Hire the Best CyberARK Professionals

Most companies don't discover their M365 security gaps until after a breach - or a compliance audit. I've supported and secured enterprise environments spanning healthcare and financial services - including a 16,000+ user financial institution and a 12,000+ user healthcare organization - where security failures have real business consequences. I'm a Microsoft 365 and IAM Security Engineer with 6+ years of hands-on enterprise experience across cloud and on-premises environments. My work focuses on identity security, endpoint management, secure mobile access, and compliance-aligned Office 365 architecture. I don't just secure environments - I build scalable systems that improve operational efficiency, strengthen access governance, and support modern remote and BYOD workforces without sacrificing usability. What I do: 🔐 Identity & Access Management → Okta SSO/MFA integrated with Active Directory (12K+ users) → Okta application onboarding, SAML/OIDC SSO, and group-based access across 70+ enterprise apps → Automated joiner/mover/leaver (JML) provisioning via Okta group rules and Power Automate → CyberArk PAM - privileged account onboarding/offboarding and vault management → Microsoft Entra ID (Azure AD) - Conditional Access, RBAC, MFA, and SSPR → Azure Virtual Desktop (AVD) secure contractor workspace configuration → Windows Hello for Business and biometric authentication policies ☁️ Microsoft 365 & Office 365 Security and Endpoint Management → Microsoft Intune deployment and endpoint management → Conditional Access and BYOD security architecture → App Protection Policies (MAM) for Outlook, Teams, OneDrive, and SharePoint → Secure mobile access configuration balancing security and usability → Multi-domain Office 365 and M365 tenant administration → SharePoint Online, Teams, OneDrive, and Exchange Online administration → Microsoft Purview - DLP policies and eDiscovery → Windows Server administration and system configuration 🛡️ Infrastructure Security & Hardening → CIS Benchmarks and DISA STIG implementation on servers and workstations → GPO strategy design for security baselines and application control → Qualys Vulnerability Management - threat detection and remediation cycles → HIPS deployment, upgrade, and migration → Active Directory and Windows Server administration and PowerShell automation → Microsoft Exchange Server administration and migration support ⚙️ Power Automate & Business Process Automation → End-to-end HR automation - offer letters, contracts, and onboarding workflows → Contract generation triggered via SharePoint and Power Platform → Power Automate + Make integration for cross-platform workflows → License expiry tracking with automated notifications → IT operational workflow automation via Teams and Email integrations 📋 Compliance & Security Operations → CIS-aligned security documentation and SOX IT controls support → Technical risk assessments and compliance gap reporting → SIEM log triage, threat correlation, and incident support → Secure access governance for distributed and offshore teams I've administered multi-domain Active Directory and Windows Server environments, automated bulk AD operations via PowerShell, and resolved complex LDAP and replication issues in production enterprise environments. I've also supported a full enterprise identity provider migration from CyberArk to Okta, covering per-application SSO verification, authentication policy review, and automated provisioning design. Whether you need IAM architecture, Microsoft 365 security hardening, Intune deployment, Conditional Access architecture, Office 365 administration, or secure BYOD/mobile workforce management - I deliver structured, documented solutions built for real-world business and compliance requirements. 📩 Message me with your project or security challenge. I typically respond within a few hours and offer a free 20-minute scoping call for new clients.

"Stay prepared to avoid regret" Strengthen Your Cyber Defenses with an Experienced SOC Analyst & Cybersecurity Professional With 4+ years of professional experience as a SOC Analyst and Cybersecurity Specialist, I help organizations detect, investigate, and respond to cyber threats before they impact business operations. I specialize in SIEM implementation, SOC operations, security monitoring, threat detection, and incident response, helping businesses strengthen their security posture through proactive defense strategies. As a SOC Analyst, I have extensive hands-on experience working with SIEM platforms, SOAR automation, threat hunting, and security event analysis to detect malicious activity and respond to security incidents in real time. My Core Expertise ✔️ SIEM Deployment & Management: Deployment, configuration, and administration of LogRhythm, Microsoft Sentinel, CrowdStrike Next Gen SIEM, Splunk, IBM Q Radar and Wazuh SIEM platforms. ✔️ SOC Monitoring & Threat Detection: Real-time security monitoring, threat detection, and incident investigation as a SOC Analyst. ✔️ Office 365 Security Monitoring: Integration of Microsoft Office 365 logs with SIEM for enhanced visibility and threat detection. ✔️ Log Source Integration: Integration, normalization, and tuning of log sources for better security event correlation and threat visibility. ✔️ Custom SIEM Use Cases: Development of custom SIEM detection rules and use cases based on client environments and security requirements. ✔️ Security Automation (SOAR): Implementation of SOAR plugins and automated playbooks for blocking malicious IPs, hashes, and other IOCs. ✔️ Active Directory Security: Managing Active Directory security, log monitoring, and Group Policy Objects (GPOs) for enterprise environments. ✔️ Endpoint Log Collection: Large-scale endpoint log collection from domain-joined machines using GPO and Windows Event Forwarding (Subscription Manager) for SOC monitoring. ✔️ Security Investigation & Forensics: Security event analysis, log correlation, threat investigation, and forensic analysis performed in SOC environments. ✔️ EDR/XDR Deployment: Deployment and monitoring of Endpoint Detection and Response (EDR/XDR) solutions for proactive threat hunting. ✔️ Network Security Tools: Hands-on experience with Fortinet and Sophos firewalls, IDS/IPS, and endpoint protection platforms such as Kaspersky and CrowdStrike. ✔️ Cybersecurity Awareness: Conducting security awareness training to reduce human-related security risks. ✔️ Security Policies & Compliance: Development of security policies, procedures, and governance documentation aligned with industry best practices. Why Choose Me? ✔️ Experienced SOC Analyst with hands-on SIEM and security monitoring expertise ✔️ Proven ability to detect and respond to cyber threats quickly and effectively ✔️ Tailored cybersecurity solutions based on business needs and infrastructure ✔️ Long-term cybersecurity support and cost-effective security strategies ✔️ Available across multiple time zones for continuous security support I am here to help you secure your business, enhance compliance, and mitigate risks. Let’s connect and build a stronger cybersecurity posture!

Security Engineer | Penetration Testing | Bot Mitigation | Incident Response | Application Security I work as a Senior Security Engineer where I deal with large scale security challenges daily, from bot networks and web abuse to vulnerability assessments and incident response on platforms serving millions of users. My background covers the full security lifecycle: Offensive security Vulnerability assessment and penetration testing across web applications, identifying weaknesses before attackers do. Experience with VAPT engagements covering OWASP Top 10, authentication flaws, injection vulnerabilities, and business logic issues. Defensive security Bot mitigation, web abuse detection, WAF configuration, rate limiting, and traffic analysis. I have dealt with everything from credential stuffing and account takeover attempts to large scale scraping operations and store cloning attacks. Risk and compliance Threat modeling, architecture risk assessments, and security reviews helping businesses understand their attack surface and prioritise what to fix first. Incident response Investigating active breaches, tracing attack vectors, containing damage, and hardening systems post incident so it does not happen again. Some specific problems I help businesses solve: Unauthorised account access and breach investigations, bot traffic and automated scraping, fraudulent analytics inflation, store cloning and product theft, credential stuffing, checkout abuse, WAF setup and tuning, and ongoing security monitoring. My approach is practical not theoretical. I start by understanding exactly what is happening before recommending anything. Whether that is analysing traffic patterns, reviewing access logs, or running a proper vulnerability assessment the goal is always targeted solutions that fix the real problem. New to Upwork, not new to security.

TOP RATED Freelancer | 10+ Years of Experience | Your Trusted Compliance Partner 75+ clients served all with 5 * ratings They call me "Mr. Compliance"—and for good reason. While you focus on growing your business, I take care of everything compliance-related, ensuring you meet industry standards and win more deals with confidence. Whether it's SOC 2, ISO 27001, HIPAA, PCI DSS, CMMC, or FedRAMP, I make compliance effortless so you can unlock new opportunities without the hassle. Why Clients Trust Me: - Seamless Compliance: I simplify audits, security assessments, and certifications—no stress, no delays. - Growth-Driven Compliance: Compliance isn’t just a checkbox; it’s a competitive advantage. I help shorten sales cycles by getting you audit-ready fast. - End-to-End Support: From policies to risk assessments, vendor due diligence, and security questionnaires—I handle it all. - vCISO Services: Need expert guidance but not ready for a full-time CISO? I offer affordable virtual CISO (vCISO) solutions tailored to your business. - Security Strategy & TPRM: Managing third-party risks? Struggling with cloud or endpoint security? I’ve got you covered. - Maximizing Compliance Tools: Already using Vanta, Drata, Hyperproof, or Scrut but unsure what’s next? Let’s optimize your investment. Proactive, not reactive. I don’t just tick boxes—I future-proof your security and compliance programs. ** Tools & Frameworks: 🔹 Tools Expertise: JIRA, Vanta, Hyperproof, Drata, ServiceNow, AWS, Confluence, Archer, Scrut Automation 🔹 Compliance Frameworks: ISO 27001, SOC 2, FedRAMP, NIST, HIPAA, PCI-DSS, CMMC, TPRM, and more 📢 Ready to Make Compliance Work for You? Click "Invite" to connect, and let's build a stronger, more secure, and audit-ready business together. ⚠️ Note: If you're not fully committed to compliance or tend to be unresponsive, I may not be the right fit. I prioritize working with businesses serious about security and compliance success.

Hello, I am Deval. I am a Cybersecurity and Data Analytics professional who takes pride in solving problems and delivering real value. I have worked with clients across healthcare, banking, fintech, and retail to secure systems and make sense of complex data. My core expertise lies in cybersecurity. I help businesses set up and secure cloud environments, configure and harden firewalls, deploy SIEM tools like Splunk and AlienVault, and conduct thorough vulnerability assessments using tools such as Nessus, Tenable, and Acunetix. I also support organizations in strengthening their governance and risk posture through GRC implementation, policy development, control assessments, and compliance readiness (ISO 27001, SOC 2, HIPAA, GDPR). Additionally, I facilitate Red Teaming and Table-Top Exercises to help clients evaluate their incident response maturity, lateral movement readiness, IAM hygiene, and organizational resilience. In addition to cybersecurity, I also specialise in data analysis and Power BI reporting. I help clients clean and model their data, design insightful dashboards, and build reports that support day-to-day and strategic decision making. Cybersecurity Services: • SIEM implementation and dashboarding (Splunk, AlienVault, LogRhythm) • Cloud architecture and cloud security (AWS, Azure, GCP) • Firewall setup, configuration, and hardening (Sophos, Palo Alto, SonicWall, Imperva) • Vulnerability assessments and reporting (Nessus, Tenable, Acunetix) • GRC implementation & audit readiness (ISO 27001, SOC2, HIPAA, GDPR) • Red Teaming & Table-Top Exercises (TTX) for SOC, IR, IAM, Cloud, and Network Security • IAM security review (RBAC, least privilege, privileged access, cloud IAM posture) Power BI and Data Services: • Power BI dashboards with custom DAX measures and filters • Data cleaning, transformation, and business-ready modeling • Visual reporting and performance tracking • Excel to Power BI migration and report automation I am committed to delivering high-quality work, clear communication, and solutions that actually work for your business. Client satisfaction is my top priority, and I am happy to provide a proof of concept or initial walkthrough to help you get started. Let us build something impactful together.

With over 5 years of experience as a cybersecurity professional, I help businesses protect their digital assets by identifying, analyzing, and mitigating security threats across networks, applications, and infrastructure. My core expertise includes: Penetration Testing (Web, Mobile, Network) Vulnerability Assessment Information Security Management Compliance Oversight (CMMC Level 2, NIST SP 800-171/800-53, ISO 27001, GDPR, SOC 2) CASA Tier 2 Security Testing I have worked with companies across the US, UK, Germany, and Canada, delivering security solutions that meet rigorous international standards. Security Automation I build custom Security Automation Tools to streamline vulnerability management, threat detection, and compliance reporting helping organizations scale their security posture efficiently. Technical Toolkit Security Tools: Burp Suite, Metasploit, OWASP ZAP, Nessus, Nmap, SonarQube, Bandit, Veracode, Appknox Infrastructure & WAF: Firewall Configuration, Cloudflare, Imperva, Access Control Management, Database Security Programming (for automation & testing): Python, Bash, Node.js, Java, React, Next.js, Nuxt.js Why Clients Choose Me ✅ 5+ Years of Experience ✅ Individual developer no agencies, no handoffs ✅ Support across all time zones (including full EST overlap) ✅ Unlimited revisions ✅ 100% Refund Guarantee if expectations aren't met, no questions asked Let's secure your environment message me to get started.