Hire the Best Cloud Security Framework Specialists in California

More than 3,000 reviews on G2
Rating is 4.5 out of 5.
4.5/5
of Upwork by G2 peer reviewers
Aamir T.

Oakley, California

$40/hr
4.2
53 jobs

Organizations don't fail because they lack technology. They fail because security weaknesses remain undiscovered until attackers exploit them. ๐‘จ๐’“๐’† ๐’š๐’๐’– ๐’๐’๐’๐’Œ๐’Š๐’๐’ˆ ๐’‡๐’๐’“ ๐’‚ ๐’„๐’š๐’ƒ๐’†๐’“๐’”๐’†๐’„๐’–๐’“๐’Š๐’•๐’š ๐’‘๐’“๐’๐’‡๐’†๐’”๐’”๐’Š๐’๐’๐’‚๐’ ๐’˜๐’‰๐’ ๐’„๐’‚๐’ ๐’Š๐’…๐’†๐’๐’•๐’Š๐’‡๐’š ๐’”๐’†๐’„๐’–๐’“๐’Š๐’•๐’š ๐’“๐’Š๐’”๐’Œ๐’”, ๐’”๐’•๐’“๐’†๐’๐’ˆ๐’•๐’‰๐’†๐’ ๐’š๐’๐’–๐’“ ๐’Š๐’๐’‡๐’“๐’‚๐’”๐’•๐’“๐’–๐’„๐’•๐’–๐’“๐’†, ๐’Š๐’Ž๐’‘๐’“๐’๐’—๐’† ๐’„๐’๐’Ž๐’‘๐’๐’Š๐’‚๐’๐’„๐’† ๐’‘๐’๐’”๐’•๐’–๐’“๐’†, ๐’‚๐’๐’… ๐’”๐’†๐’„๐’–๐’“๐’† ๐’š๐’๐’–๐’“ ๐’„๐’๐’๐’–๐’… ๐’†๐’๐’—๐’Š๐’“๐’๐’๐’Ž๐’†๐’๐’•๐’” ๐’ƒ๐’†๐’‡๐’๐’“๐’† ๐’‚๐’•๐’•๐’‚๐’„๐’Œ๐’†๐’“๐’” ๐’‡๐’Š๐’๐’… ๐’—๐’–๐’๐’๐’†๐’“๐’‚๐’ƒ๐’Š๐’๐’Š๐’•๐’Š๐’†๐’”? I help startups, enterprises, and government organizations build secure, compliant, and resilient environments. ๐‘พ๐’Š๐’•๐’‰ 15+ ๐’š๐’†๐’‚๐’“๐’” ๐’๐’‡ ๐’‰๐’‚๐’๐’…๐’”-๐’๐’ ๐’†๐’™๐’‘๐’†๐’“๐’Š๐’†๐’๐’„๐’† ๐’Š๐’ ๐’„๐’š๐’ƒ๐’†๐’“๐’”๐’†๐’„๐’–๐’“๐’Š๐’•๐’š, ๐’Š๐’๐’‡๐’๐’“๐’Ž๐’‚๐’•๐’Š๐’๐’ ๐’”๐’†๐’„๐’–๐’“๐’Š๐’•๐’š, ๐’”๐’š๐’”๐’•๐’†๐’Ž ๐’‚๐’…๐’Ž๐’Š๐’๐’Š๐’”๐’•๐’“๐’‚๐’•๐’Š๐’๐’, ๐’„๐’๐’๐’–๐’… ๐’”๐’†๐’„๐’–๐’“๐’Š๐’•๐’š, ๐’„๐’๐’Ž๐’‘๐’๐’Š๐’‚๐’๐’„๐’†, ๐’‚๐’๐’… ๐‘ซ๐’†๐’—๐‘บ๐’†๐’„๐‘ถ๐’‘๐’”, ๐‘ฐ ๐’…๐’†๐’๐’Š๐’—๐’†๐’“ ๐’‘๐’“๐’‚๐’„๐’•๐’Š๐’„๐’‚๐’ ๐’”๐’†๐’„๐’–๐’“๐’Š๐’•๐’š ๐’”๐’๐’๐’–๐’•๐’Š๐’๐’๐’” ๐’•๐’‰๐’‚๐’• ๐’“๐’†๐’…๐’–๐’„๐’† ๐’“๐’Š๐’”๐’Œ ๐’‚๐’๐’… ๐’”๐’–๐’‘๐’‘๐’๐’“๐’• ๐’ƒ๐’–๐’”๐’Š๐’๐’†๐’”๐’” ๐’ˆ๐’“๐’๐’˜๐’•๐’‰. I do not provide generic recommendations or automated scan reports. I deliver actionable security insights, practical remediation strategies, and measurable improvements that directly support business objectives. ๐–๐ก๐ž๐ง ๐œ๐ฅ๐ข๐ž๐ง๐ญ๐ฌ ๐ž๐ง๐ ๐š๐ ๐ž ๐ฆ๐ž, ๐ญ๐ก๐ž๐ฒ ๐ ๐š๐ข๐ง ๐š ๐ฌ๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐ฉ๐š๐ซ๐ญ๐ง๐ž๐ซ ๐œ๐š๐ฉ๐š๐›๐ฅ๐ž ๐จ๐Ÿ ๐ฎ๐ง๐๐ž๐ซ๐ฌ๐ญ๐š๐ง๐๐ข๐ง๐  ๐›๐จ๐ญ๐ก ๐ญ๐ž๐œ๐ก๐ง๐ข๐œ๐š๐ฅ ๐œ๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ ๐š๐ง๐ ๐›๐ฎ๐ฌ๐ข๐ง๐ž๐ฌ๐ฌ ๐ซ๐ž๐ช๐ฎ๐ข๐ซ๐ž๐ฆ๐ž๐ง๐ญ๐ฌ. ๐Ÿ’ผ ๐„๐ฑ๐ฉ๐ž๐ซ๐ญ๐ข๐ฌ๐ž: โœ” Penetration Testing (Web, API, Network, Cloud) โœ” Vulnerability Assessment & Risk Management โœ” ISO 27001, SOC 2, NIST & Security Compliance โœ” Cloud Security (AWS & Azure) โœ” DevSecOps & CI/CD Security โœ” Identity & Access Management (IAM) โœ” Windows & Linux System Administration โœ” Security Architecture & Infrastructure Hardening โœ” SIEM, Security Monitoring & Incident Response ๐Ÿ› ๏ธ ๐–๐ก๐š๐ญ ๐ˆ ๐ƒ๐ž๐ฅ๐ข๐ฏ๐ž๐ซ ๐Ÿ”น Comprehensive Security Assessments ๐Ÿ”น Actionable Remediation Recommendations ๐Ÿ”น Compliance Gap Analysis & Readiness Support ๐Ÿ”น Cloud & Infrastructure Security Reviews ๐Ÿ”น Secure DevOps Implementation ๐Ÿ”น Security Policies, Standards & Procedures ๐Ÿ”น Risk Reduction & Security Improvement Strategies โญ ๐–๐ก๐ฒ ๐–๐จ๐ซ๐ค ๐–๐ข๐ญ๐ก ๐Œ๐ž? โœ” 15+ Years of Proven Cybersecurity Experience โœ” Expertise Across Security, Compliance, Infrastructure, and Cloud โœ” Business-Focused Security Solutions โœ” Strong Technical and Strategic Leadership โœ” Deep Understanding of Modern Threat Landscapes โœ” Clear Communication and Executive-Level Reporting โœ” Trusted Advisor for Long-Term Security Initiatives โœ” Hands-On Experience with Complex Security Environments Cybersecurity is no longer optional. A single vulnerability, misconfiguration, or compliance failure can lead to financial loss, operational disruption, regulatory penalties, and reputational damage. ๐‘ฐ ๐’…๐’๐’'๐’• ๐’‹๐’–๐’”๐’• ๐’Š๐’…๐’†๐’๐’•๐’Š๐’‡๐’š ๐’—๐’–๐’๐’๐’†๐’“๐’‚๐’ƒ๐’Š๐’๐’Š๐’•๐’Š๐’†๐’”, ๐‘ฐ ๐’‰๐’†๐’๐’‘ ๐’๐’“๐’ˆ๐’‚๐’๐’Š๐’›๐’‚๐’•๐’Š๐’๐’๐’” ๐’†๐’๐’Š๐’Ž๐’Š๐’๐’‚๐’•๐’† ๐’“๐’Š๐’”๐’Œ๐’”, ๐’”๐’•๐’“๐’†๐’๐’ˆ๐’•๐’‰๐’†๐’ ๐’…๐’†๐’‡๐’†๐’๐’”๐’†๐’”, ๐’‚๐’๐’… ๐’ƒ๐’–๐’Š๐’๐’… ๐’”๐’†๐’„๐’–๐’“๐’Š๐’•๐’š ๐’‘๐’“๐’๐’ˆ๐’“๐’‚๐’Ž๐’” ๐’•๐’‰๐’‚๐’• ๐’”๐’–๐’‘๐’‘๐’๐’“๐’• ๐’ƒ๐’–๐’”๐’Š๐’๐’†๐’”๐’” ๐’ˆ๐’“๐’๐’˜๐’•๐’‰. ๐ˆ๐Ÿ ๐ฒ๐จ๐ฎ'๐ซ๐ž ๐ฅ๐จ๐จ๐ค๐ข๐ง๐  ๐Ÿ๐จ๐ซ ๐š ๐œ๐ฒ๐›๐ž๐ซ๐ฌ๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐ฉ๐ซ๐จ๐Ÿ๐ž๐ฌ๐ฌ๐ข๐จ๐ง๐š๐ฅ ๐ฐ๐ก๐จ ๐œ๐จ๐ฆ๐›๐ข๐ง๐ž๐ฌ ๐๐ž๐ž๐ฉ ๐ญ๐ž๐œ๐ก๐ง๐ข๐œ๐š๐ฅ ๐ž๐ฑ๐ฉ๐ž๐ซ๐ญ๐ข๐ฌ๐ž with a business-focused approach, let's discuss how I can help secure your environment. Connect with me today! ๐ŸŒ #CyberSecurity #InformationSecurity #Pentest #Compliance # DevOps #System Administration #IAM #GRC #CloudSecurity #SecurityOps #NIST #GuardianOfYourData #Cybersecurity #EthicalHacking #InformationSecurity

  • Cloud Security
  • Information Security
  • Penetration Testing
  • Network Security
  • Cloud Testing
  • Threat Detection
  • Microsoft Azure
  • Compliance
  • SOC 2
  • Linux System Administration
  • Vulnerability Assessment
  • DevOps
  • ISO 27001
  • Risk Assessment
  • Incident Response Plan
  • Google Workspace Administration
  • Data Analysis
  • Encryption
  • Investigative Reporting
  • Information Security Audit
Munish G.

Sunnyvale, California

$195/hr
5.0
55 jobs

Google-Grade Reliability for Your Cloud Infrastructure. GCP 10x Certified, AWS 1x Certified, Databricks 1X certified Senior Infrastructure Architect and former Google SRE (11 years) and Oracle Engineer with over 25 years of experience managing global-scale production environments. If you are looking for a "pair of hands" to write scripts, there are many options. If you are looking for an Owner-Architect to design, secure, and scale your business-critical infrastructure with zero-risk execution, letโ€™s talk. With 10x GCP Professional Certifications, I specialize in taking complex, high-traffic ecosystems and making them resilient, cost-effective, and simple to manage. Expertise Across the Stack: Cloud Architecture: Expert-level design and migration across GCP, AWS, and Hybrid Cloud. DevOps & SRE: Implementing "True SRE" principlesโ€”SLOs, error budgets, and automated toil reduction. Infrastructure as Code (IaC): Building reproducible, version-controlled environments using Terraform, Helm, Ansible, and Packer. Kubernetes & Orchestration: Deep experience with GKE, EKS, and self-managed clusters (Rancher). Security & Compliance: Hardening infrastructure via VPC Service Controls, Zero-Trust IAM, and automated security pipelines. CI/CD Optimization: Streamlining delivery via Jenkins, GitHub Actions, and Google Cloud Build. Why Work With Me? The "Google" Standard: I apply the same rigor and reliability standards I used at Google to your infrastructure, ensuring 99.9% availability. Cost Efficiency: I specialize in cloud cost optimization, often saving my clients more in monthly cloud spend than the cost of my engagement. Simplicity at Scale: I believe the best architecture is the simplest one that solves the problem. I build systems that your team can actually maintain. Technical Proficiencies: Linux: 20+ years of deep systems-level expertise (RHEL, Debian, Ubuntu). Automation: Puppet, Ansible, Terraform. CI/CD: Jenkins, Artifactory, GitHub, Cloud Build. Containers: Docker, Kubernetes, Container Registry.

  • Cloud Computing
  • Terraform
  • Kubernetes
  • Docker
  • Google Cloud Platform
  • Microsoft Azure
  • Jenkins
  • DevOps
  • Containerization
  • Git
  • CI/CD
  • Amazon Web Services
  • Google Workspace Administration
  • Computing & Networking
  • Security Engineering
Mihai V.

San Diego, California

$75/hr
5.0
5 jobs

I design and build production-grade security systems for companies that need to secure cloud infrastructure, pass audits, and operate in regulated environments. Most teams donโ€™t have a security tool problem. They have an architecture, integration, and execution problem. Thatโ€™s where I come in. What I Do I help startups and enterprise teams move from: โŒ fragmented tools and partial controls โŒ audit delays and failing security reviews โŒ reactive fixes and security debt โ†’ to โœ… engineered, scalable security architecture โœ… audit-ready, continuously compliant environments โœ… automated, integrated security operations Core Expertise Cloud Security & Cryptography โ€ข Multi-cloud security architecture (AWS, Azure, GCP) โ€ข TLS PKI systems with automated certificate lifecycle (IaC + CI/CD) โ€ข Encryption architecture (CMEK, KMS, data masking, data protection) โ€ข Cryptographic hardening aligned with FIPS and modern standards โ€ข DNS security, network isolation, and zero-trust patterns Identity & Access Management โ€ข SSO (SAML, OIDC), enterprise identity federation โ€ข RBAC and least-privilege system design at scale โ€ข SCIM provisioning and identity lifecycle automation โ€ข Integration with enterprise IdPs (PingFederate, Azure AD, Okta) โ€ข Cross-account and multi-environment access control Compliance & Audit Readiness โ€ข SOC 2, ISO 27001, PCI DSS, HIPAA, FedRAMP-aligned environments โ€ข End-to-end delivery: gap assessment โ†’ implementation โ†’ audit support โ€ข Control design, remediation, and evidence automation (Vanta, Drata, custom pipelines) โ€ข Continuous compliance monitoring vs point-in-time audits โ€ข Closing audit findings fast (not just identifying them) Security Engineering & Incident Response โ€ข CI/CD security (SAST, DAST, IaC scanning, secret management) โ€ข Vulnerability management with automated remediation workflows โ€ข Cloud misconfiguration detection (CIS benchmarks, runtime analysis) โ€ข Secure system design across infrastructure and application layers โ€ข Incident response, forensics support, and system hardening AI-Driven Security I donโ€™t just integrate tools โ€” I design security platforms. I have built and architected multi-agent AI-driven cybersecurity systems combining: โ€ข Cloud security analysis (AWS integrations, IAM analysis, misconfiguration detection) โ€ข Offensive security (recon, exploitation, privilege escalation simulation) โ€ข Vulnerability management (SAST, DAST, fuzzing, CI/CD integration) โ€ข SOC automation (SIEM/SOAR integrations, alert enrichment, playbooks) โ€ข Forensics and incident investigation workflows โ€ข Compliance reporting mapped to frameworks (SOC 2, ISO 27001, PCI, HIPAA) Key capabilities: โ€ข Multi-agent orchestration and communication โ€ข Automated remediation workflows โ€ข MITRE ATT&CK mapping and executive reporting โ€ข API-driven integrations across security tooling ecosystem โ€ข Role-based access for security, DevOps, and compliance teams This enables: โ†’ Continuous security instead of periodic assessments โ†’ 80% reduction in manual security effort โ†’ Faster audit readiness and real-time visibility How I Work โ€ข Engineering-first โ€” I build and implement, not just advise โ€ข Work directly in production systems (cloud, identity, pipelines) โ€ข Design for real audit constraints, not theoretical compliance โ€ข Fast execution, clear communication, and ownership Typical Clients โ€ข SaaS companies preparing for SOC 2 / ISO 27001 / HIPAA โ€ข Cloud-native platforms handling sensitive or regulated data โ€ข Startups entering enterprise sales with security blockers โ€ข Organizations with fragmented security tools that donโ€™t work together Important Iโ€™m not a fit for checklist-based security or surface-level audits. If you need: โ€ข real security architecture โ€ข working implementations โ€ข systems that pass audits and hold up in production - weโ€™ll work well together.

  • Cloud Security
  • Artificial Intelligence
  • Cybersecurity Tool
  • NIST Cybersecurity Framework
  • FedRAMP
  • PCI DSS
  • Cryptography
  • Information Security Threat Mitigation
  • Software
  • Linux
  • macOS
  • Security Engineering
  • Metasploit
  • Software Architecture
  • Software Architecture & Design
Alec P.

San Diego, California

$100/hr
5.0
6 jobs

๐Ÿš€ 5+ years of Cloud Engineering Experience ๐Ÿš€ Certified Microsoft Azure Solutions Architect Expert ๐Ÿš€ Security+ Certified & Compliance-Driven ๐Ÿš€ On-Prem to Cloud Migration Specialist ๐Ÿš€ Cost Optimization and Automation Expert I'm a passionate Cloud Engineer with 5 years of experience specializing in Azure and AWS. As a Microsoft Certified Azure Solutions Architect Expert, I am committed to building scalable, secure, and future-proof cloud infrastructures. When supporting customers I focus on security, compliance, and cost optimization. Iโ€™ve successfully led 30+ on-prem to cloud migrations and designed robust, secure cloud architectures for businesses ranging from startups to large enterprises. Whether you're looking to migrate, optimize, or automate, I'm here to help you achieve your goals. Key Skills & Expertise: โ—ฝCloud Platforms: Extensive experience with Azure and AWS (IaaS, PaaS, and SaaS). โ—ฝCloud Migration: Skilled in seamless on-prem to cloud migrations with minimal disruption. โ—ฝSecurity & Compliance: Expertise in DoD STIGs, Security+ certified, and ensuring compliance for secure cloud environments. I've worked extensively with DoD security frameworks (RMF, NIST 800-171, NIST 800-53) โ—ฝInfrastructure as Code (IaC): Proficient in Terraform and Packer for automating infrastructure deployment and management. โ—ฝAutomation: Strong focus on automation and cost-saving strategies through tools like Terraform, Azure Automation, and AWS Lambda. โ—ฝKubernetes & Rancher: Hands-on experience with Kubernetes orchestration, specifically with Rancher for container management. โ—ฝNetworking & Architecture: Proven ability to design networks, VPNs, and secure, scalable cloud architectures. โ—ฝTechnical Communication: Skilled at translating complex technical information into easy-to-understand terms for non-technical stakeholders. Notable Achievements: โ—ฝSuccessfully architected and migrated cloud infrastructures for numerous clients, optimizing performance and reducing monthly costs by up to 40%. โ—ฝDesigned automated solutions that reduced manual workload by hundreds of hours across various projects. โ—ฝDeveloped scalable cloud solutions that are secure, future-proof, and compliant with industry standards. Iโ€™m always looking for new opportunities to apply my skills and deliver reliable, cost-effective cloud solutions. If youโ€™re looking for a security-focused, results-driven cloud expert who can help you achieve your business goals, letโ€™s connect!

  • Microsoft Azure
  • Remote IT Management
  • Troubleshooting
  • Security Infrastructure
  • Terraform
  • Network Engineering
  • Virtualization
  • Kubernetes
  • DevOps
  • Cloud Migration
  • Amazon Web Services
Craig C.

San Diego, California

$50/hr
5.0
18 jobs

IT Consultant: Infrastructure Design, Security, and Systems Automation I've provided secure, scalable, and maintainable systems for enterprises, research institutions, and media companies. My focus is on reducing technical debt and hardening infrastructure against modern threats through tailored, professional-grade solutions. I am currently offering competitive introductory rates for new clients to establish long-term partnerships on the platform. Professionally Licensed and Insured. Core Capabilities Systems and Security Windows, Linux, and Unix administration, hardening, firewalls, and VPN integration. Expertise in mail servers (Postfix, Exim, Sendmail), DNS (BIND), and deployment via Ansible. Full CI/CD pipeline management (GitLab, Jenkins) and incident response planning. Web and Applications High-performance configuration for Apache and NGINX, reverse proxies, WordPress, and Drupal. Specializing in seamless patching and performance optimization. Data and Cloud Database administration, ETL pipelines, and analytics workflows. AWS cloud architecture and complex migrations. Specialized Experience * Digital Forensics and Incident Response (DFIR). * High-performance computing (HPC) and scientific research systems. * OEM hardware diagnostics and remote troubleshooting. * Big-data email infrastructure and advertising pipelines. Certifications Active: AWS CCP, Linux+, SecurityX Technical Background: RHCE, MCP, CySA+, AWS Solutions Architect, Fortinet NSE -- UMA Summary follows -- A skilled CyberSecurity Admin specializing in IT security audits, incident response, and network infrastructure optimization. Successfully conducted security assessments for email and website vulnerabilities [1] and implemented DDoS protections for gaming servers [2], showcasing capabilities in threat mitigation and security hardening. Proficient in systems administration, network security, and vulnerability assessments, applying these skills to create secure, scalable solutions for complex environments. Expertise in automation tools, firewall configuration, and database management rounds out their capabilities. Show less Generated by Uma, Upworkโ€™s Mindful AI, from completed jobs Skills used Information Security Audit Network Administration Network Equipment Network Security Vulnerability Assessment

  • Cloud Computing
  • DNS
  • Linux System Administration
  • Information Security
  • Network Security
  • Mail Server Implementation
  • Web Server
  • Database Server
  • Automation Framework
  • Virtualization
  • Incident Response Readiness Assessment
  • WordPress
  • Big Data
  • Hardware Testing
  • Customer Support
  • PostgreSQL
  • Security Infrastructure
  • Amazon EC2
  • MySQL
  • Red Hat Administration
Ani A.

San Bruno, California

$180/hr
5.0
6 jobs

- I am a Staff Security Engineer with expertise in product security, application security, and vulnerability management. - I have over a decade of experience in software development processes and security engineering. - I hold a masterโ€™s degree in Cybersecurity from Georgia Institute of Technology. - Preferred programming/scripting languages: Python, Node.js, and Bash.

  • Cloud Security
  • Compliance
  • Information Security
  • Information Security Threat Mitigation
  • Vulnerability Assessment
  • Threat Detection
  • Application Security
  • Security Engineering
  • Secure SDLC
  • Website Security
  • Information Security Audit
  • NIST Cybersecurity Framework
  • Python Script
  • JavaScript
  • Bash Programming

How it works

Post a job for freePost a job

Tell us what you need. Create your own job post or generate one with AI then filter talent matches.

Hire top talent fast

Consult, interview, and hire quickly, so you can meet the freelancers you're excited about.

Collaborate easily

Use Upwork to chat or video call, share files, and track project progress right from the app.

Payment simplified

Manage payments in one place with flexible billing options. Only pay for approved work, hourly or by milestone.

Don't just take our word for it

How do I hire a Cloud Security Framework Specialist in California on Upwork?

You can hire a Cloud Security Framework Specialist in California on Upwork in four simple steps:

  • Create a job post tailored to your Cloud Security Framework Specialist project scope. We'll walk you through the process step by step.
  • Browse top Cloud Security Framework Specialist talent on Upwork and invite them to your project.
  • Once the proposals start flowing in, create a shortlist of top Cloud Security Framework Specialist profiles and interview.
  • Hire the right Cloud Security Framework Specialist for your project from Upwork, the world's largest work marketplace.

At Upwork, we believe talent staffing should be easy.

How much does it cost to hire a Cloud Security Framework Specialist?

Rates charged by Cloud Security Framework Specialists on Upwork can vary with a number of factors including experience, location, and market conditions. See hourly rates for in-demand skills on Upwork.

Why hire a Cloud Security Framework Specialist in California on Upwork?

As the world's work marketplace, we connect highly-skilled freelance Cloud Security Framework Specialists and businesses and help them build trusted, long-term relationships so they can achieve more together. Let us help you build the dream Cloud Security Framework Specialist team you need to succeed.

Can I hire a Cloud Security Framework Specialist in California within 24 hours on Upwork?

Depending on availability and the quality of your job post, it's entirely possible to sign up for Upwork and receive Cloud Security Framework Specialist proposals within 24 hours of posting a job description.