Cybersecurity Engineer — Infrastructure Hardening & Compliance
Worldwide
We are looking for a seasoned cybersecurity professional to take full ownership of a comprehensive security transformation across our cloud-based infrastructure. This is a long-term, strategic engagement where you will work closely with our engineering and leadership teams to identify vulnerabilities, modernise our security architecture, and build the processes needed to keep our systems resilient against evolving threats. What you will be doing You will begin with a thorough security audit of our AWS, Azure, and GCP environments, followed by internal and external penetration testing. From there, you will develop and deliver a prioritised remediation roadmap that addresses findings systematically. Alongside this, you will design and implement a Zero Trust network architecture and deploy a SIEM platform — such as Splunk, Microsoft Sentinel, or Elastic Security — with custom detection rules tailored to our threat landscape. You will also be responsible for building out our Incident Response capability from the ground up, including formal documentation and tabletop exercises with key stakeholders. Compliance is a central part of this engagement — you will guide us through alignment with ISO 27001, SOC 2 Type II, and the NIST Cybersecurity Framework. Identity and access management will be hardened using multi-factor authentication, privileged access management, and strict least-privilege principles throughout. On an ongoing basis, you will produce monthly security posture reports and risk registers for executive review, and provide mentorship to our internal engineers on secure development practices and tooling. What we are looking for We need someone with at least five years of hands-on experience in offensive or defensive security roles, with strong practical knowledge of cloud platforms and container security using Kubernetes and Docker. You should be comfortable working with tools such as Nessus, Burp Suite, Metasploit, or CrowdStrike, and hold at least one relevant certification — CISSP, OSCP, CEH, CISM, or AWS Security Specialty are all highly regarded. Equally important is the ability to communicate clearly at both the technical and executive level, since you will be producing documentation for a range of audiences. We ask for a minimum of 20 hours per week with availability overlapping UTC+0 business hours. How to apply Please introduce yourself with a brief overview of a similar engagement you have led, your preferred SIEM platform and the reasoning behind it, any certifications or CVE disclosures relevant to this role, and your hourly rate along with your earliest availability to start. An NDA will be required prior to onboarding, and fixed-price milestone payments are available for clearly defined deliverables.
- Less than 30 hrs/weekHourly
- 1-3 monthsDuration
- IntermediateExperience Level
- Remote Job
- Ongoing projectProject Type
Skills and Expertise
Activity on this job
- Proposals:20 to 50
- Interviewing:0
- Invites sent:0
- Unanswered invites:0
About the client
- United StatesCalifornia10:52 PM
Explore similar jobs on Upwork
How it works
Create your free profileHighlight your skills and experience, show your portfolio, and set your ideal pay rate.
Work the way you wantApply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
Get paid securelyFrom contract to payment, we help you work safely and get paid securely.
About Upwork
- 4.9/5(Average rating of clients by professionals)
- G2 2021#1 freelance platform
- 49,000+Signed contract every week
- $2.3BFreelancers earned on Upwork in 2020
Find the best freelance jobs
Growing your career is as easy as creating a free profile and finding work like this that fits your skills.
Trusted by