Hire the Best Information Security Analysts
in the Philippines

More than 3,000 reviews on G2
Rating is 4.5 out of 5.
4.5/5
of Upwork by G2 peer reviewers
Carlo Jay S.

Taguig, Philippines

$10/hr
5.0
1 jobs

I help businesses with cybersecurity operations support, IT troubleshooting, Windows system administration and clear technical documentation. I have 18 years of experience across desktop support, server support, Windows administration, endpoint security, IT operations and cybersecurity. My background includes threat hunting, incident response, SOC alert triage, SIEM/SOAR, EDR/XDR, vulnerability management support, cloud security alerts and security documentation. I am also pursuing a Master’s in Information Security at De La Salle University, which supports my work in cybersecurity research, documentation and security operations. I can help with: - Desktop and laptop troubleshooting - Windows support and system administration - Server support and basic infrastructure operations - Helpdesk / IT support ticket handling - Endpoint security and security tool support - SOC alert review and triage support - Incident report writing and cleanup - Cybersecurity documentation, SOPs, playbooks and tabletop exercise materials - Security operations reporting and executive-friendly summaries - Cybersecurity research and content review My strength is that I can bridge both IT support and cybersecurity. I can troubleshoot technical issues, understand security alerts and explain findings clearly to technical teams, non-technical users or business stakeholders. I do not use or share confidential internal data from previous employers. Any samples I provide are sanitized or created as demo materials. If you need someone with real enterprise IT and cybersecurity experience who can troubleshoot, analyze and document clearly, I can help.

  • Information Security
  • Security Analysis
  • Computing & Networking
  • System Administration
  • Computer Network
  • Tech & IT
  • IT Support
  • Cyber Threat Intelligence
  • Incident Response Plan
  • Helpdesk
  • Security Engineering
  • Security Operation Center
  • Information Security Threat Mitigation
  • Customer Service
  • Technical Support
  • Project Management
  • Cybersecurity Tool
  • NIST Cybersecurity Framework
  • Security Infrastructure
  • Security Assessment & Testing
Marlou A.

Taguig, Philippines

$15/hr
5.0
3 jobs

✅ Certified Cybersecurity Professional Specialized in Governance, Risk, and Compliance (GRC). Certified and experienced in protecting businesses from cyber threats. ISO/IEC 27001:2022 Lead Auditor 🔎 Expertise in Risk Assessment & Security Audits Conducting comprehensive risk assessments to identify vulnerabilities. Performing audits to ensure adherence to industry standards. 📜 Compliance with Global Standards Proficient in ISO 27001, ISO 42001, HIPAA, GDPR, and NIST CSF frameworks. Ensuring organizations meet regulatory requirements with ease. 📈 Building Cybersecurity Awareness Designing and delivering tailored security awareness programs. Collaborating with stakeholders to strengthen security culture. 🛠 Proficient in Key Tools Experienced with industry-leading tools like KnowBe4, Auditboard, Vanta, LogicGate, Jira, ClickUp, Google Workspace, and Microsoft 365, enabling efficient risk management and compliance tracking. 🚀 Let’s Work Together I provide tailored solutions to safeguard your assets and elevate your cybersecurity strategy.

  • Information Security
  • Cybersecurity Management
  • Information Security Consultation
  • Microsoft Office
  • Project Management
  • Technical Support
  • IT Compliance Audit
  • Risk Assessment
  • Audition Preparation
  • Governance, Risk Management & Compliance
  • Compliance
  • HIPAA
  • ISO 27001
  • NIST Cybersecurity Framework
  • Information Security Awareness
Marty C.

Pila, Philippines

$120/hr
5.0
36 jobs

I help organisations turn security, risk, and compliance requirements into practical, audit-ready programmes that work in the real world. With 20+ years in information security, governance, and risk management, including a background in secure military communications, I bring a structured and pragmatic approach to complex security and compliance challenges. My focus is not just on meeting framework requirements, but on helping teams prioritise the improvements that reduce risk, support the business, and stand up to audit scrutiny. I regularly support clients with: ▪ ISO/IEC 27001:2022 ISMS implementation and certification readiness. ▪ SOC 2 readiness and control alignment. ▪ ISO/IEC 42001:2023 AI management system implementation. ▪ ISO/IEC 27701, GDPR, NIS 2, DORA, HIPAA, PCI DSS 4.0, CMMC, and NIST-aligned programmes. ▪ Security posture reviews, risk assessments, and control gap analysis. ▪ Prioritising remediation activity based on risk, business impact, and operational constraints. ▪ Policy development, incident response planning, business continuity, and awareness programmes. ▪ Drata configuration, evidence automation, control monitoring, and audit preparation. As a Drata Technical Certified consultant, I help clients configure compliance tooling so it supports the way they actually operate. This includes mapping controls across frameworks, automating evidence collection, tracking risks and tasks, and giving leadership a clearer view of readiness and exposure. Recent work includes: ▪ Leading a full ISO/IEC 27001:2022 implementation for a SaaS provider, achieving certification with zero nonconformities or Opportunities for Improvement (OFIs). ▪ Delivering risk assessment, business impact analysis, and a full policy suite for a US MSP, with ongoing work around training and awareness. ▪ Leading a dual ISO/IEC 27001:2022 and ISO/IEC 42001:2023 implementation in Drata for a global compliance firm, including AI risk and impact assessment. ▪ Supporting an Australian SaaS firm with ISO/IEC 27001:2022 ISMS implementation. ▪ Supporting security and compliance programmes where the priority is translating complex requirements into clear, actionable improvements. My approach is practical and outcome-focused. I help teams understand what needs attention first, why it matters, and how to move from intent to implementation without unnecessary complexity. That includes prioritising remediation activity based on risk, business impact, operational constraints, and the realities of how the organisation works. Clients usually come to me when they need: ▪ Clear, structured, audit-ready delivery. ▪ Practical implementation rather than theoretical advice. ▪ Help prioritising security and compliance improvements. ▪ Strong hands-on experience with Drata and GRC tooling. ▪ Someone who can work comfortably with technical, operational, and leadership teams. If you need an experienced partner to help build, improve, or prioritise your security and compliance programme, I can help.

  • Information Security
  • Cybersecurity Management
  • Information Security Audit
  • Policy Writing
  • ISO 27001
  • Governance, Risk Management & Compliance
  • Risk Management
  • Risk Assessment
  • NIST Cybersecurity Framework
  • NIST SP 800-53
  • PCI DSS
  • SOC 2
  • HIPAA
  • Technical Writing
  • GDPR
Robin D.

Marikina City, Philippines

$40/hr
5.0
2 jobs

As the Principal Consultant at VikingCloud, I lead a team of talented security consultants who perform penetration assessments for various customers across different industries and domains. I have over six years of experience in web application and network vulnerability assessment and penetration testing (VAPT), and I hold the OffSec Certified Professional (OSCP) and Certified Bug Bounty Hunter (CBBH) credentials, which demonstrate my technical skills and ethical hacking mindset. My mission is to secure web apps and networks from malicious attackers and help customers improve their security posture and resilience. I am passionate about security research and bug hunting, and I have participated in several bug bounty programs and disclosed multiple vulnerabilities to various organizations. I also enjoy sharing my knowledge and expertise with others, and I have conducted web VAPT training for aspiring security professionals.

  • Information Security
  • Information Security Consultation
  • Penetration Testing
  • Web App Penetration Testing
  • Network Penetration Testing
Charls Darwin D.

Rosario, Philippines

$35/hr
5.0
10 jobs

An IT audit (internal & external) professional expert in ITGC/GITC and ITAC testing, infrastructure reviews (OS & DB), SOx Compliance Testing, SOC 1, 2 and 3 and their gap assessments, comprehensive in IT processes (Access, Change & IT Operations) and FAIT engagements.

  • Network Security
  • SOC 1 Report
  • HIPAA
  • IT Compliance Audit
  • SOC 2 Report
  • ISO 27001
  • Project Risk Management
  • Policy Writing
  • Internal Auditing
  • Audition Preparation
  • IT General Controls Testing
Oscar Jr P.

Quezon City, Philippines

$30/hr
4.7
8 jobs

Seasoned and results-driven network and information security professional with proven experience in planning, developing, implementing and integrating security solutions to address business needs. Solid experience in enterprise firewall management, business continuity and disaster recovery planning, IT audit, compliance & governance, vulnerability assessment and patch management, incident and change management, intrusion detection/prevention (IDS/IPS), and security log analysis (SIEM). Subject Matter Expertise: • Vulnerability Assessment/Risk Management • Information Security Governance and Audit & Compliance • Security Information and Event Management (SIEM) • Identity and Access Management (IAM) • Information Security Management • Endpoint Detection and Response (EDR) • DevOps & Cloud Security | GCP Azure AWS • Next Generation Firewall Management • Web Application Security • Information Security Awareness Training • Infrastructure Security Monitoring • Security Operations Management (SOC)

  • Vulnerability Assessment
  • Cisco ASA
  • Security Operation Center
  • Cloud Computing
  • Azure DevOps
  • DevOps
  • Linux System Administration
  • CrowdStrike
  • Palo Alto Firewalls
  • System Administration
  • Splunk
  • FortiGate Firewall
  • Cisco Meraki

How it works

Post a job for free Post a job

Tell us what you need. Create your own job post or generate one with AI then filter talent matches.

Hire top talent fast

Consult, interview, and hire quickly, so you can meet the freelancers you're excited about.

Collaborate easily

Use Upwork to chat or video call, share files, and track project progress right from the app.

Payment simplified

Manage payments in one place with flexible billing options. Only pay for approved work, hourly or by milestone.

Don't just take our word for it

How do I hire a Information Security Analyst in the Philippines on Upwork?

You can hire a Information Security Analyst in the Philippines on Upwork in four simple steps:

  • Create a job post tailored to your Information Security Analyst project scope. We'll walk you through the process step by step.
  • Browse top Information Security Analyst talent on Upwork and invite them to your project.
  • Once the proposals start flowing in, create a shortlist of top Information Security Analyst profiles and interview.
  • Hire the right Information Security Analyst for your project from Upwork, the world's largest work marketplace.

At Upwork, we believe talent staffing should be easy.

How much does it cost to hire a Information Security Analyst?

Rates charged by Information Security Analysts on Upwork can vary with a number of factors including experience, location, and market conditions. See hourly rates for in-demand skills on Upwork.

Why hire a Information Security Analyst in the Philippines on Upwork?

As the world's work marketplace, we connect highly-skilled freelance Information Security Analysts and businesses and help them build trusted, long-term relationships so they can achieve more together. Let us help you build the dream Information Security Analyst team you need to succeed.

Can I hire a Information Security Analyst in the Philippines within 24 hours on Upwork?

Depending on availability and the quality of your job post, it's entirely possible to sign up for Upwork and receive Information Security Analyst proposals within 24 hours of posting a job description.