Hire the Best Information Security Analysts
in Sri Lanka

More than 3,000 reviews on G2
Rating is 4.5 out of 5.
4.5/5
of Upwork by G2 peer reviewers
Lakshan S.

Colombo, Sri Lanka

$25/hr
4.0
1 jobs

Cybersecurity Engineer | SOC & SIEM | Microsoft 365 Security | C# .NET Developer I am a cybersecurity engineer with hands-on experience in SOC operations, SIEM design and implementation, Microsoft 365 security, and custom software development. My work covers both operating security tools and building security platforms from the ground up. I focus on practical security. How logs are collected. How detections are written. How identities are abused. How alerts should behave in real environments. Not checkbox security. SIEM Design, Build & Implementation I have experience building and operating SIEM environments, not just using existing dashboards. Microsoft Sentinel • Designing Sentinel workspaces and data architecture • Onboarding Microsoft 365, Entra ID, Defender, and Azure logs • Writing KQL queries for detections and investigations • Building analytic rules aligned to MITRE ATT&CK • Creating workbooks for security visibility and reporting • Alert triage and incident workflows AWS-Based SIEM & Cloud Security Labs • Designing cloud-native SIEM labs using AWS • Centralized log ingestion from cloud and endpoint sources • Threat detection using cloud logs and endpoint telemetry • Building dashboards and detections for real-world attack scenarios • Hands-on work with brute force detection, privilege misuse, and suspicious access patterns Wazuh SIEM • Wazuh Manager and agent deployment • Log source onboarding and validation • Agent configuration and health verification • Rule review and alert behavior analysis • Endpoint security monitoring using Wazuh Splunk • SPL-based detection engineering • Custom searches and correlation logic • Security dashboards and visualizations • Log normalization and noise reduction Security Operations (SOC) • Security alert triage and investigation • False positive analysis and alert tuning • Incident escalation workflows • MITRE ATT&CK mapping • SOC documentation and handover notes Microsoft 365 & Identity Security • Microsoft Entra ID administration • MFA enforcement and Conditional Access baselines • Admin role design and least-privilege access • Microsoft Defender for Endpoint and Office 365 • Identity-related alert investigation and response Software Development Experience I also design and build custom applications and websites, often used for internal tooling, reporting, and automation. Desktop Applications • C# and .NET (WinForms, WPF) • Internal tools for monitoring and reporting • Secure handling of credentials and system data Web Development • Responsive websites built from scratch • HTML, CSS, JavaScript • Backend development using C# and .NET • REST API integrations I work code-first using VS Code or Visual Studio. No drag-and-drop builders. Tools & Technologies • Languages: C#, .NET, JavaScript • SIEM: Microsoft Sentinel, Splunk, Wazuh • Cloud: AWS, Azure • Microsoft Stack: Entra ID, Defender, Microsoft 365 • Query Languages: KQL, SPL • Operating Systems: Windows, Linux What You Can Expect • SIEMs that are actually usable • Detections that reduce noise • Clear documentation • Strong understanding of security, cloud, and systems • Direct, honest communication Suitable Projects • SIEM design and implementation • Microsoft Sentinel or Splunk detection engineering • SOC operations and alert tuning • Microsoft 365 security hardening • Cloud security monitoring • Custom security tooling and applications If you’re looking for someone who understands how security works in real environments and can both build and operate security systems, I’m happy to discuss your project.

  • Web Development
  • Cybersecurity Monitoring
  • Security Operation Center
  • Incident Response Readiness Assessment
  • Security Engineering
  • Microsoft Azure
  • Clover POS System
  • Technical Support
  • Content Writing
  • Website Builder
  • Web Hosting
  • Logo Design
  • Poster Design
  • C#
  • AI Bot
Heshan B.

Kuliyapitiya, Sri Lanka

$20/hr
5.0
5 jobs

As a highly motivated cybersecurity enthusiast, I am committed to leveraging my expertise in IT infrastructure and security. Employing a proactive approach, my proficiency extends to delivering managed security services, specializing in Microsoft and Cloudflare solutions, and vulnerability management. And I'm Specialised in : • DDoS Protection Services for Web/ Game Servers. • Microsoft Security Solutions ( Intune / Azure Sentinel / Defender for Cloud, Office 365, Endpoints) • Cloudflare. • Tanium / Tufin / BIG ID Consultancy services. • Zscaler Internet Access and Private Access • Zscaler OWASP AppProtection • Endpoint Detection and Response - Integration and Deploy • Vulnerability Management • Attack Simulation • AWS, Azure Security Solutions • AWS Code Deploy and Code Build • Cyber Essentials and Essentials Plus UK (helps organizations to implement controls) • SIEM Deployment and Configuration ( Wazuh, Azure Sentinel ) • Azure, AWS Cloud infrastructure configuration and Support

  • Information Security
  • Cybersecurity Management
  • Penetration Testing
  • Vulnerability Assessment
  • Cloud Computing
  • Cloud Security
  • Zero Trust Architecture
  • Microsoft Intune
  • Microsoft Azure
  • Amazon Web Services
  • AWS CodeBuild
  • AWS CodeDeploy
  • AWS CodePipeline
  • OWASP
  • Security Operation Center
Gayan K.

Kandy, Sri Lanka

$75/hr
5.0
2 jobs

I work as a Virtual CISO (vCISO), helping organisations manage cyber risk, achieve compliance, and build security programs—without the cost of a full-time CISO.

  • Information Security
  • Security Analysis
  • Vulnerability Assessment
  • System Administration
  • Data Entry
  • Internet Marketing
  • Adobe Creative Suite
  • Graphic Design
  • Computer Network
  • Logo Design
  • Security Assessment & Testing
  • Risk Assessment
  • Governance, Risk Management & Compliance
  • ISO 27001
  • NIST Cybersecurity Framework
  • SOC 2
Anushka S.

Maharagama, Sri Lanka

$30/hr
5.0
119 jobs

Currently based in east coast USA, I am a seasoned IT professional with over 15 years of experience in multiple domains in IT such as Information Security and auditing, IT Project Management, IT Infrastructure Management, IT Operations, Business Analysis, Business Continuity and DR planning etc. Last worked as the Head of IT for five years in the Sri Lankan business of AIA Group, which is the largest insurance company in the world. I am now working as a freelance Consultant and accolade with the status 'TOP RATED' in Upwork. My skills are supported by industry leading professional and academic qualifications:- - Master of Science in Project Management from AeU - Malaysia - Certified Information Security Manager (CISM) from ISACA - USA - Certified Information Systems Auditor (CISA) from ISACA - USA - Certified in Risk & Information Systems Controls (CRISC) from ISACA - USA - Certified Data Privacy Solutions Engineer(CDPSE) from ISACA - USA - Certified Information Systems Security Professional (CISSP) from ISC2 - USA - HealthCare Information Security and Privacy Practitioner (HCISPP) from ISC2 - USA - GIAC Certified Intrusion Analyst (GCIA) from SANs USA - GIAC Continuous Monitoring Certification (GMON} from SANs USA - Project Management Professional (PMP) from PMI - USA - Working knowledge in ITIL V3 I have expert knowledge in multiple disciplines: **Information Security** - Development of Information Security Policies/ Procedures and Standards aligned to ISO27001/2 or NIST standards. - Development of Security Baseline Documents - Vulnerability Assessments and Penetration Testing (VAPT) - Assist in responding to Security Questionnaires - Risk Management Documentation - Business Continuity and Disaster Recovery Plans (DRP) - Cloud Security Enhancements - Good working knowledge on HIPAA, PCI DSS, ISO, GDPR, NY CRR500, FERPA etc. - Any other Information Security Related Tasks **Project Management** - Development of Business cases, Project Plans, Project Initiation Documents, Project Risk Logs and any other projects related documents and templates. - Developing Project Management Frameworks - Implementation assistance on Project Management tools such as Wrike or Asana - Project Management Support **Information Systems (IS) Auditing** - Develop Audit Programs - Conduct IS Audits (General Controls) - Conduct Specialized Audits (Cloud computing/Active Directory/ MS SQL etc) - Regulatory Compliance Reviews **IT Technical & Academic Writing** - User manuals both graphical/ text based and animated (simulations) - Undertake IT technical and academic writing on Information Security, Project Management or any other suitable topic. Passion and commitment keeps me fully engaged with clients to always deliver more value. Please get in touch and looking forward to work with you. Fluent in English and contactable through Upwork, Skype or WhatsApp Thank you

  • Information Security
  • Network Security
  • Security Assessment & Testing
  • Security Policies & Procedures Documentation
  • IT Management
  • System Administration
  • Technical Writing
  • Information Technology Operations
  • Project Management Professional
  • Academic Writing
  • Splunk
  • Information Security Audit

How it works

Post a job for free Post a job

Tell us what you need. Create your own job post or generate one with AI then filter talent matches.

Hire top talent fast

Consult, interview, and hire quickly, so you can meet the freelancers you're excited about.

Collaborate easily

Use Upwork to chat or video call, share files, and track project progress right from the app.

Payment simplified

Manage payments in one place with flexible billing options. Only pay for approved work, hourly or by milestone.

Don't just take our word for it

How do I hire a Information Security Analyst in Sri Lanka on Upwork?

You can hire a Information Security Analyst in Sri Lanka on Upwork in four simple steps:

  • Create a job post tailored to your Information Security Analyst project scope. We'll walk you through the process step by step.
  • Browse top Information Security Analyst talent on Upwork and invite them to your project.
  • Once the proposals start flowing in, create a shortlist of top Information Security Analyst profiles and interview.
  • Hire the right Information Security Analyst for your project from Upwork, the world's largest work marketplace.

At Upwork, we believe talent staffing should be easy.

How much does it cost to hire a Information Security Analyst?

Rates charged by Information Security Analysts on Upwork can vary with a number of factors including experience, location, and market conditions. See hourly rates for in-demand skills on Upwork.

Why hire a Information Security Analyst in Sri Lanka on Upwork?

As the world's work marketplace, we connect highly-skilled freelance Information Security Analysts and businesses and help them build trusted, long-term relationships so they can achieve more together. Let us help you build the dream Information Security Analyst team you need to succeed.

Can I hire a Information Security Analyst in Sri Lanka within 24 hours on Upwork?

Depending on availability and the quality of your job post, it's entirely possible to sign up for Upwork and receive Information Security Analyst proposals within 24 hours of posting a job description.