Hire the Best Information Security Analysts
in the Philippines
Taguig, Philippines
I help businesses with cybersecurity operations support, IT troubleshooting, Windows system administration and clear technical documentation. I have 18 years of experience across desktop support, server support, Windows administration, endpoint security, IT operations and cybersecurity. My background includes threat hunting, incident response, SOC alert triage, SIEM/SOAR, EDR/XDR, vulnerability management support, cloud security alerts and security documentation. I am also pursuing a Master’s in Information Security at De La Salle University, which supports my work in cybersecurity research, documentation and security operations. I can help with: - Desktop and laptop troubleshooting - Windows support and system administration - Server support and basic infrastructure operations - Helpdesk / IT support ticket handling - Endpoint security and security tool support - SOC alert review and triage support - Incident report writing and cleanup - Cybersecurity documentation, SOPs, playbooks and tabletop exercise materials - Security operations reporting and executive-friendly summaries - Cybersecurity research and content review My strength is that I can bridge both IT support and cybersecurity. I can troubleshoot technical issues, understand security alerts and explain findings clearly to technical teams, non-technical users or business stakeholders. I do not use or share confidential internal data from previous employers. Any samples I provide are sanitized or created as demo materials. If you need someone with real enterprise IT and cybersecurity experience who can troubleshoot, analyze and document clearly, I can help.
- Information Security
- Security Analysis
- Computing & Networking
- System Administration
- Computer Network
- Tech & IT
- IT Support
- Cyber Threat Intelligence
- Incident Response Plan
- Helpdesk
- Security Engineering
- Security Operation Center
- Information Security Threat Mitigation
- Customer Service
- Technical Support
- Project Management
- Cybersecurity Tool
- NIST Cybersecurity Framework
- Security Infrastructure
- Security Assessment & Testing
Taguig, Philippines
✅ Certified Cybersecurity Professional Specialized in Governance, Risk, and Compliance (GRC). Certified and experienced in protecting businesses from cyber threats. ISO/IEC 27001:2022 Lead Auditor 🔎 Expertise in Risk Assessment & Security Audits Conducting comprehensive risk assessments to identify vulnerabilities. Performing audits to ensure adherence to industry standards. 📜 Compliance with Global Standards Proficient in ISO 27001, ISO 42001, HIPAA, GDPR, and NIST CSF frameworks. Ensuring organizations meet regulatory requirements with ease. 📈 Building Cybersecurity Awareness Designing and delivering tailored security awareness programs. Collaborating with stakeholders to strengthen security culture. 🛠 Proficient in Key Tools Experienced with industry-leading tools like KnowBe4, Auditboard, Vanta, LogicGate, Jira, ClickUp, Google Workspace, and Microsoft 365, enabling efficient risk management and compliance tracking. 🚀 Let’s Work Together I provide tailored solutions to safeguard your assets and elevate your cybersecurity strategy.
- Information Security
- Cybersecurity Management
- Information Security Consultation
- Microsoft Office
- Project Management
- Technical Support
- IT Compliance Audit
- Risk Assessment
- Audition Preparation
- Governance, Risk Management & Compliance
- Compliance
- HIPAA
- ISO 27001
- NIST Cybersecurity Framework
- Information Security Awareness
Pila, Philippines
I help organisations turn security, risk, and compliance requirements into practical, audit-ready programmes that work in the real world. With 20+ years in information security, governance, and risk management, including a background in secure military communications, I bring a structured and pragmatic approach to complex security and compliance challenges. My focus is not just on meeting framework requirements, but on helping teams prioritise the improvements that reduce risk, support the business, and stand up to audit scrutiny. I regularly support clients with: ▪ ISO/IEC 27001:2022 ISMS implementation and certification readiness. ▪ SOC 2 readiness and control alignment. ▪ ISO/IEC 42001:2023 AI management system implementation. ▪ ISO/IEC 27701, GDPR, NIS 2, DORA, HIPAA, PCI DSS 4.0, CMMC, and NIST-aligned programmes. ▪ Security posture reviews, risk assessments, and control gap analysis. ▪ Prioritising remediation activity based on risk, business impact, and operational constraints. ▪ Policy development, incident response planning, business continuity, and awareness programmes. ▪ Drata configuration, evidence automation, control monitoring, and audit preparation. As a Drata Technical Certified consultant, I help clients configure compliance tooling so it supports the way they actually operate. This includes mapping controls across frameworks, automating evidence collection, tracking risks and tasks, and giving leadership a clearer view of readiness and exposure. Recent work includes: ▪ Leading a full ISO/IEC 27001:2022 implementation for a SaaS provider, achieving certification with zero nonconformities or Opportunities for Improvement (OFIs). ▪ Delivering risk assessment, business impact analysis, and a full policy suite for a US MSP, with ongoing work around training and awareness. ▪ Leading a dual ISO/IEC 27001:2022 and ISO/IEC 42001:2023 implementation in Drata for a global compliance firm, including AI risk and impact assessment. ▪ Supporting an Australian SaaS firm with ISO/IEC 27001:2022 ISMS implementation. ▪ Supporting security and compliance programmes where the priority is translating complex requirements into clear, actionable improvements. My approach is practical and outcome-focused. I help teams understand what needs attention first, why it matters, and how to move from intent to implementation without unnecessary complexity. That includes prioritising remediation activity based on risk, business impact, operational constraints, and the realities of how the organisation works. Clients usually come to me when they need: ▪ Clear, structured, audit-ready delivery. ▪ Practical implementation rather than theoretical advice. ▪ Help prioritising security and compliance improvements. ▪ Strong hands-on experience with Drata and GRC tooling. ▪ Someone who can work comfortably with technical, operational, and leadership teams. If you need an experienced partner to help build, improve, or prioritise your security and compliance programme, I can help.
- Information Security
- Cybersecurity Management
- Information Security Audit
- Policy Writing
- ISO 27001
- Governance, Risk Management & Compliance
- Risk Management
- Risk Assessment
- NIST Cybersecurity Framework
- NIST SP 800-53
- PCI DSS
- SOC 2
- HIPAA
- Technical Writing
- GDPR
Marikina City, Philippines
As the Principal Consultant at VikingCloud, I lead a team of talented security consultants who perform penetration assessments for various customers across different industries and domains. I have over six years of experience in web application and network vulnerability assessment and penetration testing (VAPT), and I hold the OffSec Certified Professional (OSCP) and Certified Bug Bounty Hunter (CBBH) credentials, which demonstrate my technical skills and ethical hacking mindset. My mission is to secure web apps and networks from malicious attackers and help customers improve their security posture and resilience. I am passionate about security research and bug hunting, and I have participated in several bug bounty programs and disclosed multiple vulnerabilities to various organizations. I also enjoy sharing my knowledge and expertise with others, and I have conducted web VAPT training for aspiring security professionals.
- Information Security
- Information Security Consultation
- Penetration Testing
- Web App Penetration Testing
- Network Penetration Testing
Rosario, Philippines
An IT audit (internal & external) professional expert in ITGC/GITC and ITAC testing, infrastructure reviews (OS & DB), SOx Compliance Testing, SOC 1, 2 and 3 and their gap assessments, comprehensive in IT processes (Access, Change & IT Operations) and FAIT engagements.
- Network Security
- SOC 1 Report
- HIPAA
- IT Compliance Audit
- SOC 2 Report
- ISO 27001
- Project Risk Management
- Policy Writing
- Internal Auditing
- Audition Preparation
- IT General Controls Testing
Quezon City, Philippines
Seasoned and results-driven network and information security professional with proven experience in planning, developing, implementing and integrating security solutions to address business needs. Solid experience in enterprise firewall management, business continuity and disaster recovery planning, IT audit, compliance & governance, vulnerability assessment and patch management, incident and change management, intrusion detection/prevention (IDS/IPS), and security log analysis (SIEM). Subject Matter Expertise: • Vulnerability Assessment/Risk Management • Information Security Governance and Audit & Compliance • Security Information and Event Management (SIEM) • Identity and Access Management (IAM) • Information Security Management • Endpoint Detection and Response (EDR) • DevOps & Cloud Security | GCP Azure AWS • Next Generation Firewall Management • Web Application Security • Information Security Awareness Training • Infrastructure Security Monitoring • Security Operations Management (SOC)
- Vulnerability Assessment
- Cisco ASA
- Security Operation Center
- Cloud Computing
- Azure DevOps
- DevOps
- Linux System Administration
- CrowdStrike
- Palo Alto Firewalls
- System Administration
- Splunk
- FortiGate Firewall
- Cisco Meraki
How it works
Post a job for free Post a job
Tell us what you need. Create your own job post or generate one with AI then filter talent matches.
Hire top talent fast
Consult, interview, and hire quickly, so you can meet the freelancers you're excited about.
Collaborate easily
Use Upwork to chat or video call, share files, and track project progress right from the app.
Payment simplified
Manage payments in one place with flexible billing options. Only pay for approved work, hourly or by milestone.
Don't just take our word for it
“Upwork provides an umbrella-level of security. I can see a talent’s work history and ratings. I can hold payments in escrow. I can communicate through Upwork Messages instead of working through my email address.”
Kim Darling
Emerald Tiger
“Upwork is the best platform to hire skilled professionals when we're not looking for a full-time employee. All the companies in our portfolio use Upwork to find talent across a wide range of fields.”
David Merry
Kinetic Investments
“Our very specific requirements can be a challenge—With Upwork, we’re able to access a bigger community to ensure the success of our projects.”
Katja Krohn
Summa Linguae
How do I hire a Information Security Analyst in the Philippines on Upwork?
You can hire a Information Security Analyst in the Philippines on Upwork in four simple steps:
- Create a job post tailored to your Information Security Analyst project scope. We'll walk you through the process step by step.
- Browse top Information Security Analyst talent on Upwork and invite them to your project.
- Once the proposals start flowing in, create a shortlist of top Information Security Analyst profiles and interview.
- Hire the right Information Security Analyst for your project from Upwork, the world's largest work marketplace.
At Upwork, we believe talent staffing should be easy.
How much does it cost to hire a Information Security Analyst?
Rates charged by Information Security Analysts on Upwork can vary with a number of factors including experience, location, and market conditions. See hourly rates for in-demand skills on Upwork.
Why hire a Information Security Analyst in the Philippines on Upwork?
As the world's work marketplace, we connect highly-skilled freelance Information Security Analysts and businesses and help them build trusted, long-term relationships so they can achieve more together. Let us help you build the dream Information Security Analyst team you need to succeed.
Can I hire a Information Security Analyst in the Philippines within 24 hours on Upwork?
Depending on availability and the quality of your job post, it's entirely possible to sign up for Upwork and receive Information Security Analyst proposals within 24 hours of posting a job description.
Find more freelancers
Top cities for Information Security Analysts in the Philippines
- Accounts Receivable Managers in Cagayan de Oro, PH
- Accounts Receivable Managers in Calamba City, PH
- Auditors in Naga, PH
- Auditors in Manila, PH
- Insurance Coverage Analysis Specialists in San Jose del Monte, PH
- Project Planners in Mandaluyong City, PH
- Construction Managers in Manila, PH
- Journalists in Manila, PH
- Network Designers in Pasig City, PH
- Network Designers in Taguig, PH
- Cooks in Cebu City, PH
- Cooks in Quezon City, PH
- Insurance Consultants in San Jose del Monte, PH
- Civil Engineers in Batangas, PH
- Civil Engineers in Cagayan de Oro, PH
- Civil Engineers in Cebu City, PH
More top skills in the Philippines
- Internet Security Specialists in the Philippines
- Network Security Engineers in the Philippines
- Penetration Testers in the Philippines
- Malware Analysts in the Philippines
- Data Protection Specialists in the Philippines
- Cisco Certified Network Associate (CCNA) in the Philippines
- HIPAA Specialists in the Philippines
- System Administrators in the Philippines
- Cisco Certified Network Professional (CCNP) in the Philippines
- Fraud Analysts in the Philippines
- VPN Specialists in the Philippines
- Virus Removal Specialists in the Philippines
- VOIP Administrators in the Philippines
- Network Administrators in the Philippines
- Social Network Administrators in the Philippines
- Network Engineers in the Philippines
Similar Information Security Analyst Skills
- Information Security Analysts
- Information Security Audit Professionals
- Wireless Security Specialists
- Security Consultants
- White Hat Hackers
- Cybersecurity Experts
- Network Security Engineers
- Internet Security Specialists
- Certified Information Systems Security Professionals (CISSP)
- DevSecOps Engineers
- Privacy Specialists
- Certified AWS Security Specialists