Hire the best Information Security Analysts in India
Check out Information Security Analysts in India with the skills you need for your next job.
- $40 hourly
- 5.0/5
- (23 jobs)
🔢 As an Upwork Top 1% Expert Vetted 👑 Certified Ethical Hacker and an Experienced Penetration Tester with over 8 years of experience Penetration Testing Web and Mobile based applications and networks, I use my background to break into systems and specialize in helping my clients strengthen their cybersecurity defenses. What makes me stand out from other freelancers is the fact that I am also a Cybersecurity Architect, capable of architecting solutions to enhance the security of your organsiation and preserving the security and integrity of my client's data. I have always been passionate about solving technical problems for my clients through Penetration Testing and I don't rest till I get to the root of the problem and solve it. What I can offer? I can help you secure your business by providing the following services: ✅ Web Application Penetration Testing, ✅ Secure Source Code Analysis, ✅ Mobile Application Penetration Testing, ✅ Network Penetration Testing, ✅ Secure Architecture Review, ✅ API Security Testing, ✅ Secure Configuration Review, ✅ Secure Code Review, ✅ Container Security Assessment, ✅ Red Team Assessment, ✅ Threat Modelling, ✅ Phishing Simulations & Assessment. Why Choose Me? 🧑🏼💼 Client-Centric Approach: Your security is my top priority. I work closely with your team to understand your objectives and deliver tailored services that align with your business goals. Trust and transparency are the cornerstones of my practice, and I am committed to helping you navigate the complex landscape of cybersecurity with confidence and achieve compliance. 📐 Comprehensive Security Assessments: I conduct detailed security evaluations to identify potential vulnerabilities in your network, applications, and infrastructure. ✂️ Tailored Solutions: Every organization is unique. I customize my approach to meet your specific security needs and industry standards. 🎬 Actionable Recommendations: Post-assessment, I provide clear, concise, and practical remediation steps to address identified vulnerabilities. 🔁 Ongoing Support: Cybersecurity is an ongoing process. I offer continuous support and re-assessment to ensure your defenses remain robust against evolving threats 🌏 Holistic Approach: I don't just patch vulnerabilities; I architect comprehensive security solutions that align with business goals. My focus extends beyond the technical to encompass risk management and organizational resilience. 🗨️ Collaborative Communicator: I bridge the gap between technical jargon and business language, fostering understanding across teams. Effective communication is key to successful security implementation. 🏫 Continuous Learning: The threat landscape evolves, and so do I. Whether it's a new attack vector or an emerging technology, count me in. Learning is my superpower. 🙋♂️ Key Skills: ✔️ Penetration Testing & Vulnerability Assessment: I thrive on dissecting systems, identifying weaknesses, and recommending robust solutions. Armed with tools like Kali Linux, Metasploit, Nmap, and Wireshark, I delve into web applications, networks, and APIs. But here's the twist—I don't stop at discovery; I offer a free retest after remediation to ensure vulnerabilities stay sealed. ✔️ Network Security: I've designed and implemented secure network architectures, ensuring data confidentiality, integrity, and availability. Firewalls, intrusion detection systems, and VPNs—my toolkit covers it all. ✔️ Cloud Security: Proficient in securing cloud environments, especially Oracle Cloud Infrastructure (OCI). I stress-test cloud deployments, ensuring they withstand real-world attacks. ✔️ Secure Coding Practices: I advocate for secure coding principles using tools like SonarQube and collaborate with development teams to build resilient applications. Prevention beats cure, every time. ⛏️Tools I Use ☑️ Penetration Testing: Nmap, Metasploit, Burp Suite Professional, Wireshark, SQLmap, Kali Linux ☑️ Programming & Scripting Skills: Python, Bash, PowerShell, JavaScript, Java and C# ☑️ Security Frameworks & Standards: OWASP, NIST, CIA Triad, PCI-DSS 🫱🏽🫲🏽 Let's Connect: Ready to enhance your business/organization's security? Let's chat! Reach out to me here on Upwork, and let's build a safer digital future together. 🟢 Press '...' button and then ‘Send Message’ button in the top right-hand corner ✉️ 🚫 No hacking service - I do not provide any hacking services, and I will not engage in any activities that involve gaining unauthorized access to any accounts, systems, or social media platforms. Requests for such services will be declined.
Information Security
Phishing WebsiteSystem SecurityNetwork SecurityWordPress Malware RemovalWeb Application SecurityApplication SecurityIntrusion Prevention SystemIntrusion DetectionVulnerability AssessmentSecurity Assessment & TestingMalware RemovalSecurity TestingNetwork Penetration TestingPenetration Testing - $70 hourly
- 4.9/5
- (325 jobs)
Are you tired of tech troubles that just won't quit? Look no further! With 17 years of industry mastery, I'm not just your run-of-the-mill IT freelancer. I'm your go-to problem solver and tech virtuoso. As a certified Expert-Vetted White-hat Server/Cloud Infrastructure Expert, I've tamed the wildest Windows Servers, secured servers like a pro, and danced through the intricate web of ADS, IIS Web Servers, Apache, Nginx, and SQL Administration. My mission? To transform your IT challenges into seamless solutions that elevate your business. I bring clarity and expertise to a world where technology can feel like a maze. I specialize in Cloud Architecture, focusing on significant platforms like Azure, GCP, and AWS. Whether you want to migrate to the cloud, optimize your existing infrastructure, or enhance your security protocols, I've got you covered. My approach is not just about getting the job done; it's about understanding your unique needs and crafting tailored solutions that drive results. Are you curious about my process? It all starts with a deep dive into your requirements. Every project deserves a personalized touch, so I take the time to listen and understand your goals. From there, I design a strategic plan that outlines each step, ensuring transparency and collaboration throughout the journey. I pride myself on my meticulous attention to detail, which means you can expect nothing less than excellence in every aspect of my work. But wait, there's more! I don't just stop at implementation. I believe in empowering my clients with knowledge. After completing a project, I provide comprehensive documentation and training so you feel confident managing your new systems. Plus, I offer ongoing support to address any questions or concerns that may arise down the line. With me, you're not just hiring a freelancer; you're gaining a partner invested in your success. What sets me apart? It's my unwavering commitment to security. In today's digital landscape, safeguarding your data is paramount. I implement robust security measures, including SSL configurations and best practices, to fortify your systems against threats. You can rest easy knowing that your infrastructure is in safe hands. Now, let’s talk about results. After working with me, my clients have seen significant improvements in performance, efficiency, and security. Imagine a world where your IT systems run smoothly, allowing you to focus on what you do best—growing your business. That's the reality I strive to create for each of my clients. So, are you ready to take your IT infrastructure to the next level? Let’s connect and explore how I can help you achieve your goals. I’m just a message away, and I can’t wait to hear about your project! P.S. I genuinely love what I do and am excited to bring that passion to your project. Let’s make tech work for you! Vetted Skills: Cloud Architect, Windows Server, Azure, GCP, AWS, Security, SSL, Server Administration, Cloud Migration, Infrastructure Optimization, SQL Administration, Apache, Nginx, IIS Web Servers, Active Directory Services, Virtualization, Network Security, Backup Solutions, Disaster Recovery, Performance Tuning, IT Consulting.
Information Security
Google Cloud Platform AdministrationAWS Server MigrationVirtualizationDeployment AutomationDatabase AdministrationSolution ArchitectureCloud ArchitectureNetwork SecurityCloud ComputingDevOps EngineeringCloud SecuritySystem AdministrationAmazon Web ServicesMicrosoft Azure - $25 hourly
- 5.0/5
- (22 jobs)
Dedicated and highly experienced Network Security professional with 20+ years of proven expertise in designing, implementing, and maintaining robust network and security. Oversee large-scale IT projects, networks, and infrastructures. Outstanding results and complete projects on time. Firewalls: • Sophos UTM, XG and XGS all models, Dynamic routing and XDR. • Fortigate all models, FortiManager, FortiAnalyser., FortiAP, FortiSwitch • Checkpoint Firewall • Cisco Meraki, Cisco Firepower (FMC) Cisco ASA-5515, 5520,5550,5506-x. • Cisco Wireless Access point and WLC. • Cisco ISE • Watchguard all models Dynamic Routing. • Firewall Configuration migration. • Sophos Firewall policy, Dynamic routing, HA, SD-WAN, VPN and other configurations Managing, Troubleshooting. • Fortigate Firewall Policy configuration, Dynamic routing, HA, SD-WAN, External Connectors configuration. Managing, Troubleshooting. • FortiManager. FortiAnalyzer, Fortinet ZTNA & EMS. • Watchguard Firewall Policy, Dynamic routing, UTM, SD-WAN configuration, HA, Managing, Troubleshooting. • Cisco Firewall Policy configuration, VPN, Failover, IPS-IDS Managing, Troubleshooting. • Cisco Meraki MX deployment and troubleshooting. • Cisco Identity Service Engine ISE design and deployment with HA Managing, Troubleshooting. • All Firewall VPN - IPSec, Site-To-Site VPN, SSL VPN. • ManageEngine Endpoint Central implementation and support Routing & Switching • Cisco Routers almost all router including ISR 1000,4000 series Managing, Troubleshooting. • Cisco Switching Catalyst all models, Nexus all models Managing, Troubleshooting. • Routing Protocol - OSPF, EIGRP, and BGP. • NAT, Policy-based Routing, QoS, Traffic shaping. 1:- Send me an invite 2:- Lets connect over the call or message. 3:- I will ask you few questions for your requirements 4:- Will provide you exact plan for your goal with expected duration 5:- After agree on all points and looks good we can execute the plan Just click on Invite button and let's work together. #SDWAN #Fortinet #Fortigate #PaloAlto #DNACenter #SDN #ISE #IdentityServicesEngine #Firepower #CiscoUmbrella #EmailSecurityAppliance #WebSecurityAppliance #CloudWebSecurity #ciscoasa #Meraki #Stealthwatch #ManageEngine #Sophos #Watchguard #VPN #ASA #Telepresence #IPCameras #ASR1K #ASR9K #NexusSwitches #PrimeInfrastructure #IPTelephony #NetworkDesigning #Monitoring #SecurityInfrastructure #Acronis #Arcserve
Information Security
Network ArchitectureCisco UCSServer VirtualizationCisco MerakiARCserveFortinetSophos Sophos UTMNetwork DesignWeb Application FirewallCybersecurity ManagementNetwork SecurityCisco ISECisco ASAFirewall - $15 hourly
- 5.0/5
- (20 jobs)
A Certified Information Systems Security Professional with 20+ years of experience, expertise in Information Security Management System (ISMS). I can help you with Information Security Governance, Risk and Compliance (GRC), ISO27001 certification (end-to-end), HITRUST/ HIPAA, SOC2, CMMC compliance and certifications, risk management, incident management, internal audit, awareness programs, BCP/DR, and Policy documentation. My Professional Qualification Includes CISSP, ISO27001:2013 LA, ISO22301, ISO31000:2009, CCSE, CCSA, CCNA, Qualys VA certifications, and Educational Qualification include Bachelor of Engineering degree in Electrical and Electronics Engineering.
Information Security
Policy WritingInformation Security GovernanceInformation Security AuditSOC 2 ReportSecurity FrameworkISO 27001Cloud Security FrameworkData PrivacyInformation Security AwarenessCyber Threat IntelligenceRisk AnalysisCybersecurity ManagementSecurity Policies & Procedures DocumentationFirewall - $30 hourly
- 5.0/5
- (6 jobs)
Hi, I am an (ISC)² certified security professional and cybersecurity consultant with 6+ years of experience in application vulnerability assessment and penetration testing, security auditing, Vulnerability management, and Incident Response. 🌟I currently work for a Fortune 50 company and day-to-day activities include Penetration Testing, Vulnerability Management, false-positive analysis, and automating security scans with DevSecOps. 🙋🏼♂️I have good expertise with various security testing tools ranging from open source to enterprise-level tools including Burpsuite Pro, Netsparker, Acunetix, Checkmarx, Tenable, Fortify SSC, Web Inspect, etc. Certifications I possess • (ISC)² Certified in Cybersecurity • EC Council USA Certified Ethical Hacker- CEH v9 • Certified Security analyst • Splunk Certified power user ✅ Contact me for manual/automated vulnerability assessment and penetration testing (VAPT) of your web or mobile application. ✅ I can provide you with a detailed report of all the vulnerabilities in your app with risk rating and mitigation techniques for the same. ✅ The report will be in compliance with OWASP top 10 vulnerabilities, SANS top 25 software errors, and other industry-wide standards. ✅ A re-testing will be provided once the report is submitted and the client fixes the vulnerabilities to confirm all vulnerabilities are patched and ensure security.
Information Security
OWASPWebsite SecurityCode ReviewAPI TestingNetwork Penetration TestingInformation Security AuditWeb Application SecurityWeb App Penetration TestingCloud SecurityInformation Security ConsultationApplication SecurityPenetration TestingVulnerability AssessmentSecurity Testing - $30 hourly
- 5.0/5
- (24 jobs)
Services Offering : Ethical Hacking, Vulnerability Assessment & Penetration Testing, DevSecOps, Web Application Security, API Security, Android & iOS Mobile application Security, Network Security, Desktop Application Security, Cloud Security Audits and Penetration Testing, Thick Client App Security, Secure Code Review, DevSecOps, Container Security, IoT/Hardware Security, Blockchain or Smart Contract Security Audit, Security Configuration Review - Firewall, Switches, Router, OS and Server, etc. I am a Certified Cyber Security Expert/Professional and Security Engineer. I have more than 5 years of corporate experience in vulnerability assessment & penetration testing of Web Application, API, Android & iOS Mobile application, Network, Desktop Application, Cloud Security Audits and Penetration Testing, Thick Client App Security, Secure Code Review, DevSecOps, Container Security, IoT/Hardware Security, Blockchain/Smart Contract Security Audit, Security Configuration Review - Firewall, Switches, Router, OS and Server, etc. Follow systematic approach and best industry methodology like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115. I help to identify and mitigate the threats and vulnerabilities in systems and softwares with my skills I provide the following services: ✅ Penetration Testing Engagement ✅ This includes both thorough manual testing of all functionalities and automated testing for all websites, applications, servers or infrastructure included in the scope of work, using both professional enterprise grade software such as BurpSuite Professional and Nessus and also personal scripts and tools gathered over past engagements. This services extends as well to internal penetration tests and network infrastructure testing as well. ✅ Professional Report & Statistics ✅ Detailed report explaining step-by-step the exploitation and discovery method of each and every vulnerability discovered. Proof-of-Concept screen captures, full requests and responses, CVSS v3.0 standardised risk score, impact and ownership included. ✅ Remediation Advice & Guidance ✅ Remediation advice regarding all security issues discovered, how to fix them and warnings associated with the impact and risk of these vulnerabilities. ✅ Asset Discovery ✅ Through both active and passive methods, I can help you asses how big your digital footprint is on the internet and what is the attack platform visible from an outsider threat perspective. This includes subdomain enumeration and service/port discovery. ✅ Free Checkup ✅ Included in the price will be a checkup/retest of all aforementioned vulnerabilities present in the report in order to ensure that the implemented security controls and/or fixes are working as intended and that there is no other way to bypass them or exploit that vulnerability any longer. Technical Skills: - Vulnerability Assessment & Penetration Testing - Web Application VAPT - API VAPT - Android & iOS Mobile ApplicationVAPT - Network VAPT - AWS/ Azure/ GCP/ DigitalOcean Cloud Security Audit and Penetration Testing - Microsoft Office 365 Security Audit or Configuration Review - Thick Client or Desktop Application VAPT - Active Directory Security - DevSecOps - Container Security - VoIP Penetration Testing/ Security Testing - IoT/Hardware Security Testing - Smart Contract Security Audit - Threat Modeling - Threat Intelligence - Open Source Intelligence - Security Configuration Review - Firewall, Switches, Router, Operating Systems and Servers Certification Achieved: - CREST Practitioner Security Analyst (CPSA) - CREST Registered Penetration Tester (CRT) - Offensive Security Certified Professional (OSCP) - ISO 27001 Lead Auditor - (ISC)2 Certified in CyberSecurity - Information Security Certified Professional (ISCP) - Cyber Security Foundation Professional Certificate (CSFPC) - Certified AppSec Practitioner (CAP) Achievements : I got Appreciation Certificate from NCIIPC (Indian Government) for submitting few security issues. I attended private bugbounty programs organised by CCTNS (Crime and Criminal Tracking Network and Systems - Indian Government) and Bharti Airtel. I helped to secure some companies such as Dell, DigitalOcean, StatusPage, Caviar, Western Union, UnderArmour, Arlo Cash Rewards, Kenna Security, Pantheon, Mailgun, Seek, Skyscanner, Fitbit, Overstock and more.
Information Security
Code ReviewISO 27001Ethical HackingNetwork Penetration TestingWebsite SecurityCloud SecurityWeb App Penetration TestingVulnerability AssessmentSecurity TestingApplication SecuritySource Code ScanningSecurity Assessment & TestingPenetration TestingNetwork Security - $29 hourly
- 5.0/5
- (42 jobs)
⚡ TOP RATED Freelancer | ⚡ 9+ Years of Experience | Your Trusted Compliance Partner They call me "Mr. Compliance"—and for good reason. While you focus on growing your business, I take care of everything compliance-related, ensuring you meet industry standards and win more deals with confidence. Whether it's SOC 2, ISO 27001, HIPAA, PCI DSS, CMMC, or FedRAMP, I make compliance effortless so you can unlock new opportunities without the hassle. Why Clients Trust Me: ✅ Seamless Compliance: I simplify audits, security assessments, and certifications—no stress, no delays. ✅ Growth-Driven Compliance: Compliance isn’t just a checkbox; it’s a competitive advantage. I help shorten sales cycles by getting you audit-ready fast. ✅ End-to-End Support: From policies to risk assessments, vendor due diligence, and security questionnaires—I handle it all. ✅ vCISO Services: Need expert guidance but not ready for a full-time CISO? I offer affordable virtual CISO (vCISO) solutions tailored to your business. ✅ Security Strategy & TPRM: Managing third-party risks? Struggling with cloud or endpoint security? I’ve got you covered. ✅ Maximizing Compliance Tools: Already using Vanta, Drata, Hyperproof, or Scrut but unsure what’s next? Let’s optimize your investment. 💡 Proactive, not reactive. I don’t just tick boxes—I future-proof your security and compliance programs. 🚀 Tools & Frameworks: 🔹 Tools Expertise: JIRA, Vanta, Hyperproof, Drata, ServiceNow, AWS, Confluence, Archer, Scrut Automation 🔹 Compliance Frameworks: ISO 27001, SOC 2, FedRAMP, NIST, HIPAA, PCI-DSS, CMMC, TPRM, and more 📢 Ready to Make Compliance Work for You? Click "Invite" to connect, and let's build a stronger, more secure, and audit-ready business together. ⚠️ Note: If you're not fully committed to compliance or tend to be unresponsive, I may not be the right fit. I prioritize working with businesses serious about security and compliance success.
Information Security
Mobility Work CMMSNIST SP 800-53Sarbanes-Oxley ActApplication AuditGovernance, Risk Management & ComplianceSOC 2 ReportCMMCSOC 2ISO 27001JiraNIST Cybersecurity FrameworkRisk AssessmentApplication Security - $24 hourly
- 5.0/5
- (4 jobs)
I am a highly skilled IT professional with over 10+ years of experience across a diverse range of technologies, including Microsoft 365, Azure, networking, and system administration. My expertise spans cloud services, security administration, virtualization, and IT infrastructure management, allowing me to provide comprehensive solutions tailored to each client's needs. I have a proven track record in configuring, managing, and troubleshooting various systems while ensuring high levels of performance and security. In addition to my deep knowledge of Microsoft 365 services like SharePoint, Exchange Online, and Teams, I am proficient in managing Microsoft Azure environments, PowerShell automation, and security compliance frameworks. I have hands-on experience with Active Directory, firewall configuration, network security, and disaster recovery planning. My technical proficiency includes virtualization platforms such as Hyper-V and VMWare, and I am well-versed in cross-platform support for Windows, macOS, and Linux systems. I have successfully led support teams and delivered IT solutions in high-pressure environments, supporting enterprise-level clients across APAC, EMEA, and North America. My client-first approach ensures that I deliver solutions that enhance operational efficiency, improve system security, and meet business goals. Whether you need support with cloud migrations, security configurations, IT infrastructure optimization, or technical troubleshooting, I am dedicated to delivering results that drive success for your business.
Information Security
Microsoft SharePointDirectoryWindows 7 AdministrationFirewallNetwork AdministrationKali LinuxiOSMicrosoft OutlookVirus RemovalLinux System AdministrationMicrosoft AzureMicrosoft Active DirectoryMicrosoft WindowsOffice 365 - $25 hourly
- 5.0/5
- (3 jobs)
Thanks for visiting my Profile. My name is Deepansh Hooda & I'm a Security Professional. My skills are:- * Network Security * Internet Security * Web Security * Data Security * LINUX * UBUNTU I have 5+ years of rich experience in above mentioned skills. Client Satisfaction is my Top Priority. I guarantee you Excellent Quality Work.
Information Security
Web App Penetration TestingPython ScriptBash ProgrammingcURLSQLNetwork Penetration TestingLinuxSQL ProgrammingPythonUnixComputing & NetworkingVulnerability AssessmentPenetration TestingSystem Security - $30 hourly
- 5.0/5
- (6 jobs)
CISM-certified Cyber Security Consultant with 9 years of experience implementing and managing comprehensive security solutions. Expertise in endpoint protection, SIEM solution, cloud security and penetration testing. I have a strong ability to assess, mitigate, and respond to complex security threats. I am experienced in leading security projects, creating tailored policies, and providing expert guidance to organizations of all sizes. Experienced in working with global teams across time zones, cultures, and languages AREAS OF EXPERTISE * Vulnerability Assessment and Penetration Testing (VAPT) * Endpoint Protection * Threat hunting * SOC Architecture and Implementation * Cloud Security * Azure and Microsoft 365 Security
Information Security
Incident ManagementMicrosoft Endpoint ManagerCloud SecurityCloud Security FrameworkIncident Response PlanPenetration TestingVulnerability AssessmentSystem Security - $25 hourly
- 5.0/5
- (2,426 jobs)
⚡ TOP RATED Freelancer | ⚡ 13+ Years Experience I'm a Top Rated Upwork Freelancer and Offer Services in Malware Removal, Virus Removal, Ethical Hacking / Internet Security, WordPress Speed Optimization, Websites Transfer, SSL Installation, WordPress Development, Linux Server Administration and Zen Cart / Drupal / MODX / Moodle / Joomla Upgrade. Over the last 13 years, I Have Worked on 5000+ Websites Security (Cleaning from Malicious Code and Hardening Security), 1000+ Websites Transfer, 200+ WordPress Websites Speed Optimization (Delivered Results As Per Google PageSpeed Insights, GTmetrix) and 500+ SSL Installs (Including HTTP to HTTPS migration). Service Description: 1. Malware / Virus Removal from Websites (Cleaning Hacked Websites) and Servers. ✔100% Malware Cleanup Including Database Clean ✔Japanese Keyword Hack, SEO Spam / Pharma Hack Fix ✔Credit Card Stealers and Ecommerce Malware Fix ✔Google Blacklist Removal (This Site may be Hacked), Google Deceptive Warning Fix ✔McAfee SiteAdvisor, Norton Blacklist or Any VirusTotal Based Blacklist Fix ✔WP-VCD Malware, Backdoor / Malicious Javascript / Conditional Redirects Fix 2. Website Security Maintenance (Implementing Future Security Measures and Guiding How to Maintain Security for the Future). 3. Website Transfer/Migrate to New Host / Domain (Any PHP-based CMS or Custom-coded Website). 4. SSL Install, HTTP to HTTPS Migration with Secure Padlock. 5. WordPress (Websites Development and Troubleshooting Which Includes Fixing Critical Error / Fatal Errors). 6. Linux Server Administration. 7. Optimize and Increase the Speed of WordPress Websites. 8. Zen Cart / Drupal / MODX / Moodle / Joomla Upgrade (Upgrade to the Latest Stable Version). 9. Penetration Testing (Checking Websites for Security Vulnerabilities).
Information Security
Malware DetectionDomain MigrationWordPress SecurityWebsite MigrationWordPress Malware RemovalWordPressSSLInternet SecurityWebsite SecurityVirus RemovalPenetration TestingMalware RemovalVulnerability AssessmentNetwork Security - $49 hourly
- 4.9/5
- (17 jobs)
cPanel, Plesk, AWS, GCP, CCNP, CCNA, RHCE, MCSE, MCSA, MCTS, MCP, CCNSP, JNCIA, PCI DSS, SG BOX certified. Committee Member - IT and Communication Infrastructure and Cyber Security - The Southern Gujarat Chamber of Commerce and Industry I am a DevOps, Network, System and Security Expert, and Email Deliverability Specialist having 15 years of professional experience, where my responsibilities range from managing people, processes, projects, and operations. I am working in DevOps, SecOps, InfraOps, and NetOps. I have developed product development and security management processes of the DevOps life cycle. Along with it, if a customer project needs any development in PHP, ReactJS, NodeJS, or Python, I have my team of experts who can do the job at a reasonable price point. I will be working as a single point of contact for my clients in terms of ownership of the project and responsible for the delivery as per client needs. I have solid work experience being an interface between Dev., QA, PSG, O&M, and Support Team, working with different product integration like E3ME, PeerApp, Vuze, BNG, EliteAAA, EliteSMP, EliteEMS, EliteAC, 24online SMS & HIA, Mautic, Postal, MailWizz, cPanel, Virtualmin, Plesk, Centreon, Nagios, Jenkins, Github, Gitlab, JIRA, MSP, which caters well-established enterprises, start-ups, telecom and hospitality segments. My core competencies are understanding customer requirements and designing solutions for clients on AWS, GCP, Digital Ocean, or Azure based on the standard architecture of protocols and services. My primary interest is learning new things and transferring knowledge to build strong technical and leadership teams. Specialties: Email Deliverability, Network Security(Cisco, Juniper, D-Link, 3Com, HP, Fortigate, Checkpoint, Pfsense, Mikrotik), System Security(Microsoft and Linux) Engineering, Virtualization, Technical Analysis, IDS/IPS (Redware / Arbor), Technical Troubleshooting & Security Hardening, R&D
Information Security
KubernetesNetwork AdministrationSystem AdministrationTechnical SupportSystem MonitoringSystem SecurityEmail DeliverabilityCisco Certified Network AssociateLinuxRed Hat Certified EngineerDevOpsAmazon Web ServicesFirewall - $25 hourly
- 4.7/5
- (9 jobs)
Having more than 10 Years of experience in cyber security domain with proven practical experience in Threat Hunting, Google Dorking, Open-Source Intelligence, threat modelling, security code review, Penetration Testing(Web/Mobile) and implementing cyber security best practices into the organizations. Proficient in threat hunting using MITRE ATT&CK, STRIDE, PASTA, OWASP Threat Dragon frameworks for conducting Threat Modelling framework, TTP’s and develop a heatmap. Experience in using Python Boto3, AWS responder, libcloudforensics, AWS Security - Step Functions, AWS Lambda, CSP header verification using Python Scripts, AWS Step Functions and Canary tokens. Hands-on experience in malware analysis through sandboxing techniques. Experienced in analyzing registry keys, event codes, and network telemetry logs. Capable of network traffic dumping and pcap analysis with tcpdump and network miner. Hands-On experience in malware analysis, specializing Android(Java) malware, reverse engineering, code obfuscation and static analysis. Familiar with fileless malware detection and other persistence techniques. Proficient in browser extension and double file extension analysis. Utilize threat analysis reports from Red Canary, CrowdStrike, and Palo Alto Networks for reconnaissance. Proficient with CTI methodologies including analysis through frameworks such as the Pyramid of Pain, Diamond Model, and Cyber Kill Chain. Capable of ensuring strong emphasis on security across web, thick client, API, mobile (iOS & Android), Kubernetes, containers, and cloud hosted services (AWS/AZURE). Experienced in handling F5 products (BIGIP-Next, F5OS, SPK), BIGIP, NGINX core and NGINX Plus. Strong technical experience in implementing cybersecurity methodologies such as NIST, OSSTMM, M(ASVS), SANS, MITRE ATT&CK and NIST & OWASP standards, with expertise in identifying application weaknesses, attack vectors, exploitation techniques, and countermeasures. Well versed with TCP/IP, packet analysis(pcap), protocol analysis, web sockets, Endpoint analysis, network forensics, OAUTH 2.0, OpenID Connect and SAML identity protocols. Implemented secure coding practices, reducing vulnerabilities and proficient in tools like Fortify and SecureCodeBox. Extensive experience in using fuzzing tools like DirBuster, FFUF tools. Hands-on programming skills using Java, JavaScript and Python Areas of Expertise– Digital Forensics, Threat Hunting, Automation by Python Scripting. Certified GIAC-Mobile Device Security and Ethical Hacker (GMOB). Certified EC-Secure Programmer (ECSP) and Certified Ethical Hacker (CEH). Successfully completed the "Advanced Infrastructure Security Assessment" course at the Null conference in 2022. Successfully completed the "Breaking and Owning Applications and Servers on AWS and Azure" course at the Null conference in 2019 Developed security policies, ensuring compliance and smooth application delivery. Good at using governance tools like JIRA, Confluence etc. Web & Mobile Application: CheckMarx, Fortify, SecureCodeBox, SonarQube, Burp Suite (Pro & Free), Fiddler, OWASP Zap Proxy, Paros Proxy, W3af, Echo Mirage, Snallygaster, PenCrawler, Hackbox, Galileo, FFUF, InfectionMonkey, Drozer, MobSF, Jadx, JD-GUI, Santoku, AndroidTamer, Adhrit, Reverse APK, Clutch, Rp++, Frida/Objection, Needle Framework, iFunbox, RastiCrac, Otool, Class-dump, iLEAPP, ALEAPP. Threat Hunting and Telemetry Analysis: Tcpdump, Wireshark, ATT&CK MITRE(TTP’s), Mimikatz, Scapy, PyShark, Network Miner, Zeek, Splunk, Sysmon, Snort, Wazuh, ElasticSearch(ELK), Suricata. Web Services & Network Assessment: WSSAT 2.0, Astra, Postman, SoapUI, API Fuzzer, Nmap, Nessus, Kali Linux, Metasploit, Crunch, Cain Cloud & Containers, Threat Modelling AWS Inspect, S3 Inspect, Bucket Finder, Guard, Clair, Anchore, Trivy, STRIDE, DREAD, Microsoft Threat Modelling Tool, Client satisfaction and quality of work are my top priorities. I'm a problem solver and I'm glad to help you with any task you have on your website. Regards, Sandeep T
Information Security
Security TestingVulnerability AssessmentPenetration TestingKali LinuxWiresharkWebsite SecurityCryptographyMobile App TestingWeb App Penetration TestingNetwork Penetration TestingCode ReviewNetwork SecurityEncryption - $15 hourly
- 5.0/5
- (134 jobs)
Web Penetration Testing(OWASP Top 10 methodology) | Network Penetration testing | OWASP API Security | Mobile Vulnerability Assessment(iOS and Android) | Source Code Reviews(.Net, Java, PHP) | Vulnerability Assessment and Penetration Testing | SIEM team (Cloud(AWS and Azure) Security, File Integrity Monitoring and Event Monitoring, Endpoint Security and Encryption, Data Loss Prevention, Network Access Control, Threat Monitoring (Email Traffic and Malware Analysis), Privileged Access and Identity Management) Have 7+ years of experience in both black box and white box testing penetration testing. Perform VAPT (Vulnerability Assessment and Penetration Testing) services for web applications, networks, mobile; source code reviews; malware analysis; server hardening; and security analysis etc. Conduct penetration testing in a systematic approach. Follow the standard methodology of the industry like OWASP Testing Guide v4(OTGv4); SANS top 25; NIST SP 800-115; PCI DSS to perform penetration testing so that client can concentrate on their professions without worrying about security threats. Web Application Testing: Do web application penetration testing with the latest methodology like OWASP Top-10, SANS Top-25. Perform both manual and automated penetration testing for vulnerabilities like Injection flaws(such as SQL, NoSQL, OS, and LDAP injection etc),Broken Authentication, Sensitive Data Exposure,XML External Entities (XXE), Broken Access Control,Security Misconfiguration, Cross-site scripting(XSS), Insecure Deserialization, Using Components with Known Vulnerabilities,Insufficient Logging & Monitoring. Also, perform source code reviews for many technologies like Java, NET, PHP etc. Approach for Manual Web-Application Penetration Testing: Conduct manual testing with following controls: * Configuration and Deployment Management Testing * Identity Management Testing * Authentication Testing * Authorization Testing * Session Management Testing * Input Validation Testing * Testing for Error Handling * Testing for weak Cryptography * Business Logic Testing * Client Side Testing Tools that use for Automated Web Penetration Testing: Acunetix, Burp-Suite, Netsparker, Nexpose, Nikto, IBM AppScan, HP fortify, W3af etc. Network penetration testing: Provide both external and internal network Penetration Testing so that your Network Infrastructure is secured from the real world attacks. Do both manual and automated network penetration testing. Approach for Manual Network Penetration Testing: Manually check for IDS/IPS, Server, Networks switch, Network Router, VPN, Firewalls, Anti-virus, Password etc. Tools that use for automated network penetration testing: OpenVas, Wireshark, Nessus, Metasploit, Armitage, Scapy etc. Mobile Application Penetration Testing: Perform mobile applications application penetration testing with the latest OWASP methodology(MSTG). Performed both manual and automated penetration testing for vulnerabilities like Weak Server Side Controls, Insecure Data Storage, Insufficient Transport Layer Protection, Unintended Data Leakage, Poor Authorization and Authentication, Broken Cryptography, Client Side Injection, Security Decisions Via Untrusted Inputs, Improper Session Handling, Lack of Binary Protections. Tools: Burp-Suite, HP fortify, Dex2Jar, Apktool, framework-res.apk, iNalyzer. Source Code Reviews: Perform source code reviews for both front and back-end languages. Perform source code reviews standard methodology like OWASP top 10. Do manual and automated source code reviews for various web based security vulnerabilities like SQL injection, Cross site scripting (XSS), CSRF, RFI,LFI, Authentication bypass etc. Tools: CheckMarx, IBM Appscan source for analysis, Microfocus HP Fortify. Security Analysis and Server Hardening: Regularly check and maintain your systems, servers to ensure that they comply with the standards. Do hardening application checks the item automatically on a daily basis and monitors all critical networks and server components. We support various frameworks like CIS benchmarking for Desktops & Web Browsers, Mobile Devices, Network Devices, Servers – Operating Systems, Virtualization Platforms & Cloud etc. Social Engineering: Have experience in social engineering vectors: Vishing, Phishing, Smishing, Impersonation. Used the following social engineering cycle to conduct social engineering: Gather Information: Here Information gathered from company websites, social media and other publications. Plan Attack: Next step is outline how intends to execute the attack Acquire Tools: After planning, next include computer programs that an attacker will use when launching the attack. Attack: Exploit the weaknesses in the target system. Use acquired knowledge: Information gathered during the social engineering tactics is used in attacks such as password guessing. Tools: SET(Kali-Linux); GetGoPhish
Information Security
Web TestingInformation Security AuditWeb Application SecurityWebsite SecurityNetwork Penetration TestingSoftware QASecurity AnalysisInternet SecurityPenetration TestingVulnerability AssessmentNetwork Security - $30 hourly
- 4.9/5
- (154 jobs)
🔢 As a seasoned Penetration Tester, I have a proven track record of conducting and leading successful security audits, web application penetration tests, and red team engagements for a diverse range of clients. My experience ranges from working with multinational corporations with large-scale infrastructures to smaller companies seeking enhanced security measures for competitive advantage. As a security engineer, my day-to-day responsibilities revolve around leveraging my expertise in penetration testing, cyber security, and vulnerability assessment to identify and mitigate potential vulnerabilities. Through these experiences, I have comprehensively understood the prevailing technology stacks employed worldwide, allowing me to discern their security weaknesses with precision. 🚫No hacking service - I do not provide any hacking services, and I will not engage in any activities that involve gaining unauthorized access to any accounts, systems, or social media platforms. Requests for such services will be declined. Working with me, you will: ★ Customized approach: I understand that every client's needs are unique, and I tailor my approach to meet your specific requirements. This ensures that you get the most comprehensive and effective security testing possible. ★ Timely delivery: I understand that time is of the essence when it comes to security testing, and I always deliver my reports on time, without compromising on quality. ★ Complete manual testing for your application and immediate notification if any high-impact issues are found. ★ Unlimited retesting for the fixed issues and unlimited revisions ★ Able to find critical bug classes that are often missed by automated pentests. 🔢 My stats are: ✅ Top-rated in information security and IT compliance categories ✅ Saved tens of thousands of dollars for clients by identifying critical vulnerabilities ✅ Ranked in the Top 50 at multiple bug bounty programs ✅ Supporting all time zones ✅ Long-term engagements ✅ Professional certifications (OSCP, CREST CPSA, OSEP, OSWP) Sound like a fit? 🟢 Press '...' button and then ‘Send Message’ button in the top right-hand corner Penetration Testing and Vulnerability Assessment Tools: Manual Testing: Burpsuite Professional, Nuclei, Ffuf, Nmap, Postman (API testing), Metasploit Framework, SQLmap, OWASP ZAP Automated Testing: Acunetix, Nessus, Netsparker, etc. Penetration testing service: 1. Penetration Testing Engagement: thorough manual and automated testing of all functionalities, including internal penetration tests and network infrastructure testing. Professional enterprise-grade software is used, such as BurpSuite Professional, Acunetix, and Nessus. 2. Professional Report and Statistics: A detailed report explaining the exploitation and discovery method of each vulnerability discovered, including proof-of-concept screenshots, full requests and responses, CVSS v3.0 standardized risk score, and impact. 3. Remediation Advice and Guidance: Remediation advice was provided for all security issues discovered, including guidance on how to fix the issues and warnings associated with the impact and risk of these vulnerabilities. 4. Asset Discovery: Active and passive methods are used to assess the digital footprint on the internet, including subdomain enumeration and service/port discovery. 5. Free Retest: Retest all vulnerabilities present in the report included in the price to ensure implemented security controls and/or fixes are working as intended. 6. OSINT Reconnaissance: Gather all valuable data about the company on the internet, including any breached email addresses and related passwords. 7. Briefing and debriefing: Calls or meetings are available to discuss the scope of work, the focus of the penetration testing engagement, including all subdomains, black-box or white-box engagement, account requirements, preferred hours for load testing, and any other guidance required. Calls or meetings are available after the penetration test is completed to discuss the engagement results, the main issues and concerns regarding the company's security, and any further clarification regarding any vulnerability and the associated impact or risk. ✅ The deliverable will be a professional penetration testing and vulnerability assessment report, which includes: ► Executive Summary ► Assessment Methodology ► Types of Tests ► Risk Level Classifications ► Result Summary ► Table of Findings ► Detailed Findings: Each finding in the report will contain a CVSS score, issue description, proof of concept, remediation, and reference sections. ► Retest for issues (The vulnerabilities will be retested after they're fixed; multiple retests can be done to ensure the issues are remediated.) My Expertise: ★ Web Application Security Testing ★ API security testing ★ Penetration Testing ★ Internal Active Directory and External Network Pentest ★ Vulnerability Assessment. ★ Thick Client Pentest (Windows Desktop App Testing) ★ OSINT Assessement
Information Security
Risk AssessmentOWASPNetwork Penetration TestingBlack Box TestingWeb Application SecurityWebsite SecurityWeb App Penetration TestingApplication SecuritySystem SecurityVulnerability AssessmentSecurity TestingSecurity Assessment & TestingNetwork SecurityPenetration Testing - $12 hourly
- 4.8/5
- (106 jobs)
I have both bachelor's and master's degree in engineering. I did my B.Tech in Information technology and MTech in Software Engineering. I topped in my MTECH university examination with 75% marks. And I am in top 15% in the world for Cyber security on LinkedIn. Details are in portfolio section. I have been writing for almost 14 years now and written over 20000 articles on varied topics including: 1. CS/IT/SW Engineering related subjects, 2. Quantum computing, 3. various other technologies, Finance, Money Transfer, 4. Single Page Application (Angular, React), 5. NET Technologies, 6. Data Structures, 7. DBMS, 8. Blockchain Technology, 9. Machine Learning, 10. Deep Learning, 11. Cloud Computing using AWS, 12. Real Estate, 13. Home based Services, 14. IoT, 15. Virtual Reality, 16. Augmented Reality, 17. Android, 18. iOS, 19. Tech events, 20. Credit Cards, 21. OOPS, 22. Software Project Management, 23. Mechanical Keyboards etc. I have expertise in SEO, SEM etc. and I use this knowledge in my writing to ensure search engine specific writing which ranks easily on the Google, Bing and other search engines. I am expert at formatting based on various standard formats like APA, Harvard, MLA, IEEE etc., in MS Word. I can write the entire research paper or dissertation for you or if you need only formatting, I can do that as well. Also, I can proofread your CS/IT based research papers and dissertations. I do have expertise in writing technical documents including SRS, Project Plans, DFD in MS Word as well as academic writing like research papers, dissertations, Textbooks, user manuals, white papers and various documentation from perspective of end users, developers and all in a software development company. I am an engineer; however, my first passion is writing. During 2007, I got my first opportunity to work as a writer and I got a huge success in my field. Starting from Real estate, I wrote on almost all the topics. I have written research papers, dissertation for my MTech. and in my professional writing field, I have given almost everything to provide best services to my clients. I generally love long term relationships and provide long lasting search engine friendly contents. I am creative when it is required and technically sound. I am quite good at Microsoft technologies but as I said, my first love is writing and that's what I prefer. Till now, I have been blessed to have some great clients and I am really thankful to them. I wish I keep on getting clients like them and provide best work to all of them. Get keyword specific high-level content from me and be assured they will be long lasting.
Information Security
C#NIST Cybersecurity FrameworkAngularUser ManualASP.NET CoreMongoDBMicrosoft SQL ServerMicrosoft AzureAPI DocumentationBusiness AnalysisCloud ComputingBlog WritingInformation TechnologyTechnical Writing - $60 hourly
- 4.7/5
- (71 jobs)
Expertise:- All kind of Math at undergrad level. Public key Cryptography, Zero knowledge proof (ZKP), Verifiable Computation, Attribute Encryption, Charm Crypto implementation and analysis, Homomorphic encryption (SEAL library), Designing protocols and implementation in python, PIR, theoretical security analysis. Qualification: BS-MS in Mathematics. PhD in the area of Mathematical Cryptography.
Information Security
MathematicsElliptic Curve CryptographyCalculusCryptographyProofreadingC++Mathematics TutoringTeaching AlgebraEncryption - $35 hourly
- 4.8/5
- (2 jobs)
Experienced Penetration tester and Occasional Bug Bounty hunter Day Job Activities/Responsibilities ------------------------------------------ Pentesting Web Application Develop various security tools for penetration testing Presenting and documenting detailed findings and fixes based on the testing Participate in CTFs and Bug Bounty Programs Training ----------- BurpSuite Mastery by Peritus Academy. Skills ------ Scripting & Automation: Python, Php, Javascript, BASH, Linux, Servers Experienced with all common attack vectors and mitigation techniques. My specialties are: - Web Application Penetration Testing - Api Penetration Testing - Security Assessment - Vulnerability Assessment - Owasp Top 10 - Reconnaissance - Open Source Intelligence (OSINT) I look forward to hearing from you! Keen on Deadlines, want fair business together.
Information Security
Google Chrome ExtensionServerBrowser ExtensionApplication SecurityVulnerability AssessmentOWASPWeb App Penetration TestingPenetration TestingWordPress Malware RemovalBash ProgrammingLinuxWebsite SecurityJavaScriptPHP - $63 hourly
- 5.0/5
- (1 job)
• Around 15 years of technical expertise in various industrial sectors that includes financial, marketing, and telecom with hands-on experience in Secured Software Development Lifecycle (SSDLC); Cloud Security; Azure Administration; Windows Server Cloud Migration and Administration; ITSM Tools; Escalation Management; Client Satisfaction; Resource Optimization; Technical Troubleshooting. • Around 5 years of relevant experience in Application Security and SSDLC (Threat Modelling, Static Analysis Security Testing (SAST), Dynamic Application Security Testing (DAST), Vulnerability Assessment and Penetration Testing (VAPT) • Cloud Security; Azure Administration; Windows Server Cloud Migration and Administration tools such as Microsoft Azure Security Center, Carbonite Double-Take, Cloud Security Posture Management (CSPM). • Rich experience in designing and developing HLD and LLD for Endpoint Security. • Strong experience on examining Azure configured cloud security practices and identify key risks, then execute programs to address them. • Hands-on experience in different transformation phases from Discovery to Migration for On-Premises to Cloud Migration. • Efficient in configuring and managing Multi-Factor Authentication and Role Based Access Control in Azure. • Well versed in Implement corrective and preventive actions to resolve escalations. • Experienced in Managing “Preventive Maintenance” activities that includes Microsoft Windows/Office Security patches, update rollup, Updating Microsoft vulnerability patches on the server, categorize patches for blacklisted, conditional blacklisted, whitelisted and under review.
Information Security
Network SecurityNetwork AdministrationCloud ComputingData Center MigrationWindows Server - $40 hourly
- 5.0/5
- (11 jobs)
Mustaque (CISSP) brings and assist clients in infrastructure Security, Cloud Security, Network Security, Cloud Migration, Threat Intelligence and integrating Information Security program for an organization. With over 15+ years of IT experience, I provide cost-effective solutions to Start-Ups, SMBs/SMEs, and Large Enterprises. I am passionate about helping people succeed in their core business while making an impact on securing their computing environment and making it difficult for outsiders to penetrate or get unauthorized access to the network. I have worked with organizations like IBM, Microland, Bank of America, and other Fortune 500 companies. My background covers the technology discipline (Security by design, Public Cloud Security, Public Cloud Migration, Network Security, threat intelligence, Vulnerability Assessment & Management, and Consulting). My Specialization is to build a solid platform using a security by design concept to stop inside and outside threats. Skill Set: Next Generation Firewalls (Cisco FTD, FortiGate, PaloAlto, Meraki) F5 SSLO, WAF , IPSec. SSL VPN, Zero Trust Architecture, Cloud Security, Internet security, firewalls, IDS, IPS, Nessus, Qualys, Kali Linux, Meta-exploit, Honeypots. Here are some of the area's Mustaque can help with: - Design and Implement Secure virtual data center in Public Cloud (Azure, AWS). - Design and Implement Cloud Security components while designing a virtual data center. - Design and Implement SDWAN at the enterprise level. Add SDWAN security while designing it. - Design and Implement Zero Trust Architecture using state of art zero trust technologies - Help to perform Risk Assessment. - Implementing Security Solutions at multiple layers to provide adequate security. - Audit and assist in implementing Compliance per the standard. - Security Incident & Reporting. - Design, implement and monitor Threat Intelligence program. - Design, implement and test the Disaster Recovery Program. - Research on System logs to build a security data lake. Product Experience: I have worked in Multi-Vendor Environment. Enough exposure to Industry-leading solutions. Professional Certifications: CISSP - Certified Information Systems Security Professional ZTCA - Zero Trust Certified Architect CASA - Certified AlgoSec Security Administrator ECSA - EC-Council Certified Security Analyst CEH - Certified Ethical Hacker MCSA - Microsoft Certified Solutions Associate
Information Security
IT Compliance AuditNetwork EngineeringCloud SecurityCloud ImplementationWeb Application FirewallCloud ArchitectureCloud MigrationNetwork AdministrationNetwork DesignSystem SecurityKali LinuxAT&T CybersecurityVulnerability AssessmentNetwork Security - $40 hourly
- 5.0/5
- (10 jobs)
✅ ✅ ✅ Cloud Engineering & Security Engineering! With over 10 years of expertise as a consultant specializing in Cloud DevOps Engineering and Security Engineering, I bring a unique blend of skills in designing, implementing, and securing cloud-based infrastructures across AWS, Azure, and Google Cloud. My experience spans optimizing complex environments, automating security practices, managing risks, and ensuring compliance with industry standards, while driving innovation in network, cloud, and DevOps security to enhance organizational resilience. 🌟 Why am I unique amongst other freelancers? 🌟 I prioritize "QUALITY of Work", always striving for client success and satisfaction. A brief 10-minute conversation is all it takes for me to grasp your business needs. Your privacy matters, hence my readiness to sign an NDA to protect your business. I'm passionate about my work, balancing speed and quality in every task I undertake. My expansive skill set includes: Skills & Expertise: Cloud Expertise: ● Expertise with cloud providers such as AWS, Google Cloud, Alibaba Cloud, and Digital Ocean. ● Specialization in managing application cloud platforms like OpenStack and OpenShift. ● Proficiency in Linux distributions (RedHat, CentOS, Ubuntu, Debian). ● Expertise in computer clustering, data replication, and disaster recovery. ● Skilled in containerization and orchestration with Docker and Kubernetes. ● Mastery of monitoring solutions such as ElasticSearch, Kibana, Zabbix, Nagios, and NewRelic. ● Proficient in DevOps automation tools like Ansible, Chef, Puppet, Terraform, and Jenkins. ● Extensive experience designing CI/CD pipelines in collaboration with developers. ● Proficiency in implementing compliance standards including HIPAA, PCI-DSS, ISO27001, FEDRAMP, TXRAMP, HITRUST, and SOC2. Security Expertise: ● Network Security: Proficient in designing, deploying, and maintaining secure network infrastructures, including firewalls (SonicWall, Palo Alto), VPNs, IDS/IPS, and DDoS mitigation. Skilled in network hardening and traffic analysis using tools like Wireshark. ● Cloud Security: Extensive experience securing public, private, and hybrid cloud environments. Expertise in AWS (CloudTrail, CloudWatch, GuardDuty, WAF, Inspector), Azure (Intune, Monitor, Sentinel, Defender for Cloud), and Google Cloud (IAM, Command Center, Scoutsuite). ● Vulnerability Assessment & Penetration Testing: Conduct comprehensive security assessments using tools like OpenVAS, Nmap, OWASP ZAP, Nessus, and Kali Linux. Perform security testing and forensic analysis on Unix/Linux systems. ● Threat Intelligence: Monitor real-time threats and implement proactive measures using SIEM tools like Splunk, Wazuh, Rapid7, CrowdStrike, and Security Onion. Skilled in threat hunting and incident response. ● Incident Response: Lead investigations, document findings, and manage response efforts to minimize impact. Develop and test incident response plans for organizational preparedness. ● Policy Development & Compliance: Develop and implement security policies aligned with frameworks like GDPR, NIST, ISO 27001/2, CIS Controls, SOC 2, and PCI-DSS. Conduct regular audits to ensure compliance. ● Encryption & Authentication: Knowledgeable in TLS/SSL protocols, cryptographic algorithms, PKI, and secure authentication mechanisms (LDAP, RADIUS, SAML). ● Security Automation & DevOps: Integrate security tools in CI/CD pipelines using Jenkins, GitHub Actions, and ArgoCD. Automate security processes for continuous monitoring. ● Collaboration & Leadership: Strong communication and teamwork skills, with a focus on cross-functional collaboration. Lead security awareness programs and drive a robust security culture. Certifications & Achievements: ● Recognized by Google for contributions to technology and security. ● Cloud Native Scholarship recipient, selected among top 300 out of 15,000 applicants. ● Achieved top 10 status in Global Cybersecurity Challenges (GCC) 2.0 and top 5 in GCC 3.0, a prestigious international cybersecurity contest with participants from over 120 countries. ● Contributed to over 40 esteemed publications including Forbes, TechCrunch, and ZDNet, raising awareness about critical security issues. I'm excited to discuss your unique needs and explore how I can be of service. Let's chat!
Information Security
Security ManagementCybersecurity ManagementISO 27001DockerKubernetesApplication SecurityNetwork SecurityGoogle Cloud PlatformMicrosoft AzureVulnerability AssessmentCloud SecurityTerraformPythonAmazon Web Services - $50 hourly
- 5.0/5
- (2 jobs)
"I really appreciate what you did for Katana by helping us to fortify our product security! Thank You, Usama" - Priit Kaasik (Co-founder & CTO at Katana Manufacturing ERP) I help you make your applications secure by identifying security flaws in your applications, APIs, and codebases. Recently, I helped Sketchdeck discover over 35+ high-severity loopholes affecting 100K+ users in their applications by doing penetration testing, secure code review, and API security testing. "I highly recommend Usama for any application security needs. He has been a valuable asset to our team at Sketchdeck, discovering critical security issues through manual testing and in-depth analysis. He has a lot of expertise in white-hat-hacking, is extremely creative and driven to help secure our web application. I recommend Usama to anyone looking to bolster their security measures." - Joe Teibel (Head of product & engineering @Sketchdeck) "We increased the reported severity from High to Critical. This is because it allows the takeover of another account, given only that account's email address. We were impressed with this report, Usama. You found a critical vulnerability, one that nobody else had found. Nice job." - Clio, (A leading lawyer's platform)
Information Security
Network Penetration TestingWeb App Penetration TestingNetwork SecurityInformation Security AuditJavaScriptNode.jsWebsite SecurityApplication SecuritySecure SDLCWeb Application SecurityEthical HackingSecurity TestingVulnerability Assessment - $45 hourly
- 5.0/5
- (36 jobs)
Hello, I am Vatsal Raichura. I have 4+ years of experience in the IT Industry as an Information and Network Security Specialist. I have worked with many top IT, Security, and Crypto Brands. I have expertise in Vulnerability Assessment and Penetration Testing (VAPT), Blockchain & Smart Contract Audits, Web and Application testing, Network and System testing, Blackbox testing, etc.
Information Security
FuzzingSmart ContractBlockchainPenetration TestingSolidityFinancial AuditSecurity TestingDAppsIT Compliance AuditWeb Application SecurityVulnerability AssessmentISO 27001Mobile App Testing - $45 hourly
- 5.0/5
- (63 jobs)
✅ Top Rated Plus Expert ✅ 1000+ Hours ✅ Professional Penetration Tester Senior Penetration Tester with more than 6+ years of rich industry experience in Web, Mobile, API, and Network Penetration Testing. I have successfully completed 500+ Web application Pentests, 200+ Mobile Application Penetration Tests, 300+ API Penetration Tests, 100+ External Network Penetration Tests and 30+ Internal Penetration Tests. I am also a Security researcher acknowledged by Yahoo (among other notable companies like SolarEdge, Imgur, Artsy, etc.) for disclosing a number of vulnerabilities via the HackerOne bug bounty platform. My core competency is Blackbox, Greybox Testing on Web, API, Mobile, and Network applications. I am familiar with all attacks and mitigations and am well-versed in OWASP, NIST, and PTES Frameworks. My Pentesting reports include clear documentation of the vulnerabilities found along with the remediations to make sure the client is 100% satisfied. I am also certified in AWS, and Azure and have a very keen knowledge of Cloud Security and cloud administration. ✅ I have conducted Penetration Tests, Vulnerability Assessments and delivered professional reports to companies around the world complying with the following: ►OWASP Web Security Top 10 Vulnerability ►OWASP API Security Top 10 Vulnerability ►OWASP Mobile Security Top 10 Vulnerability ►External Network Penetration Testing ►Internal Network Penetration Testing ►Payment Card Industry Data Security Standard (PCI DSS) ►System and Organization Controls 2 (SOC2) ►General Data Protection Regulation (GDPR) ►Common Vulnerability Scoring System (CVSS) ►Open Source Security Testing Methodology Manual (OSSTMM) My Certs include: ►CompTIA Pentest+ ►AWS Solutions Architect ►Azure Administrator Tools: Burp Suite, Nikto, Nmap, Zap, Metasploit, Nessus, W3af, Ffuf, Dirb, etc... I am available 24/7. If you are interested in cooperation, drop me a line :)
Information Security
Web Application SecurityNetwork Penetration TestingWeb App Penetration TestingCloud SecurityMobile App TestingInformation Security AuditMetasploitVulnerability AssessmentNetwork SecurityPenetration Testing - $60 hourly
- 5.0/5
- (3 jobs)
Risk Advisory and compliance expert (CISA certified) with more than 13 years of demonstrated history of working in the Financial Services, Telecom, Technology and Healthcare space, across Big4 consultancies. Strong program and project management professional skilled in IT Compliance programs /audits and assessments (SOX/ SOC1&2, HIPAA, PCI DSS, CSA STAR, NY DFS, ITGC), Data Privacy and Security /System Implementation reviews/Vendor due diligence. I specialise in setting up IT Compliances for organisations , which involves, performing internal IT assessments, noting findings, planning for actions on remediations, framing policies and procedures. I also specialise in performing SOC2, ITGC and SOX assessments and audits.
Information Security
Information Security ConsultationPolicy WritingTraining PresentationIT Compliance AuditInternal AuditingRisk AssessmentData PrivacySOC 1 ReportGovernance, Risk Management & ComplianceIT General Controls TestingInformation Security GovernanceSOC 2 ReportInformation Security AuditSarbanes-Oxley Act - $40 hourly
- 5.0/5
- (11 jobs)
Ethical Hacker with good understanding of Penetration testing methodology and in-depth coding/networking knowledge. Coming with Strong communication skills, technical writing skills, and certification in Ethical Hacking and Internet Investigation Specialist.
Information Security
Network Penetration TestingMetasploitCybersecurity ManagementWireless SecurityWeb App Penetration TestingEmail SecurityNetwork SecurityResearch PapersKali LinuxVulnerability AssessmentContent WritingPenetration TestingTechnical Writing - $43 hourly
- 4.7/5
- (4 jobs)
A tech-savvy Cyber Security Professional & Developer with 5+ years of industrial experience in: * Web Application Penetration Testing * Mobile Application Penetration Testing * Network Penetration Testing * Server Vulnerability Assessment * Cloud Application Penetration Testing * Source Code Review * DevSecOps * Smart Contract Security Audit * Web3 Technical Content Writing * Product Research & Development * Community Growth & Development
Information Security
Business Logic LayerNetwork SecurityCloud SecurityApp DevelopmentApplication AuditSmart ContractSystem SecurityContent MarketingBlog Writing Want to browse more freelancers?
Sign up
How hiring on Upwork works
1. Post a job
Tell us what you need. Provide as many details as possible, but don’t worry about getting it perfect.
2. Talent comes to you
Get qualified proposals within 24 hours, and meet the candidates you’re excited about. Hire as soon as you’re ready.
3. Collaborate easily
Use Upwork to chat or video call, share files, and track project progress right from the app.
4. Payment simplified
Receive invoices and make payments through Upwork. Only pay for work you authorize.