Certified Security Auditor / Penetration Tester for Odoo ERP & Infrastructure Security Assessment

Posted 4 weeks ago

Worldwide

Summary

We are looking for an experienced and certified Security Assessment Expert / Penetration Tester to conduct a comprehensive technical security audit of our Odoo ERP and infrastructure environment. The engagement will cover our combined production and development Odoo environments and will require both offensive-security expertise and compliance-oriented security audit practices. To be considered for this role, please share your relevant security certifications. Preference will be given to consultants holding one or more of the following certifications: Please include the following in your proposal: Your relevant certifications, such as CISSP, OSCP, CISA, CEH, ISO 27001 LA, GWAPT, or GPEN Your experience in Odoo ERP security assessment Examples of similar ERP, web application, or infrastructure security audits completed CISSP OSCP CISA CEH ISO 27001 Lead Auditor GWAPT GPEN Scope of Work: The selected consultant will be responsible for conducting a detailed technical security assessment covering both Odoo application-level security and supporting infrastructure controls. The assessment should go beyond generic vulnerability scanning and must identify platform-specific weaknesses that are commonly missed in standard testing, including but not limited to: Odoo ORM-level access bypasses Unsafe or misconfigured server actions Template injection risks Improper record rules and access control configurations Privilege escalation risks Authentication and session management weaknesses Insecure custom modules or third-party add-ons Exposed APIs or insecure integrations Misconfigured database, server, and hosting environment Weaknesses across production and development environments Infrastructure vulnerabilities, misconfigurations, and hardening gaps Assessment Requirements: Every finding must be: Reproduced manually and validated by the consultant Clearly documented with evidence and technical details Scored using CVSS v3.1 Mapped to business impact Supported with practical remediation steps that our technical team can directly apply Prioritized based on risk severity and exploitability Expected Deliverables: Executive summary for management Detailed technical security assessment report Vulnerability register with severity ratings CVSS v3.1 scoring for each finding Evidence and reproduction steps Business impact explanation Remediation roadmap Recommendations for Odoo security hardening Recommendations for infrastructure hardening Final walkthrough session with our technical team Required Experience: The ideal consultant should have proven experience in: Odoo ERP security assessment Web application penetration testing Infrastructure vulnerability assessment ERP application security reviews Secure configuration review Access control and privilege escalation testing OWASP-based testing methodology Compliance-driven security audit reporting Manual validation of findings, not just automated scanning Important Note: This is not a basic vulnerability scanning assignment. We are looking for a hands-on security expert who can perform manual testing, identify Odoo-specific security risks, validate exploitability, and provide practical remediation guidance. How to Apply: Your proposed assessment methodology Estimated timeline to complete the assessment Sample report structure or sanitized sample report, if available Your availability for a technical discussion We are looking to engage a qualified professional who can deliver a high-quality, actionable, and technically sound security assessment report.

  • $8,000.00

    Fixed-price
  • Expert
    Experience Level
  • Remote Job
  • One-time project
    Project Type
Skills and Expertise
Mandatory skills
ISO 27001
Information Security
Activity on this job
  • Proposals:15 to 20
  • Last viewed by client:3 weeks ago
  • Interviewing:
    22
  • Invites sent:
    0
  • Unanswered invites:
    0
About the client
Member since Feb 3, 2022
  • United Arab Emirates
    Abu Dhabi4:08 PM
  • $570 total spent
    11 hires, 4 active
  • 8 hours

Explore similar jobs on Upwork

Security and Compliance SpecialistFixed-price‐ Posted 2 weeks ago
Network Security
Information Security
Penetration Testing
Security Analysis
B2B Sales Partner for CybersecurityHourly‐ Posted 2 weeks ago
B2B Marketing
Sales
Outbound Sales
Telemarketing

How it works

  • Post a job icon
    Create your free profile
    Highlight your skills and experience, show your portfolio, and set your ideal pay rate.
  • Talent comes to you icon
    Work the way you want
    Apply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
  • Payment simplified icon
    Get paid securely
    From contract to payment, we help you work safely and get paid securely.
Want to get started? Create a profile

About Upwork

  • Rating is 4.9 out of 5.
    4.9/5
    (Average rating of clients by professionals)
  • G2 2021
    #1 freelance platform
  • 49,000+
    Signed contract every week
  • $2.3B
    Freelancers earned on Upwork in 2020

Find the best freelance jobs

Growing your career is as easy as creating a free profile and finding work like this that fits your skills.

Trusted by

  • Microsoft Logo
  • Airbnb Logo
  • Bissell Logo
  • GoDaddy Logo