Hire the best Certified Information Systems Security Professional (CISSP)

Check out Certified Information Systems Security Professional (CISSP) with the skills you need for your next job.
Clients rate Certified Information Systems Security Professional (CISSP)
Rating is 4.7 out of 5.
4.7/5
based on 310 client reviews
  • $149 hourly
    Security, Privacy, and Compliance sell to Enterprises! Join 200+ successful Founders, CTOs, and CEOs in unlocking business opportunities worth millions💲💲 💲by working with the 🥇 Upwork virtual CISO, Security, Privacy, and Compliance consultant (1M+ earnings, 20+ years of enterprise experience)! CEO selling to Pepsi:🎉 "Attila supported the growth of our business into Fortune 100 accounts." CEO selling to Philips: 🍾 "We have achieved the ISO 27001:2022 certification in record time." CEO selling to Morgan Stanley: 🥂"The certification is enabling us to strike a deal with a Fortune 100 client." COO selling to Fannie Mae:👏 "We achieved a successful SOC 2 Type II attestation with no exception." 💭Securing your business, passing security assessments by clients or prospects, and achieving a security certification 𝙨𝙝𝙤𝙪𝙡𝙙 𝙣𝙤𝙩 𝙗𝙚 𝙖 𝙘𝙪𝙢𝙗𝙚𝙧𝙨𝙤𝙢𝙚 𝙖𝙣𝙙 𝙥𝙖𝙞𝙣𝙛𝙪𝙡 𝙚𝙭𝙚𝙧𝙘𝙞𝙨𝙚. 👌 Specialized in business-to-business, providing 💸money-back guaranteed💸 ISO 27001, SOC 2, GDPR, HIPAA, PCI-DSS, CMMC, and FedRAMP projects and affordable virtual CISO (vCISO) services. ----> If you don’t get certified, all my fees will be refunded! <---- 😢Are you busy developing your product or business and don’t have time and resources to be consumed by compliance efforts and endless meetings, halting your production for months? 😢You quickly need quick security or privacy awareness training, cloud security posture assessment (AWS, GCP, Azure), endpoint security (MS 365 - Intune, Jumpcloud, Google Workspace), or penetration testing? 💪Want to decrease your sale cycle by being compliant and having all the answers for the security and privacy questionnaires? 💪Need PCI-DSS ASV (approved scanning vendor) scans to support your PCI compliance? Got your back! 💪Facing the challenges of the security and privacy implications of AI products? 💪Want continuous access to a certified, creditable security, compliance, and privacy professional to manage your security framework? -> Continous virtual CISO (vCISO / fractional CISO) service with affordable weekly payments! 😟Need world-class, battle-proof security and privacy policies? Maybe you need it quickly? The kind of ones that have passed audits by KMPG, Microsoft, PWC, Deloitte, E&Y, Pepsi, Rolex, Uber, Verizon, Philips, Facebook, and many others? 🤔Already purchased a DIY compliance tool (Drata, Vanta, Thoropass/HeyLaika, Sprinto, OneTrust Compliance Automatization/Tugboat Logic, SecureFrame, Strike Graph, Audit Board, Trust Cloud, and so on) but don’t know the next step or don’t have time for it? Click on the green invite button at the top right corner to invite or message me. 📣 🚫No hacking service! Don't ask to hack, crack, or gain access to any accounts, systems, social media, etc. Please note that all invitations for this will be declined. 🚫I only serve businesses, no service for private individuals!🚫 Working with me, you will: ★ Get the burden of security and compliance management taken off your shoulders so you can focus on building your company ★ Get an end-to-end, professionally managed service ★ Get a consultant aiming for long-term support and providing advice and services to enable you to achieve growth-phase plans and targets by establishing a solid security and governance framework to win Enterprise clients. ★ Have access to a pool of hand-picked security professionals for SecOps, DevOps, Cloud security, penetration testing, application security, and endpoint security. --- My stats are: ✅Saved tens of thousands $$$$$ for clients, advising them on the right security tools, solutions, and approach ✅Enabled businesses to generate increases in ARR 💵 by getting them compliant and secure ✅#1 in Information Security and IT compliance categories (1M+ earned) ✅Supporting all time zones ✅Long-term engagements ✅Professional certifications (CISA, CISSP, ISO 27001 IA) Security questionnaire and vendor assessment tools: CyberGRX, Panorays, KY3P (S&P, PWC), RSM, CyberVadis, SIG, CAIQ, VAS, HECVAT, OneTrust, Graphite Connect, Centrl, Whistic, Compliance management tools: Drata, Vanta, Onetrust Compliance Automatization - Tugboat Logic, Sprinto, SecureFrame, Thoropass (HeyLaika), Trust Cloud, Strike Graph, Audit Board, ISMS.online, Instant27001.com Security/Compliance frameworks: ISO 27001, SOC 2, FedRAMP, NIST 800-53, NIST 800-171, NIST CSF, TISAX, HIPAA, HITRUST CSF, GDPR, NERC, ISO 27017, ISO 27018, CMMC, CMMI, TX-RAMP, StateRAMP, AZ-RAMP, NY DFS 23 / NYCRR Part 500, PCI-DSS, FFIEC, C5, ENISA, Center of Information Security (CIS), IRAP. Projects not for me: ✖Asking to fill security questionnaires, providing the appropriate answers but not implementing controls ✖Asking to create falsified audit or assessment reports
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Security Management
    SOC 2
    HIPAA
    SOC 2 Report
    Risk Management
    Cloud Security
    Information Security Audit
    Certified Information Systems Security Professional
    Governance, Risk Management & Compliance
    ISO 27001
    Information Security
    Information Security Consultation
    IT Compliance Audit
    Cybersecurity Management
    Security Policies & Procedures Documentation
  • $220 hourly
    Former private sector and government executive with leadership, consulting, advising, strategic and business development at the forefront of my professional skills. Compliance expertise in: FISMA, NIST CSF, NIST SPs 800 Series, HIPAA, FedRAMP, PCI DSS, Sarbanes Oxley, GLBA, GDPR, ISO 27001. CISSP with more than 20 years in cybersecurity and IT. Cybersecurity professor and skilled trainer in risk management and compliance, with expertise in developing professionals into the cyber managers and leaders they want to become. I teach fundamentals and advanced coursework in risk assessments, security testing, business continuity, secure application development, and securing emerging technologies. Business expertise in grant and proposal writing, as well as policy and procedure development. Technical writing to include strategic plans, white papers, briefing papers, and presentations. I have been writing, convincing, persuading, and communicating effectively through writing my entire career. I am also effective in providing business capture and business development support.
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Nonprofit Organization
    Certified Information Systems Security Professional
    Data Protection
    Policy Writing
    Information Security Audit
    Compliance
    Tech & IT
    Risk Analysis
    Business Continuity Plan
    Business Consulting
    Enterprise Risk Management
    Risk Assessment
    Project Risk Management
    Technical Writing
    Technical Documentation
  • $30 hourly
    Looking for a penetration test? We'll give you access to our next-generation penetration testing solution. By combining the power of manual and automated penetration tests, we deliver the real-time insights companies need to remediate risk quickly. Through our Pentest as a Service (PTaaS) platform our clients receive comprehensive assessments. Our methodology follows the National Institute of Standards and Technology Special Publication (NIST SP​ 800-115), along with the latest techniques, tactics and tools used by hackers to compromise systems and applications. Providing real-time findings and unlimited retests to ensure gaps are closed is our key differentiator. Please check my Upwork work history and client feedbacks. I look forward to hearing from you!
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Website Security
    OWASP
    Web Application Security
    Information Security Audit
    Certified Information Systems Security Professional
    Information Security
    Vulnerability Assessment
    Security Testing
    Network Security
    Penetration Testing
  • $275 hourly
    🌟 TOP RATED PLUS Cybersecurity Consultant with 100% Job success rate 🌟 ✅ Penetration Testing: Standard, Web application, mobile applications. ✅ Compliance: CMMC, DFARS, NIST 800-53, NIST 800-171, PCI, HIPAA, GDPR, ISO, SOC, SOX, GLBA, FedRAMP, CCPA, and more. ✅ Incident Response: Ransomware recovery, hacking response, forensic investigations. ✅ vCISO: Virtual Chief Information Security Officer ✅ Vulnerability Management: Vulnerability Scanning Hello, It is great to meet you (virtually)! My name is Tyler. I have over 15 years of cyber-security experience in multiple verticals. I have worked with fortune 500 brands, government, military, and intelligence agencies. 🌟 I have provided expert cybersecurity and compliance consulting for startups to hundreds of businesses! 🌟 My core expertise resides in: compliance and governance (PCI, HIPAA, SOC 2, NYSDFS, CMMC, DFARS, ISO, NIST, GDPR, and more), ethical hacking, incident response, penetration testing, secure design and architecture, and public speaking. I am an excellent writer and also possess business savvy. Pairing technical expertise with exemplary writing skills is my forte. I am also fluent in Brazilian Portuguese. I currently hold the following educational degrees and certifications: ✅ Master of Business Administration (MBA) ✅ Bachelor of Science in Cyber-Security ✅ Certified Information Systems Security Professional (CISSP) ✅ GIAC Certified Incident Handler (GCIH) ✅ GIAC Security Essentials Certification (GSEC) ✅ Microsoft Certified Systems Expert (MCSE) ✅ Microsoft Certified Systems Administrator (MCSA) ✅ Microsoft Certified IT Professional (MCITP) ✅ CompTIA Security+ ✅ CompTIA A+ ✅ CIW Web Design Associate WHY CHOOSE ME OVER OTHER FREELANCERS? -Professionalism: I treat all clients with respect and honor their trust in my services. -Expertise: I have expertise across many cybersecurity, information technology, and compliance areas. -Responsiveness: Constant and effective communication is the key to a successful engagement. -Dedication: When i take on a task or project, you deserve my undivided attention and focus! -Versatility: I can easily pivot from many different tasks. Whether your project is a standard penetration test or a Chief Information Security Officer engagement, I have the ability, knowledge, experience, and credentials to adjust based on your requirements. -I have led over 150 incident response cases. -I have brought over 75 organizations to full compliance for DFARS, NIST, PCI, HIPAA, GDPR, and more. -I have conducted over 200 penetration tests. ✅ I will ensure that you get the results that you deserve. My clients trust me to complete their tasks and I ALWAYS deliver! Whether you are seeking a long term partner or a short term project, I am ready to deliver the high quality results that you deserve.
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Certified Information Systems Security Professional
    HIPAA
    Defense Federal Acquisition Regulation Supplement
    Policy Writing
    GDPR
    Internet Security
    Security Analysis
    Information Security
    Encryption
    Security Assessment & Testing
    Application Security
    Incident Response Plan
    Vulnerability Assessment
    Network Security
    Penetration Testing
  • $100 hourly
    Mr. Lunsford has over twenty years of management and leadership experience in the military and private sector of IT operations, including certification in Network Management, Cybersecurity, Encryption, and Information Assurance. Mr. Lunsford holds certifications and certificates from the ARMY, CCNA, CompTIA, and EC-Council. Mr. Lunsford specializes in Cyber Security, Governance Compliance, Network and Device Configuration Management, and Risk management. As an industry-certified professional. Mr. Lunsford provides services as a consultant or an assessor based on the organization's request to meet their required compliance Framework. This can include but is not limited to: • NIST 53 Federal Systems • FedRAMP, StateRAMP, TXRAMP Federal and/or State Systems • NIST 171 Non-Federal Systems for Contractor Agencies • CMMC 2.0 L1, L2, & L3 Non-Federal Systems for Contractor Agencies • ISO 27000, 27001, 27002 • SOX • SOC 2 • PII, PHI • PCI-DSS Mr. Lunsford’s project specialty includes: • Controlled Unclassified Information (CUI) • Federal Contract Information (FCI) • System Security Plan (SSP) • Plan of Action and Milestones (POA&M) • SCOPE Boundary Design • Network and Topology Flow Diagrams • Risk Management Plan and Assessment • Incident Response Plan and Processes • Change and Configuration Management Plan and Processes • GAP Analysis and Remediation • Security Policies, Procedures, Processes, Plans, Matrixes, Inventories, and more. Mr. Lunsford’s capabilities include: • Ability to trace and develop data and system life cycle methodologies. • Lead organizations through compliance projects from beginning to end. • Provide educational services to staff and other members in support of organizations. • Coordinate tasks through project management tools and mechanisms. • Provide consulting services. • Provide assessments based on the organization’s readiness. • Develop and assist organizations that struggle with policy development. • Provide organizations with a roadmap to compliance that includes documents, checklists, details, and questions to prepare the organization for certification. Mr. Lunsford’s solutions include: • Compliance documentation • Evidence collection and attestations • System Testing Metrics • Hardware and Software • End Point Management and Mobile Device Management • Training and Education • Encryption • Storage, Backup, and Archiving • Risk and Incident Management
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Certified Information Systems Security Professional
    Security Infrastructure
    Risk Assessment
    Security Policies & Procedures Documentation
    SOC 2 Report
    NIST SP 800-53
    IT Compliance Audit
    Incident Response Plan
    ISO 27001
    FedRAMP
    Information Security Consultation
    Cybersecurity Management
  • $100 hourly
    I am a cyber security professional with over 9 years of cyber security experience working with multinational clients across countries both in public and private sectors specializing in secure SDLC, security architecture, data protection, risk assessment, compliance reviews, and penetration testing. Currently, I am working as a Senior Application Security Engineer at a unicorn based out of London. I am a CISSP (Certified Information Systems Security Professional) and OSCP (Offensive Security Certified Professional) and did my Bachelors in Computer Sciences from COMSATS institute of information technology.
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Content Writing
    Copywriting
    Cloud Security
    Privacy Policy
    Certified Information Systems Security Professional
    PCI DSS
    SOC 2
    Internet Security
    Information Security Governance
    Blog Content
    Security Analysis
    Penetration Testing
    Information Security
    Security Policies & Procedures Documentation
    Network Security
  • $60 hourly
    In the last years I did more than 100 Penetration-Tests and Security Assessments. Most of them on Web and Mobile applications with Finance Background implemented with various technologies and frameworks. (J2EE, ASP, PHP). Based on my daily work I am experienced with all common attack vectors and mitigation techniques. Since 2009 I am CISSP (Certified Information Systems Security Professional) and since 2017 I am CEH (Certified Ethical Hacker) certified. Please check also my UPWORK work history and client feedbacks. I am offering professional Black and Grey-box Penetration tests for Web and Mobile Applications. Sorry, I am not able to locate your girlfriend, recover your lost FACEBOOK, GMAIL, YAHOO etc. account or find your lost phone. Please do not invite me to such jobs. Before I start offensive tests, I may ask you for evidence that you are the site owner or to show me that you have admin access.
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    App Development
    Internet Security
    Certified Information Systems Security Professional
    Security Analysis
    Wireless Security
    Java
    Information Security
    Network Security
    Penetration Testing
  • $99 hourly
    I help organizations build and manage a strong cybersecurity program. I have established resilient cybersecurity in Fortune 100 companies —Warner Bros., EA Sports, Pfizer, State Farm Insurance, and Goldman Sachs and can do the same for your business.
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Cloud Security
    Network Security
    Cybersecurity Monitoring
    SOC 2
    HIPAA
    PCI
    Certified Information Systems Security Professional
    ISO 27001
    Security Infrastructure
    Compliance Consultation
    Web Application Security
    Information Security Audit
    Vulnerability Assessment
    Penetration Testing
    Security Policies & Procedures Documentation
  • $75 hourly
    🏆 Top 3% on Upwork. ✅ Fluent English. ✅ Swift response and communications. I have more than 15 years of experience as a consultant, auditor & trainer in multinational organisations including Deloitte. I have developed strong expertise pertaining to gap assessment, risk assessment, information security documentation, information security governance, cyber security documentation, cyber security governance,and cyber security training. 👉 Below are my educational achievements: 🏆 CISSP-------(Certified Information Systems Security Professional) 🏆 HITRUST Certified CSF Practitioner-------(CCSFP) 🏆 CISM-------(Certified Information Security Manager) 🏆 CISA-------(Certified Information System Auditor) 🏆 CDPSE-------(Certified Data Privacy Solutions Engineer) 🏆 CCSK-------(Certificate of Cloud Security Knowledge) 🏆 ISO 27001-------Lead Implementer & Lead Auditor 🏆 ISO 22301-------Lead Implementer 🏆 MSc, BSc-------(Computer Engineering) 🏆 MBA Executive I also have extensive experience with a wide range of standards and regulations such as PCI DSS, ISO 27001, 27017, 27018, 22301, 37301, 31000 GDPR, HIPAA, HITRUST, NIST, SOC 2, SAMA CSF and NCA Standards in KSA. Furthermore, I have published 2 IEEE research papers and one journal paper, all related to cybersecurity. 👉Few examples of successfully delivered numerous projects related to cybersecurity, data protection, risk management, audit, and technology governance. ✅ Cybersecurity policies set for MechaPal, Japan ✅ HIPAA, HITRUST compliance for Healthtech startup in US ✅ GRCaaS project for Saudi Industrial Cities (Second year in progress) ✅ PCI DSS project for Bsecure (Fintech) ✅ SAMA CSF compliance documentation which includes risk management framework for Saudi Home Loans, Manafa Capital, MISForward, AlSagr Insurance, Alrajhi Takaful, MedGulf ✅ Data Protection Project for Saudi Government Agency ✅ HIPAA and NIST CSF compliance mapping for Security Scorecard, USA ✅ GDPR compliance project for Visionet, USA ✅ IT audit of Pakistan largest G2P program: BISP ✅ PCI DSS compliance project at Askari Bank, BAB, Fintechs (Bsecure, Tweeq, Tiqmo) ✅ Risk Assessment, VAPT and ITGC project at Mobilink Microfinance Bank ✅ ISO 27001 Project for SECP (Pakistan) & Emergent Payment (Ghana), HTS (Pakistan), Skyband (KSA), Modon (KSA), Volga Partners (USA), Skyband(KSA), RES(KSA) , Zepto Systems(Pakistan) ✅ Policy Development for MDC, UK ✅ ETGRM compliance for Telenor bank, Pakistan ✅ Data protection policy and security manual for Faceki, Bahrain ✅ Security policies development required by Master Card for mybook, Qatar
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    HITRUST Common Security Framework
    ISO 27001
    Data Protection
    Presentation Design
    PCI DSS
    Compliance
    Data Privacy
    Business Services
    GDPR
    Information Security Governance
    Information Security Audit
    SOC 2 Report
    NIST SP 800-53
    Information Security
    Cybersecurity Management
    Information Security Consultation
  • $40 hourly
    As a seasoned Senior Security Analyst, I bring forth seven years of dedicated expertise in fortifying the Cybersecurity landscape for enterprises, corporations, and medium-sized businesses. My proficiencies encompass an extensive range, including: -Orchestrating the full spectrum of incident response life cycles and post-incident activities. -Mentoring and guiding junior colleagues in mastering the intricacies of incident response cycle. -Crafting robust Information Security policies and procedures tailored to organizational needs. -Authoring comprehensive security guidelines to empower security personnel with actionable directives. -Conducting thorough training sessions for employees, covering the breadth of Cybersecurity awareness. -Configuring SIEM alarm rules and formulating clear incident response playbooks. - A hands-on experience with SOAR platforms, fostering a seamless operational environment. My forte lies in delivering quick security alarm analysis across various domains and tools, including: Web security and email security solutions, security awareness platforms, Microsoft and Amazon security stack, brand and digital landscape protection, EDR and HIPS, as well as an array of SIEMs such as LogRhythm, Qradar, Sentinel, XDR, Rapid7, Amazon. With a commitment to robust security measures and a track record of elevating defenses across multifaceted environments, I am committed to contribute expertise that safeguards and fortifies your organization against evolving threats.
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Security Operation Center
    GDPR Compliance Review
    Information Security
    GDPR
    ISO 27001
    Information Security Consultation
    Vulnerability Assessment
  • $50 hourly
    Georges Kirillos is a loving father with over 8 years of experience in cybersecurity, and over 12 years of experience in paramedic as technical mission leader. He has started his security career when he was 16 years old as script kitty. At age 23 he has won 10000 USD as first place prize in an innovative competition organized by the higher center for research at his university, He has finished his Master engineering degree in network and information security at 24 years of age with a high GPA. Georges is holding multiple certificates in cybersecurity and medical fields. In his over 8 years of experience in cybersecurity, Georges was providing top level cybersecurity service to his employer and employers customer with excellent reports, some of the services are as follow: penetration testing, vulnerability assessment, red teaming, security officer services, technical risk assessment, ISO/IEC 27001 27002 services, hardening, providing cybersecurity awareness sessions, solution architecture, conducting POC, providing L2 support and providing training on security product. Georges has gained an immense experience in managerial skills with his over 12 years of experience as paramedic mission leading at the Lebanese Red Cross as a volunteer; and he is also the IT Manager in his station, he has created a highly secure hardened environment with administrative segregation from scratch using latest technology with 100% open source software's and OS; in order to securely host a custom build web application. This system is now being uses by more than 3 Stations.
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Security Analysis
    Security Management
    Information Security Audit
    Compliance
    ISO 27001
    Information Security Awareness
    Cloud Security
    Information Security
    Information Security Consultation
    Application Security
    Vulnerability Assessment
    System Security
    Network Security
    Penetration Testing
    Security Policies & Procedures Documentation
  • $25 hourly
    Welcome to my profile! As an accredited ISO 9001 and ISO 27001 Lead Auditor, I bring a wealth of expertise in driving quality management and information security standards for businesses of all sizes. My passion lies in helping organizations streamline their processes, enhance operational efficiency, and secure their information assets. What I Offer: ⚡ Comprehensive Auditing: In-depth audits for ISO 9001 (Quality Management Systems) and ISO 27001 (Information Security Management Systems), ensuring compliance and identifying areas for improvement. ⚡ Customized Solutions: Tailored advice and strategies to meet your specific organizational needs, while aligning with international standards. ⚡ Continuous Improvement: Guidance on implementing best practices for ongoing quality and security enhancements. ⚡ Risk Management: Expert analysis and recommendations to mitigate risks, ensuring robust and resilient systems. ⚡ Training and Support: Providing staff training and support to understand and effectively implement ISO standards. Why Choose Me? ⚡ Proven Track Record: Years of experience successfully auditing and consulting various companies, leading to enhanced quality and security standards. ⚡ Client-Centric Approach: I prioritize understanding your unique challenges and goals to provide the most effective solutions. ⚡ Up-to-Date Knowledge: Constantly updating my skills and knowledge to stay at the forefront of ISO standards and auditing techniques. ⚡ Detail-Oriented: Meticulous attention to detail, ensuring no aspect of your systems is overlooked. ⚡ Effective Communication: Clear and concise communication to ensure you are informed and engaged throughout the auditing process. Whether you're looking to achieve initial ISO certification, maintain compliance, or improve your existing systems, I am here to guide you every step of the way. Let's work together to elevate your organization's quality and security standards to new heights! Contact Information: ✉️ Email: heeanaacharya@outlook.com 📱 Phone: +91 9718835704 🗓️ Calendar: calendly.com/heenasharma/isoconsultation
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    HIPAA
    SOC 3
    GDPR
    SOC 2 Report
    ISO 9000
    ISO 9001
    CMMC
    SOC 1
    Six Sigma
    ISO/IEC 20000
    ISO 27017
    ISO 27018
    ISO 27001
    ISO 14001
    SOC 2
  • $205 hourly
    Risk management specialist, vCISO - 20 years of experience with business IT consulting, regulatory compliance, and acting as a virtual CISO for multiple companies. Commonly assist with vendor risk questionnaires and cybersecurity strategy for organizations of all sizes. Risk management done correctly helps a business grow and save money. Managing losses properly means that the organization makes more money, retains more clients, and while others in similar companies disregard the importance of information privacy, businesses that make cybersecurity a cornerstone of modern business will grow. I want to show you how proactive cybersecurity management is as critical to a business as sales. Expert services: ✅Vendor questionnaires from clients ✅Compliance with PCI, HIPAA, GDPR, SOC2, ISO27001 ✅SSDLC ✅Internal Audits ✅Cloud Security Architecture ✅Policy Creation ✅Security Testing
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    AI Consulting
    Artificial Intelligence
    Enterprise Risk Management
    Information Security Threat Mitigation
    Secure SDLC
    Data Breach Mitigation
    Incident Management
    Data Privacy
    Disaster Recovery
    Incident Response Plan
    Regulatory Compliance
    Business Continuity Plan
    Risk Assessment
    HIPAA
    Disaster Recovery Plan
  • $33 hourly
    Application Security Engineer with expertise in penetration testing for web applications, mobile applications, network infrastructure and API security.
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Web Application Security
    Website Security
    Security Engineering
    Information Security
    Security Assessment & Testing
    Security Testing
    System Security
    Penetration Testing
    Application Security
    Network Security
    Database Security
  • $120 hourly
    ⭐️⭐️ I AM A TOP RATED PLUS FREELANCER on Upwork ⭐️⭐️ I am an experienced DevOps Engineer, Solutions Architect, and Cloud Engineer with a strong background in Security and Infrastructure. With 20+ years in the IT & Telecoms industry, I have consistently delivered successful global projects and led the design and delivery of complex cloud-based infrastructure that caters to millions of users. Throughout my career, I have had the opportunity to work with renowned international companies and Fortune 500 organizations, including: ✅ Mozilla (Firefox) ✅ Druva ✅ Walmart ✅ Vodafone ✅ Deloitte ✅ Aspen Pharmaceuticals ✅ AA (Automobile Association) ✅ Clover ✅ American Marketing Association ✅ RCI ✅ MTN My primary specialization lies in Cloud Computing, where I excel in automating operating systems and applications for internal, AWS, Azure, and GCP cloud environments. I am well-versed in private cloud platforms such as Hyper-V and VMware infrastructure. As part of my expertise, I consistently implement CI/CD pipelines using various toolsets such as CircleCI, AWS/GCP/Azure DevOps, AWS CodeDeploy, and GitHub, among others. Automated infrastructure provisioning and post-provisioning automation are areas where I am highly skilled, utilizing Ansible and Terraform to deploy resources in AWS/Azure/GCP as well as facilitate seamless enterprise cloud migrations from on-premises to the cloud and from cloud to cloud. In addition, I specialize in optimizing and consolidating cloud infrastructure to help you effectively manage your spending on both public (AWS, Azure, GCP) and private (VMware, Hyper-V, Citrix Xen) cloud environments. I prioritize scalability, sustainability, and security in all my endeavours. Throughout my career, I have successfully led over 500 projects from inception to completion, consistently meeting deadlines and staying within agreed budgets. My work ethic revolves around the principle of "under-promise and over-deliver," always striving to exceed expectations and add value to my clients' projects. Communication is one of my strong suits, and I excel at effectively collaborating with both technical and non-technical stakeholders. I am highly motivated, innovative, and analytical, constantly seeking opportunities to think outside the box and find optimal solutions for complex challenges. If you are looking for a dedicated professional who can help enhance your business, I am eager to work with you. Contact me today to discuss your business and explore how we can collaborate to achieve your goals. ⭐️ I am an Expert in the following skill sets ⭐️ ✅ Amazon Web Services (AWS) ✅ Microsoft Azure ✅ Google Cloud Platform (GCP) ✅ CloudFormation ✅ CloudFront ✅ CloudTrail ✅ CloudWatch ✅ Cloud Infrastructure ✅ Cloud Logistics ✅ CircleCI ✅ DevOps ✅ Hyper-V/VMware ✅ BIND DNS ✅ DNS ✅ Docker ✅ EC2 ✅ EFS ✅ EBS ✅ EKS ✅ Elastic Load Balancer (ELB) ✅ ElastiCache ✅ Migration and Automation ✅ Microsoft Azure, AWS, GCP IaaS and PaaS. ✅ Hybrid Azure, AWS, GCP ✅ RDS ✅ Route 53 ✅ S3 ✅ GraphQL ✅ Kubernetes ✅ Jenkins ✅ CodePipelines ✅ CI/CD ✅ Terraform ✅ Ansible ✅ Apache ✅ Nginx ✅ Nagios ✅ New Relic ✅ Glacier ✅ SQS ✅ SWF ✅ SNS ✅ VPC ✅ IAM ✅ Linux ✅ CentOS ✅ Debian ✅ Redhat ✅ Solaris ✅ Ubuntu ✅ UNIX ✅ Windows Desktop ✅ Windows Server ✅ Active Directory ✅ VmWare ✅ Proxmox ✅ Xen ✅ MySQL ✅ MariaDB ✅ PostgreSQL ✅ Python ✅ PHP ✅ Microsoft SQL ✅ Heroku ✅ Netlify ✅ Selenium ✅ GitHub ✅ Snowflake ✅ Laravel ✅ RedHat
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Virtualization
    Deployment Automation
    System Administration
    DevOps Engineering
    Cloud Architecture
    Solution Architecture
    Network Administration
    Cloud Engineering
    Google Cloud Platform
    Cloud Computing
    Cloud Security
    Amazon Web Services
    Microsoft Azure
    Network Security
    Information Security
  • $20 hourly
    I am a CEH professional certified by the EC council and have been awarded as Cyber Security Mentor by EC council. I have more than eight years of experience in the Security domain. I have experience in information security, Penetration Testing, and Vulnerability assessment. I help organizations identify and meet their security goals through security assessments like: - Penetration Testing - Vulnerability Assessment - Policies and Procedures Assessment - Security Compliance Services - Risk Assessment - Social Engineering I can reveal all known and unknown vulnerabilities within your website/web application. I can find 0-day vulnerabilities, and I can help you fix them with the best and most efficient practice. Thanks! Regards Arvind N
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Website Security
    Cloud Security
    Security Operation Center
    Ethical Hacking
    Python
    Internet Security
    Network Penetration Testing
    Web App Penetration Testing
    Security Analysis
    Information Security
    Application Security
    Network Security
    Penetration Testing
    Vulnerability Assessment
  • $130 hourly
    Experience Cybersecurity and Compliance professional helping small size businesses build secure environments. With a proven record of developing best practice security programs and innovative solutions while realizing increased efficiency and cost savings. I have helped many companies build out their Information Security Programs, achieve compliance with standards like FedRAMP, FISMA, NIST 800-171, CIS Top 20, SOC 2. Additionally, I provide consulting services for compliance initiatives, IT security designs and architecture for business adopting new technologies. AWS Solutions Architect Associate Certified Information Systems Security (CISSP) Professional Security +
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    FedRAMP
    Security Analysis
    Security Infrastructure
    ISO 27001
    AWS Application
    Cloud Security Framework
    IT Compliance Audit
    Cloud Computing
    Federal Information Security Management Act of 2002
    Information Security
    Application Security
    Vulnerability Assessment
  • $60 hourly
    Hi, my name is Martin and I've been a principal penetration tester since 2011. Over the years, I've worked on a range of projects across Europe, East Asia, the Middle East, and the UK, serving clients from start-ups to global high street names. My focus is on providing a wide range of penetration testing services, including infrastructure, web and mobile applications, APIs, and cloud security assessments. One of the things that sets me apart from other penetration testers is my approach to the work. I've spent years mastering my craft, staying up-to-date with the latest technologies and techniques, and honing my skills. When I take on a project, I bring all of this knowledge and experience to bear, quickly identifying and exploiting vulnerabilities to provide my clients with the information they need to improve their security posture. In addition to my technical expertise, I'm also an excellent communicator. I understand that many of my clients are not technical experts themselves, so I'm always happy to explain complex technical concepts in simple, easy-to-understand language. I work closely with my clients to understand their needs and provide tailored solutions that meet their specific requirements. When it comes to deliverables, I take great pride in producing detailed reports and other materials that provide clear, concise information about the results of my testing. I know that my clients rely on this information to make important decisions about their security, so I always ensure that my reports are accurate, thorough, and actionable. Overall, I'm proud of the work I do as a principal penetration tester, and I'm committed to helping my clients stay safe and secure in an increasingly complex digital landscape. If you need infrastructure testing, web and mobile application testing, or cloud security assessments, please don't hesitate to get in touch – I'd be happy to discuss how I can help. Experience and expertise within the following disciplines: • Web Application Penetration Testing • Mobile Applications Penetration Testing • API Penetration Testing (REST, SOAP, GraphQL) • Thick Client Application Penetration Testing • External Infrastructure Penetration Testing • Internal Infrastructure Penetration Testing • Server Build Reviews • Workstation Build Reviews • Mobile Device and MDM Testing • Network Device Security Reviews • IoT Security • Embedded Hardware • Simulated Phishing • Wireless Assessments • Red Team Assessments • AWS Configuration Reviews • Azure Configuration Reviews • Office365 Configuration Reviews
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Web App Penetration Testing
    Website Security
    Ethical Hacking
    Certified Information Systems Security Professional
    WordPress
    Security Assessment & Testing
    Cloud Security
    Security Testing
    Vulnerability Assessment
    Web Application Security
    Security Analysis
    Penetration Testing
    Security Infrastructure
    Information Security
    Cybersecurity Management
  • $30 hourly
    With a degree in Computer Engineering and a passion for writing, my experience spans across writing whitepapers, blogs, research reports, content for websites, thesis for academic submissions, sales pitch, business proposals and more. I am highly organized and schedule my time to get things accomplished accordingly. I am detail-oriented and an excellent researcher. I can be entrusted with big projects as I prefer to complete my work before deadlines giving you ample time to review my work and provide feedback. I take pride in my work
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Amazon Web Services
    Robotics
    Editing & Proofreading
    Artificial Intelligence
    Blockchain
    Website Copywriting
    ISO 27001
    Cloud Security
    Information Security
    Disaster Recovery
    Network Security
    Policy Writing
    Technical Writing
    PCI
    Project Risk Management
  • $30 hourly
    Greetings !!! I am a Cyber Security Consultant with over five years of experience in the industry. I hold a Master's degree in Information Security and currently working as a Senior Cyber Security Consultant in a Canadian company, providing GRC consultancy services. My areas of expertise are in ISO27001, SOC2, GDPR, NIST 800-171 compliance, and penetration testing and vulnerability assessment. -------------------SERVICES--------------------------- I provide the following services on Upwork: 1- ISO 27001 - Information Security Management System Consultancy and Implementation. 2- Information Security Internal Audits based on SOC2, ISO 27001, PCI-DSS etc. 3- Creating and reviewing Cyber Security Policies and Procedures based on various security compliance such as ISO27001, NIST 800-171, SOC2, PCI-DSS, and GDPR etc. 4- Cyber security Risk Assessments and Audits based on CIS standards. 5- Penetration Testing and Vulnerability Assessments of Web applications, android applications, API, network security assessments and cloud security assessments. 6- CMMC NIST 800-171 Consultancy and Audits. 7- GRC Consultancy services. -------------------MY JOURNEY--------------------------- As a Consultant, I have done various projects for clients in the field of Penetration Testing, CMMC, PCI-DSS, ISO 27001 and SOC2 compliance. I have also worked as a consultant for a World Bank-funded project to create a Cybersecurity program for the organization based on ISO 27001. Throughout my educational career, I have received merit scholarships during my Master's program. My core skills are in the following areas: - Penetration Testing and Vulnerability Assessment(Web application, Android, API, Networks, Azure Cloud). - Consultancy on ISO 27001, SOC2, GDPR, CMMC, NIST, and other security standards. - SIEM (Azure Sentinel). - Network Traffic Analysis (IDS, IPS, and Firewalls). - Security Assessments based on CIS benchmarks. - Risk Management and Assessment. - Security governance and compliance (ISO 27001, NIST SP 800-53, NIST 800-171, GDPR, SOC2, HIPAA, CIS). - Security Awareness Training Program and Development. -------------------CERTIFICATIONS AND ACHIEVEMENTS--------------------------- I hold the following certifications and achievements: -ISO27001 Lead Auditor. - Certified Ethical Hacker (CEHv9 Hall of Fame Finalist 2021). - IBM Cyber Security Analyst (Professional Certificate by IBM). - GDPR Data Protection Officer Skills, University of Derby. - Burp Suite Mastery (Web Application Security Testing Tool). - Fortinet Network Security Expert, NSE 1. - Fortinet Network Security Expert, NSE 2. - Certified Network Security Specialist. - AWS Security Fundamentals. - Cybersecurity Threat Landscape. - Information Security Incident Handling, Charles Sturt University, Australia. - Hacking Countermeasures, Charles Sturt University, Australia. - CISM Prep. - CISA (Working experience) - Knowledge of CISSP (Working experience) - Knowledge of CHFI (Digital Forensics Investigation coursework) I look forward to chatting more. Kind regards! Cyber Security Consultant, Muhammad Taha.
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Web Application Firewall
    Policy Writing
    Fortinet
    ISO 27017
    SOC 2 Report
    Microsoft Azure
    Certified Information Systems Security Professional
    Information Security Audit
    ISO 27001
    Information Security
    Vulnerability Assessment
    Cybersecurity Management
    Network Security
    Penetration Testing
    Digital Forensics
  • $100 hourly
    I have served in lead SecOps and DevOps architecture and engineering positions for global companies in the technology, finance, healthcare, and education. For the past several years, my primary focus has been within the identity and access management suite. Moreover, I am an experienced Cybersecurity professional helping large organizations build upon their secure environments. This involved reviewing the information security program, achieve compliance and security standards, and aligning the IT strategies to business objectives byways of building an IT architecture and adopting new technologies I have worked for companies innovating in a wide range of technology disciplines including enterprise software, SaaS, cloud computing, information security, and big data and analytics Identity & Access Management (IAM) Products: Active Directory, Oracle Identity management suite (OIM, OID, OAM, OIA, OVD), Forgerock suite (OpenAM, OpenIDM, OpenDJ), GSuite IAM protocols/standards SAML, OpenID, OAuth CAS Operating Systems: MacOS, RedHat (RHEL), CentOS, Ubuntu, Windows 7/8/10, Windows Server 2003 - 2016 Professional Qualifications: BSc(Hons), CISSP, CISM, MCP, MCTS, MCITP, SCSAS, SCMA, OPNCS, OCJA, ITIL, CompTIA Security+ and CompTIA Network+.
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    ISO 27001
    Google Workspace Administration
    Python
    Single Sign-On
    Core Java
    Google Workspace
    Certified Information Systems Security Professional
    Information Security
    Application Security
  • $75 hourly
    Since 2014 I work professionally as a Pen Tester/Security Researcher. Between 2008-2013, prior switching full time to info sec, I've worked as a Programmer (C/C++, PHP, Java, node.js) and DevOps (AWS-based environments). Currently I work under my own brand (Z-Labs) delivering Penetration Testing / Adversary Simulation Exercises services to clients around the globe. I pride myself on: 1. Offering high quality penetration testing services conducted in safe and controlled manner by certified Security Expert (Since 2014 I'm CISSP, since 2016 I'm OSCP and since 2017 I hold SANS GXPN certification). 2. Putting emphasis on advanced manual attack techniques and on adherence to industry-wide standards and methodologies: OWASP TOP 10, OWASP ASVS, OSSTMM and PTES during the testing. 3. Delivering actionable and professionally written reports (ready to be shared with your stakeholders at all levels). 4. Possessing advanced R&D capabilities Offered Services: 1. Network Penetration Testing / Adversary Simulation Exercises 2. Web Application Penetration Testing 3. Cloud Security Assessments 4. C/C++ source code audits and vulnerability research Offered Solutions: 5. Continuous, Expert-assisted Vulnerability Assessment
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Compliance Consultation
    Certified Information Systems Security Professional
    Web Application Security
    Cloud Security
    Network Penetration Testing
    Web App Penetration Testing
    Security Infrastructure
    Cloud Security Framework
    ISO 27001
    IT Compliance Audit
    Penetration Testing
    Information Security
    Security Assessment & Testing
    Vulnerability Assessment
    Cybersecurity Management
  • $165 hourly
    I am an accomplished and experienced Cyber Security Engineer, CISO, and consultant with over 20 years experience in government, commercial, non-profit and private organizations. I'm a Certified Information Systems Security Professional (CISSP) and CMMC Registered Practitioner. My education includes a Master's degree in Information Assurance and Security specializing in Digital Forensics, a Bachelor's Degree in Information Technology, and daily, hands-on work governing, securing and administering complex information technology environments. My current efforts include cybersecurity compliance implementations for regulated industries and government contractors including the NIST Cybersecurity Framework, Risk Management Framework, NIST SP 800-171, and Cybersecurity Maturity Model Certification (CMMC). For those not bound to other regulatory guidelines, I assist with implementation of the Center for Internet Security (CIS) Critical Security Controls and the CIS Risk Assessment Method. I assist with expert advice, gap assessments, requirements and implementation reviews. I help develop and refine cybersecurity documentation including System Security Plans, POA&Ms, and Policies and procedures. I will share national background check results for qualified opportunities.
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Gap Analysis
    Vulnerability Assessment
    Cybersecurity Monitoring
    Amazon Web Services
    Governance, Risk Management & Compliance
    Security Engineering
    Cloud Security
    Security Policies & Procedures Documentation
    Information Security Awareness
    Cybersecurity Management
    Network Security
    Certified Information Systems Security Professional
    Information Security
  • $60 hourly
    ISO 27001 Lead Auditor - Information Security, Cybersecurity And Privacy Protection - Information Security Management Systems ISO 22301 Lead Auditor - Business continuity management systems ISO 20000-1 Lead Auditor - Information technology — Service management CISSP – Certified Information Systems Security Professional, Member ID 315620 CCSP - Certified Cloud Security Professional CIPP/E - Certified Information Privacy Professional / Europe Certified Cloud Security Professional (CCSP) Cisco CCIE#20329 EC-Council Disaster Recovery Professional v3 ITIL V3 Foundation Certificate PMP - Project Management Professional, No.1354925 Author/Instructor of the IPv6 Forum Certified Course (Gold): “IPv6 Theory and Practice (IPv6TP) v1.0” Customized IP Training Training documentation preparation Network design, implementation and troubleshooting maintenance 32 years of experience as field engineer, team leader and project manager
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    ITIL
    Cisco Certified Internetwork Expert
    Certified Information Systems Security Professional
    Cisco Certified Design Professional
    Project Management Professional
  • $39 hourly
    I am OSCP Certified with 7+ years of professional experience in different pentesting and red teaming trade crafts. Challenges make me work more efficiently. What is a better challenge than doing penetration testing in which knowledge and experience are the main factors to successfully finding a way inside Targets? - Manual testing approaches with real-impact vulnerabilities - Exposure to multinational companies and Swiss banks - Industry-renowned certifications (OSCP - eWPTXv2 - CMSE - CPTE - CEI - CCNA) - "Find my way in" mentality therefore 80% of projects end up in successful breaches Key Skills for Pentesting Jobs ---------------------------------- Web Applications Pentesting Network Pentesting REST API/SOAP Pentesting Mobile Applications Pentesting Desktop Applications Pentesting Source Code Reviews Active Directory Assessment Key Skills for Offensive Jobs --------------------------------- Email Phishing (Maldoc or stats based) Social Engineering Assume Breach Scenarios MITRE ATT&CK framework Simulations Tactics, Techniques, and Procedures Testing against patched Infra Malware Development
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Black Box Testing
    Information Security
    Vulnerability Assessment
    System Security
    Application Security
    Network Security
    Information Security Consultation
    Cloud Security
    Penetration Testing
    Web App Penetration Testing
    Network Penetration Testing
    Web Application Security
    Ethical Hacking
    Security Testing
    Mobile App Testing
  • $30 hourly
    🔷 Top Rated Plus Freelancer. 🔷 Listed among the Top 3% Freelancer on Upwork. 🔷 100% Job Success Rate. 🔷 10+ Years of Diverse Experience in Test Automation, QA, Performance & Pen Testing. ✉️ 𝗗𝗿𝗼𝗽 𝗺𝗲 𝗮 𝗺𝗲𝘀𝘀𝗮𝗴𝗲 𝗼𝗿 𝘀𝗲𝗻𝗱 𝗺𝗲 𝗮𝗻 𝗶𝗻𝘃𝗶𝘁𝗲 𝘁𝗼 𝘀𝘁𝗮𝗿𝘁 𝐫𝐨𝐥𝐥𝐢𝐧𝐠 𝐀𝐫𝐞𝐚 𝐨𝐟 𝐦𝐲 𝐞𝐱𝐩𝐞𝐫𝐭𝐢𝐬𝐞: - Mobile Automation. - API Automation. - Web Application Automation. - Performance Testing. - PenTesting. - Manual QA Testing. 𝐀𝐮𝐭𝐨𝐦𝐚𝐭𝐢𝐨𝐧 𝐓𝐞𝐬𝐭𝐢𝐧𝐠 𝐓𝐨𝐨𝐥𝐬: - Selenium Webdriver - Appium - Espresso - Cypress - Protractor - XCUITEST 𝐀𝐏𝐈 & 𝐏𝐞𝐫𝐟𝐨𝐫𝐦𝐚𝐧𝐜𝐞 𝐓𝐞𝐬𝐭𝐢𝐧𝐠 𝐓𝐨𝐨𝐥𝐬: - Postman - Jmeter - Rest Assured - Ready API - LoadRunner - BlazeMeter
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    Java
    Testing
    QA Testing
    Appium
    Python
    Cypress
    Performance Testing
    Security Analysis
    Apache JMeter
    Penetration Testing
    DevOps
    Jenkins
    Selenium WebDriver
    API Testing
  • $215 hourly
    My mission is to help organizations implement security, privacy, and compliance in a way that helps them grow, expand and win new business. Trust is an essential part of expanding and winning new deals. Security, privacy, and compliance practices help you to win that trust from your prospects and customers. I can help you earn and maintain that trust. I focus on emerging organizations such as startups and small/medium businesses looking to mature with security and compliance in mind. My goal is to empower all organizations to employ security best practices - not just those with the biggest budgets. I want to be a strategic partner, meaning that I can help you balance security risks against your business goals. Together, we'll develop a roadmap that supports winning new clients, maintaining your reputation, and sustaining legal, contractual and/or regulatory compliance. Some of the ways I help do this include: - Helping to complete security and compliance questionnaires - Developing policies and other security documentation - Performing risk assessments of your business, so we can determine what security issues matter most to you - Helping your internal teams implement security best practices in systems including but not limited to Amazon Web Services (AWS), Microsoft Azure, Google Workspaces, Google Cloud Platform (GCP), and others - Conducting training for you and your team - Helping you prepare for and get through audit and certification activities including but not limited to CMMC, ISO 27001, ISO 27701, SOC1, SOC2, PCI, NIST and more - Acting as a Virtual CISO, a part-time resource in your company devoted to security, policy and compliance Need help? Let's talk!
    vsuc_fltilesrefresh_TrophyIcon Certified Information Systems Security Professional (CISSP)
    IT Compliance Audit
    PCI DSS
    Data Protection
    Information Security Governance
    Data Privacy
    Internet Security
    Security Engineering
    Security Analysis
    Security Infrastructure
    Certified Information Systems Security Professional
    Information Security
    Cybersecurity Management
    Security Testing
    Security Policies & Procedures Documentation
    Network Security
  • Want to browse more freelancers?
    Sign up

How it works

1. Post a job (it’s free)

Tell us what you need. Provide as many details as possible, but don’t worry about getting it perfect.

2. Talent comes to you

Get qualified proposals within 24 hours, and meet the candidates you’re excited about. Hire as soon as you’re ready.

3. Collaborate easily

Use Upwork to chat or video call, share files, and track project progress right from the app.

4. Payment simplified

Receive invoices and make payments through Upwork. Only pay for work you authorize.

Trusted by

How to Hire Top Certified Information Systems Security Professional (CISSP)

What is a CISSP?

A CISSP is an independent information security specialist who is certified by the International Information System Security Certification Consortium (ISC)². A CISSP offers a minimum of five years of direct, full-time security work experience in at least two of the (ISC)² information security domains and can be found via Upwork.

How do you hire a CISSP?

You can source CISSP talent on Upwork by following these three steps:

  • Write a project description. You’ll want to determine your scope of work and the skills and requirements you are looking for in a CISSP.
  • Post it on Upwork. Once you’ve written a project description, post it to Upwork. Simply follow the prompts to help you input the information you collected to scope out your project.
  • Shortlist and interview a CISSP. Once the proposals start coming in, create a shortlist of the professionals you want to interview. 

Of these three steps, your project description is where you will determine your scope of work and the specific type of CISSP you need to complete your project.

How much does it cost to hire a CISSP?

Rates can vary due to many factors, including expertise and experience, location, and market conditions.

  • An experienced CISSP may command higher fees but also work faster, have more-specialized areas of expertise, and deliver higher-quality work.
  • A contractor who is still in the process of building a client base may price their CISSP services more competitively. 

Which one is right for you will depend on the specifics of your project. 

How do you write a CISSP job post?

Your job post is your chance to describe your project scope, budget, and talent needs. Although you don’t need a full job description as you would when hiring an employee, aim to provide enough detail for a contractor to know if they’re the right fit for the project.

Job post title

Create a simple title that describes exactly what you’re looking for. The idea is to target the keywords that your ideal candidate is likely to type into a job search bar to find your project. Here are some sample CISSP job post titles:

  • Senior security administrator needed for FinTech company
  • Certified security specialist wanted to oversee company’s risk management efforts
  • Network security specialist needed to lead our security architecture program

Project description

An effective CISSP job post should include: 

  • Scope of work: From software development to overseeing risk management, list all the deliverables you’ll need. 
  • Project length: Your job post should indicate whether this is a smaller or larger project. 
  • Background: If you prefer experience with certain industries, certifications, or environments, mention this here. 
  • Budget: Set a budget and note your preference for hourly rates vs. fixed-price contracts.

CISSP job responsibilities

Here are some examples of CISSP job responsibilities:

  • Develop and manage company’s security operations
  • Establish security governance and risk management for Fortune 1000 company
  • Oversee company’s business continuity and disaster recovery planning

CISSP job requirements and qualifications

Be sure to include any requirements and qualifications you’re looking for in CISSP. Here are some examples:

  • Bachelor’s degree in IT or IS
  • Minimum three years overseeing corporate risk management program
  • Understanding of all required certifications for department security staff
View less
Schedule a call