walk you through the process step by step.
  • Browse top Information Security Audit Freelancer talent on Upwork and invite them to your project.
  • Once the proposals start coming in, create a shortlist of top Information Security Audit Freelancer profiles and start to interview.
  • Hire the right Information Security Audit Freelancer for your project from Upwork, the worldโ€™s largest work marketplace.

At Upwork, we believe talent staffing should be easy.

How much does it cost to hire a Information Security Audit Freelancer?

Rates charged by Information Security Audit Freelancers on Upwork can vary with a number of factors including experience, location and market conditions. See hourly rates for in-demand skills on Upwork.

Why hire a Information Security Audit Freelancer on Upwork?

As the worldโ€™s work marketplace, we connect highly-skilled freelance Information Security Audit Freelancers and businesses and help them build trusted, long-term relationships so they can achieve more together. Let us help you build the dream Information Security Audit Freelancer team you need to succeed.

Can I hire a Information Security Audit Freelancer within 24 hours on Upwork?

Depending on availability and the quality of your job post, itโ€™s entirely possible to sign up for Upwork and receive Information Security Audit Freelancer proposals within 24 hours of posting a job description.

Schedule a call