Cybersecurity Software Engineer

Posted yesterday

Worldwide

Summary

1. Move From Scheduled Scans to Continuous Monitoring Our scanning today runs on a configure-and-wait model. The market has moved to always-on monitoring that doesn't wait for the next scheduled scan. This is infrastructure work for our engineer, not an AI feature — and it's becoming the baseline expectation across the category. 2. Add an AI-Vendor-Governance Risk Category Regulators are starting to ask not just "is this vendor secure" but "does this vendor use AI responsibly." This fits naturally next to our existing Internal User Risk and Vendor Risk modules, i.e., a new risk type, not a new module architecture. A. Autonomous Risk Analyst Agent ("Xcigence Sentinel") An agent that continuously runs across your existing modules (scanning, vulnerability analysis, third/fourth-party risk, supply chain) and: ∙Correlates a new CVE or vendor breach disclosure against our asset inventory and vendor list automatically, without waiting for the next scheduled scan ∙Drafts the remediation ticket, severity justification, and affected-asset list itself ∙Surfaces only what changed and why it matters, instead of a static dashboard the CISO has to re-read every morning ∙Marketing angle: "Stop checking your dashboard. Let it check you." — positions Xcigence as proactive, not a reporting tool. B. Agentic Fourth-Party & Supply Chain Mapper Supply chain and fourth-party risk are manual list/lineage views today (per your QA script). An agent could: ∙Autonomously crawl public disclosures, SEC filings, breach databases, and vendor subprocessor lists to discover undisclosed fourth/fifth parties your vendors depend on ∙Auto-update the lineage graph and flag concentration risk ("12 of your vendors all depend on the same cloud subprocessor") ∙This directly leapfrogs Panorays, whose 4th/5th-party reach is currently their headline differentiator. C. Compliance Evidence-Collection Agent Matches and beats CyberSaint's current lead here: ∙Agent autonomously pulls evidence from connected systems (cloud configs, ticketing, IAM) and maps it to framework controls (CRI Profile/NIST CSF 2.0, SOC 2, ISO 27001) without an analyst manually uploading screenshots ∙Flags evidence that's stale or about to expire before an audit, not during one D. M&A and Investor Diligence Agent We already have a Post-M&A Assessment module and Investor Protection module which are seemingly rare features. An agent could: ∙Run an autonomous "instant cyber due diligence" scan on a target company the moment a deal is initiated, producing a defensible risk report in hours instead of weeks ∙This could be our single biggest white-space opportunity. No major competitor above leads with M&A/investor-diligence as a flagship use case. ​ "Xcigence: Cyber Due Diligence at Deal Speed" could be a standalone product line. E. Insider/Internal User Risk Behavioral Agent Our Internal User Risk module currently shows detail data. An agent could continuously baseline normal user behavior and proactively flag deviations (unusual data access, off-hours admin activity) bringing UEBA-style detection into a category where it's rarely paired with vendor risk. F. Conversational "Ask Xcigence" Interface A natural-language layer across the whole platform "Which vendors increased our supply chain risk this month and why?", answered by an agent that queries scan history, vendor risk, and compliance data live and cites its sources (this is now table stakes per the SOC vendors above; should not be skipped).​ Revamp the design of the dashboard to a modern and aestetically beautiful dashboard with interactive visuals. Test all functionalities including security, integration and regression testing making sure all security loopholes are fixed Document every design, development and changes and test scripts Compile all REST APIs and all other tehcnicial integration artifacts Fix the existing reporting issues with all the solutions.

  • $600.00

    Fixed-price
  • Expert
    Experience Level
  • Remote Job
  • One-time project
    Project Type
Skills and Expertise
Mandatory skills
OpenVAS
Vulnerability Assessment
Activity on this job
  • Proposals:15 to 20
  • Last viewed by client:10 hours ago
  • Interviewing:
    3
  • Invites sent:
    0
  • Unanswered invites:
    0
About the client
Member since May 5, 2026
  • United States
    Austin7:49 AM
  • $600 total spent
    2 hires, 0 active

Explore similar jobs on Upwork

Security and Compliance SpecialistFixed-price‐ Posted 2 weeks ago
Network Security
Information Security
Penetration Testing
Security Analysis
B2B Sales Partner for CybersecurityHourly‐ Posted 2 weeks ago
B2B Marketing
Sales
Outbound Sales
Telemarketing

How it works

  • Post a job icon
    Create your free profile
    Highlight your skills and experience, show your portfolio, and set your ideal pay rate.
  • Talent comes to you icon
    Work the way you want
    Apply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
  • Payment simplified icon
    Get paid securely
    From contract to payment, we help you work safely and get paid securely.
Want to get started? Create a profile

About Upwork

  • Rating is 4.9 out of 5.
    4.9/5
    (Average rating of clients by professionals)
  • G2 2021
    #1 freelance platform
  • 49,000+
    Signed contract every week
  • $2.3B
    Freelancers earned on Upwork in 2020

Find the best freelance jobs

Growing your career is as easy as creating a free profile and finding work like this that fits your skills.

Trusted by

  • Microsoft Logo
  • Airbnb Logo
  • Bissell Logo
  • GoDaddy Logo