Taha O.
Paris, France
100%
Job Success
Top Rated Plus
Security, Privacy & Compliance - SOC 2 / HIPAA / ISO 27001 / CISO
$120.00/hr
I will help you reach your security compliance goals. Whether SOC 2, ISO 27001, or maintaining your security as a fractional CISO, you are dealing with an Expert-Vetted consultant (less than 1% of Upwork talents).
Ex-Big 4 senior consultant with 10+ years of experience in assisting clients in cybersecurity, IT compliance, AI security management and security risk assessment projects.
❗You have lost contracts because you were not certified?
❗Your clients pressure you to provide them with an information security certification (PCI-DSS, SOC 2, ISO 27001, HIPAA, FedRAMP, CMMC, ISO 42001) ?
❗You don't know what to answer to the security assessment questionnaire you recently received from your biggest client & it's taking too much time ?
❗You don't have time and resources to be consumed by compliance efforts and endless meetings?
❗You are struggling to understand the certification process, the related cost, and the timelines?
❗You just purchased a compliance tool (Drata, Vanta, Thoropass, Sprinto, OneTrust/Tugboat, SecureFrame, Strike Graph, Audit Board, TrustCloud) but don't know the next step or don't have time for it?
Services provided:
📝 Policies & Procedure writing & review
📝 Security gap analysis (based on frameworks on your choice, ISO 27001, NIST, SOC 2, etc.)
📝 IT and Compliance Audits
📝 Performing Risk Assessments, risk treatments, and establishing actions plans & roadmaps.
📝 Evaluation of the existing IT security state of maturity against established standards & regulatory requirements.
📝 Organization-wide security strategy
📝 Support in Governance, Risk & Compliance (GRC) projects
📝 Cloud security governance, management and strategy
📝 Security Operations
📝 DPO service: I can provide you with assistance with regards to GDPR/CCPA compliance, policy writing/reviewing, GDPR gap assessment analysis, and accompanying you in your GDPR compliance journey and Data Privacy requirements.
📝 CISO service: I can provide you with assistance and support in defining your security strategy, putting in place action plans and following up implementation over the long run.
💥WHY ME AND NOT ANOTHER FREELANCER?💥
✅ Big 4 consultant expertise. End-to-end managed security services.
✅ All work is completed by myself, with constant communication with you and taking into account your every remark & need.
✅ Excellent Client Reviews: I focus on providing you with VALUE and earning your TRUST.
✅ Over-Delivering: I focus on GIVING you more than what I expect to RECEIVE. I am happy when my client's expectations are exceeded.
✅ Responsiveness: All lines of communications are open, and I can be reached very easily.
✅ Kindness & Ethics: As security and compliance professional, we hold ourselves to high ethical values, treating everyone with respect, understanding and genuinely IMPROVING my client's situation.
Let's get in touch.
(The hourly rate shown is indicative only, as I adapt depending on the project and client's budget)
Security questionnaire and vendor assessment tools:
CyberGRX, Panorays, KY3P (S&P, PWC), RSM, CyberVadis, SIG, CAIQ, VAS, HECVAT, OneTrust, Graphite Connect, Centrl, Whistic,
Compliance management tools:
Drata, Vanta, Onetrust Compliance Automatization - Tugboat Logic, Sprinto, SecureFrame, Thoropass (HeyLaika), Trust Cloud, Strike Graph, Audit Board, ISMS.online, Instant27001
Security/Compliance frameworks: ISO 27001, SOC 2, FedRAMP, NIST 800-53, NIST 800-171, NIST CSF, TISAX, HIPAA, HITRUST CSF, GDPR, NERC, ISO 27017, ISO 27018, CMMC, CMMI, TX-RAMP, StateRAMP, AZ-RAMP, NY DFS 23 / NYCRR Part 500, PCI-DSS, FFIEC, C5, ENISA, Center of Information Security (CIS), IRAP, ISO 42001
Work history
Work history
DPO/CISO - GDRP a, ISO27001, SOC2 Consulting, Implementation, Monitoring
5.0
of 2 reviews
Nov 12, 2021
-
Jan 30, 2025
5.0
Private earnings
HIPAA implementation for the insurtech sector
Jun 14, 2024
-
Oct 25, 2024
"Great service & responsive. Very knowledgable."
Private earnings
Security Complience
May 14, 2023
-
Oct 1, 2024
"Working with Taha was a great experience. They demonstrated professionalism, strong communication skills, and delivered high-quality work within the agreed timeline. Their expertise and attention to detail were evident throughout…
Private earnings
vCISO for SOC2
Apr 23, 2024
-
Jul 30, 2024
"Taha is absolutely fantastic! Our company needed SOC2 compliance, as we started attracting enterprise-level clients, but we had no prior experience. From the beginning, I got a great vibe from…
Private earnings
You will get PCI-DSS compliance consulting by a certified security expert
Apr 25, 2024
-
Apr 26, 2024
Private earnings
IT Security Engineer needed
Feb 9, 2024
-
Mar 20, 2024
Private earnings
SOC 2 / HIPAA
Oct 27, 2023
-
Nov 28, 2023
"We really appreciated working with Taha for our audit. Taha had a thorough understanding of the SOC requirements and what we needed in order to meet and exceed those requirements…
Private earnings
HIPAA & GDPR compliance advisory services
Apr 13, 2023
-
Jul 27, 2023
"Throughout the project, the freelancer displayed a high level of professionalism and effective communication. Working with the freelancer was a pleasure due to their positive attitude and willingness to collaborate…
Private earnings
Cybersecurity and Cyber Insurance Consultation
May 12, 2023
-
Jul 26, 2023
"Great consultation provided by Taha. He is really good when it comes to CyberSecurity consultation. Highly recommended."
Private earnings
ISO 27001 Internal Audit
Feb 1, 2023
-
Jun 8, 2023
"Great job! We received our ISO 27001 certification after working with Taha on internal audit to prepare properly for the external audit, which we passed handily. Highly recommended!"
Private earnings
Data Protection Officer - GDPR and Swiss Regulations
Apr 14, 2025
-
Present
Job in progress
Private earnings
Services conseil : RGPD et Sécurité
Feb 3, 2025
-
Present
Job in progress
Private earnings
CISO - Chief Information Security Officer
Nov 15, 2024
-
Present
Job in progress
Private earnings
SOC 2 Report Draft Review
Sep 9, 2024
-
Present
Job in progress
Private earnings
HECVAT/CAIQ Requirements Implementation Support
Jun 14, 2024
-
Present
Job in progress
Private earnings
30 minute consultation
Jun 9, 2024
-
Present
Job in progress
Private earnings
Migration to ISO 27001:2022
May 24, 2024
-
Present
Job in progress
Private earnings
Lead and conduct SOC2 certification process
Apr 26, 2024
-
Present
Job in progress
Private earnings
ISO 27001 Implementation Support / Vanta
Apr 19, 2024
-
Present
Job in progress
Private earnings
IT Security & Compliance Policy Assistance
Apr 19, 2024
-
Present
Job in progress
Private earnings
Taha O. has more jobs. Create an account to review them
Skills
Skills
- Information Security Consultation
- Vulnerability Assessment
- Security Policies & Procedures Documentation
- Information Security
- ISO 27001
- Risk Assessment
- IT Compliance Audit
- GDPR
- SOC 2 Report
- Data Privacy
- Security Management
- Governance, Risk & Compliance Software
- Cloud Security
- Information Security Audit
- Certified Information Systems Security Professional
Project catalog
Get started working with Taha quickly with these predefined projects.
Get started working with Taha quickly with these predefined projects.
You will get CMMC or FedRAMP compliance consulting and support
From $2,000
8 days delivery
You will get HIPAA compliance consulting, gap analysis and remediation
From $7,000
15 days delivery
You will get your SOC 2 report (type I and II)
From $8,000
30 days delivery
You will get your ISO 27001 certification
From $8,000
60 days delivery