Ongoing Web Application Security & Risk Management Audit

Posted 6 days ago

Worldwide

Summary

We are seeking an experienced web security and payments auditor to support our ongoing security, compliance, and risk management program. This engagement is part of our proactive risk management policy. The successful appointee will report directly to the board. Scope of work: Periodic review of our web application security posture Audit of payment flow integrity, including Stripe/payment configuration Review of frontend checkout buttons, redirects, forms, and scripts Review of backend payment/session creation logic Review of webhook handling and order fulfilment logic Review of environment variables, deployment secrets, and hosting configuration Review of third-party tools, plugins, tag manager, CMS settings, and analytics integrations Review of purchase tracking events, including Meta Pixel or Conversions API where relevant Review of Git history and deployment changes relating to payment or tracking flows Identification of misconfigurations, insecure practices, or unauthorised changes Key areas of assurance: Payment keys, product IDs, price IDs, and payment links are authorised and correctly configured Checkout redirects and payment flows resolve to approved accounts and endpoints Orders are only marked paid after verified payment confirmation Analytics purchase events only fire after appropriate payment validation Webhooks are correctly verified and securely handled Production secrets and deployment settings align with approved configuration Third-party scripts and integrations are secure and appropriate Deliverables: Board-ready written audit report Summary of risks, observations, and recommendations Evidence/screenshots for material findings Clear risk rating for any issues identified Practical remediation guidance Optional ongoing monitoring or periodic re-audit plan Requirements: Strong experience with web application security audits Experience with Stripe or comparable payment systems Ability to review frontend, backend, deployment, and third-party configurations High attention to detail, discretion, and confidentiality Ability to communicate clearly with non-technical stakeholders and board members Please include examples of relevant security, payments, or risk audit work you have completed.

  • Less than 30 hrs/week
    Hourly
  • 6+ months
    Duration
  • Expert
    Experience Level
  • $4.00

    -

    $10.00

    Hourly
  • Remote Job
  • Ongoing project
    Project Type

Contract-to-hire opportunity

This lets talent know that this job could become full time.
Learn more
Skills and Expertise
Mandatory skills
Security Assessment & Testing
Activity on this job
  • Proposals:20 to 50
  • Interviewing:
    0
  • Invites sent:
    0
  • Unanswered invites:
    0
About the client
Member since Mar 30, 2016
  • Australia
    Perth4:44 PM
  • $244K total spent
    192 hires, 70 active
  • 27,258 hours
  • Art & Design
    Small company (2-9 people)

Explore similar jobs on Upwork

UK Cybersecurity Sales ProfessionalHourly‐ Posted 2 weeks ago
Sales
Phone Communication
Telemarketing
Cold Calling
Help with cyber security photoshopHourly‐ Posted 9 months ago
Penetration Testing
System Security
Cybersecurity Management
Vulnerability Assessment
Security Assessment & Testing
Network Penetration Testing
Testing
Software Testing
Ethical Hacking
Threat Detection

How it works

  • Post a job icon
    Create your free profile
    Highlight your skills and experience, show your portfolio, and set your ideal pay rate.
  • Talent comes to you icon
    Work the way you want
    Apply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
  • Payment simplified icon
    Get paid securely
    From contract to payment, we help you work safely and get paid securely.
Want to get started? Create a profile

About Upwork

  • Rating is 4.9 out of 5.
    4.9/5
    (Average rating of clients by professionals)
  • G2 2021
    #1 freelance platform
  • 49,000+
    Signed contract every week
  • $2.3B
    Freelancers earned on Upwork in 2020

Find the best freelance jobs

Growing your career is as easy as creating a free profile and finding work like this that fits your skills.

Trusted by

  • Microsoft Logo
  • Airbnb Logo
  • Bissell Logo
  • GoDaddy Logo