Hire the best Information Security Audit professionals

Check out Information Security Audit professionals with the skills you need for your next job.
Clients rate Information Security Audit professionals
Rating is 4.6 out of 5.
4.6/5
based on 205 client reviews
  • $50 hourly
    Transforming Information Security into a Competitive Advantage! I have the ability to translate complex compliance requirements into clear and concise language that resonates with the business. I'm a certified senior professional specializing in implementing and managing diverse security frameworks, including ISO 27000 family, SOC 2, PCI, GDPR, HIPAA, FedRAMP and CMMC. With a proven track record of guiding businesses to successful certification, I can help you achieve compliance while mitigating risks. Don't wait until it's too late! Contact me now and avoid drowning in compliance requirements. I'm well-versed in compliance platforms like Thoropass, Drata, StrikeGraph, and TrustCloud. Explore how I can assist you and inquire about my 10% referral discount.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    CMMC
    Risk Management
    Microsoft SQL Server
    Security Framework
    NIST Cybersecurity Framework
    HIPAA
    GDPR
    NIST SP 800-53
    Data Privacy
    Compliance
    Governance, Risk Management & Compliance
    ISO 27001
    SOC 2 Report
    Information Security
  • $149 hourly
    🚫I don't provide hacking or account recovery services!🚫Security, Privacy, and Compliance sell to Enterprises! Join 200+ successful Founders, CTOs, and CEOs in unlocking business opportunities worth millions💲💲 💲by working with the 🥇 Upwork virtual CISO, Security, Privacy, and Compliance consultant (1M+ earnings, 20+ years of enterprise experience)! CEO selling to Pepsi:🎉 "Attila supported the growth of our business into Fortune 100 accounts." CEO selling to Philips: 🍾 "We have achieved the ISO 27001:2022 certification in record time." CEO selling to Morgan Stanley: 🥂"The certification is enabling us to strike a deal with a Fortune 100 client." COO selling to Fannie Mae:👏 "We achieved a successful SOC 2 Type II attestation with no exception." 💭Securing your business, passing security assessments by clients or prospects, and achieving a security certification 𝙨𝙝𝙤𝙪𝙡𝙙 𝙣𝙤𝙩 𝙗𝙚 𝙖 𝙘𝙪𝙢𝙗𝙚𝙧𝙨𝙤𝙢𝙚 𝙖𝙣𝙙 𝙥𝙖𝙞𝙣𝙛𝙪𝙡 𝙚𝙭𝙚𝙧𝙘𝙞𝙨𝙚. 👌 Specialized in business-to-business, providing 💸money-back guaranteed💸 ISO 27001, SOC 2, GDPR, HIPAA, PCI-DSS, CMMC, and FedRAMP projects and affordable virtual CISO (vCISO) services. ----> If you don’t get certified, all my fees will be refunded! <---- 😢Are you busy developing your product or business and don’t have time and resources to be consumed by compliance efforts and endless meetings, halting your production for months? 😢You quickly need quick security or privacy awareness training, cloud security posture assessment (AWS, GCP, Azure), endpoint security (MS 365 - Intune, Jumpcloud, Google Workspace), or penetration testing? 💪Want to decrease your sale cycle by being compliant and having all the answers for the security and privacy questionnaires? 💪Need PCI-DSS ASV (approved scanning vendor) scans to support your PCI compliance? Got your back! 💪Facing the challenges of the security and privacy implications of AI products? 💪Want continuous access to a certified, creditable security, compliance, and privacy professional to manage your security framework? -> Continous virtual CISO (vCISO / fractional CISO) service with affordable weekly payments! 😟Need world-class, battle-proof security and privacy policies? Maybe you need it quickly? The kind of ones that have passed audits by KMPG, Microsoft, PWC, Deloitte, E&Y, Pepsi, Rolex, Uber, Verizon, Philips, Facebook, and many others? 🤔Already purchased a DIY compliance tool (Drata, Vanta, Thoropass/HeyLaika, Sprinto, OneTrust Compliance Automatization/Tugboat Logic, SecureFrame, Strike Graph, Audit Board, Trust Cloud, and so on) but don’t know the next step or don’t have time for it? Click on the green invite button at the top right corner to invite or message me. 📣 🚫No hacking service! Don't ask to hack, crack, or gain access to any accounts, systems, social media, etc. Please note that all invitations for this will be declined. 🚫I only serve businesses, no service for private individuals!🚫 Working with me, you will: ★ Get the burden of security and compliance management taken off your shoulders so you can focus on building your company ★ Get an end-to-end, professionally managed service ★ Get a consultant aiming for long-term support and providing advice and services to enable you to achieve growth-phase plans and targets by establishing a solid security and governance framework to win Enterprise clients. ★ Have access to a pool of hand-picked security professionals for SecOps, DevOps, Cloud security, penetration testing, application security, and endpoint security. --- My stats are: ✅Saved tens of thousands $$$$$ for clients, advising them on the right security tools, solutions, and approach ✅Enabled businesses to generate increases in ARR 💵 by getting them compliant and secure ✅#1 in Information Security and IT compliance categories (1M+ earned) ✅Supporting all time zones ✅Long-term engagements ✅Professional certifications (CISA, CISSP, ISO 27001 IA) Security questionnaire and vendor assessment tools: CyberGRX, Panorays, KY3P (S&P, PWC), RSM, CyberVadis, SIG, CAIQ, VAS, HECVAT, OneTrust, Graphite Connect, Centrl, Whistic, Compliance management tools: Drata, Vanta, Onetrust Compliance Automatization - Tugboat Logic, Sprinto, SecureFrame, Thoropass (HeyLaika), Trust Cloud, Strike Graph, Audit Board, ISMS.online, Instant27001.com Security/Compliance frameworks: ISO 27001, SOC 2, FedRAMP, NIST 800-53, NIST 800-171, NIST CSF, TISAX, HIPAA, HITRUST CSF, GDPR, NERC, ISO 27017, ISO 27018, CMMC, CMMI, TX-RAMP, StateRAMP, AZ-RAMP, NY DFS 23 / NYCRR Part 500, PCI-DSS, FFIEC, C5, ENISA, Center of Information Security (CIS), IRAP. Projects not for me: ✖Asking to fill security questionnaires, providing the appropriate answers but not implementing controls ✖Asking to create falsified audit or assessment reports
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Security Management
    SOC 2
    HIPAA
    SOC 2 Report
    Risk Management
    Cloud Security
    Certified Information Systems Security Professional
    Governance, Risk Management & Compliance
    ISO 27001
    Information Security
    Information Security Consultation
    IT Compliance Audit
    Cybersecurity Management
    Security Policies & Procedures Documentation
  • $60 hourly
    I am a Certified Compliance and Ethics Professional - International (provided by SCCE). I have an Advanced Diploma in Accounting and Business (provided by ACCA). I am ACCA certified. I have 13 years of experience in Compliance, Internal Audit, and Risk Management in Fortune 500 companies in diverse industries (Information Technology, Financial Services, Pharmaceuticals, FMCG, Telecom, and others). I am an experienced professional with a proven track record of delivering profitability, sustainable business growth, operational optimization, and driving innovation. My areas of focus: 1. FCPA, UKBA Compliance. 2. AML/CTF. 3. KYC (Due Diligence). 4. Information Security (ISO 27001, SOC2, NIST). 5. Data Privacy (GDPR, HIPAA, CCPA, PECR, etc). 6. PCI:DSS Compliance. 7. Risk Management (ERM). 8. Internal Audit. 9. Contracts and Policies writing. 10. MSA and ADA compliance. Feel free to contact me whenever it will be convenient for you. Looking forward to hearing from you and hope for our productive cooperation. Regards,
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    ISO 27001
    ISO 9001
    PCI
    Policy Writing
    GDPR
    Anti-Money Laundering
    IT Compliance Audit
    Due Diligence
    Internal Control
  • $90 hourly
    I am a Certified Information Security Auditor (CISA) . I am an expert leading SOC 1/SOC 2 engagements and it's variations (Type I/Type II), ISO27001, HIPAA and HiTrust. I have extensive experience leading compliance design and implementations in preparation for audit engagements including both evidence gathering and report reviews. I have worked both in the internal audit and external audit sectors for one of the largest public accounting firms in the US. I work with businesses of varying sizes from start-up to Cloud 100. I am passionate about "right sizing" business process to narrow down the focus areas to drive efficient implementation of controls on an ongoing business. If you have any technology compliance needs or require answers to general compliance questions or guidance feel free to reach out to me.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Business Continuity Plan
    Security Infrastructure
    Regulatory Compliance
    Information Security Governance
    Policy Writing
    Compliance
    GDPR Compliance Review
    SaaS
    SOC 1 Report
    HIPAA
    Compliance Consultation
    IT Compliance Audit
    Risk Assessment
    Sarbanes-Oxley Act
  • $30 hourly
    Looking for a penetration test? We'll give you access to our next-generation penetration testing solution. By combining the power of manual and automated penetration tests, we deliver the real-time insights companies need to remediate risk quickly. Through our Pentest as a Service (PTaaS) platform our clients receive comprehensive assessments. Our methodology follows the National Institute of Standards and Technology Special Publication (NIST SP​ 800-115), along with the latest techniques, tactics and tools used by hackers to compromise systems and applications. Providing real-time findings and unlimited retests to ensure gaps are closed is our key differentiator. Please check my Upwork work history and client feedbacks. I look forward to hearing from you!
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Website Security
    OWASP
    Web Application Security
    Certified Information Systems Security Professional
    Information Security
    Vulnerability Assessment
    Security Testing
    Network Security
    Penetration Testing
  • $55 hourly
    IT Professional with over 30 years experience. 15+ years experience in web development. 8+ Years experience in PCI-DSS Consultation, including level 1 companies, working with QSA's to swiftly obtain compliance. For the past five years, I have been providing GDPR consultation to many small to medium-sized companies. Three years experience with ISO 27001 helping clients get and maintain ISO 27001 accredited certification. I spent 20 years working in various IT roles, mainly support, engineering, and web development, within one of the largest companies in the world. I was awarded Charted IT Professional status from the British Computer Society in July 2008. Since then, I have run my own company with a small team producing web-based platforms and services and offering freelance compliance consultation to small businesses. I have also worked as a CTO on several start-up projects managing their entire IT infrastructure and gaining valuable PCI compliance experience, essential to all e-commerce projects. Due to my experience and varied IT roles, I have a good knowledge of web design, programming, databases, security, SEO, troubleshooting, technical writing & more. I am a highly organised and reliable individual, utilising existing knowledge and experiences to find practical solutions to even the most complex project.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Compliance Consultation
    Data Privacy
    Vulnerability Assessment
    Information Security
    PCI DSS
    Data Protection
    Website Security
    PCI
    Compliance
    ISO 27001
    Risk Assessment
    GDPR
    Web Content Accessibility Guidelines
    Security Analysis
  • $150 hourly
    I am the CEO & founder of BetterCyber Consulting, a cybersecurity consulting, technology, and managed services company helping startups and micro, small, and mid-sized companies create secure operating environments to increase business opportunities. I am also part of Upwork's Expert-Vetted Talent program. My priority is to create cost-effective, business-focused, and risk-driven cybersecurity solutions to help my clients secure their information assets against cyber threats. Before leaving corporate America, I held several cybersecurity positions, from operations to strategy and architecture, in Fortune 100 companies, such as PayPal Holdings, Inc. and Marathon Petroleum Corporation. I hold a bachelor's degree in Telecommunications Engineering from the Airforce University in Argentina, a master's degree in Information Security Engineering from the SANS Technology Institute, and many cybersecurity certifications, including CISSP (Certified Information Systems Security Professional) and GSE (GIAC Security Expert).
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    WordPress Malware Removal
    Malware Removal
    CMMC
    Risk Assessment
    Cloud Security
    Internet Security
    Information Security Awareness
    Security Engineering
    Security Analysis
    Email Security
    Penetration Testing
    Information Security
    Security Policies & Procedures Documentation
    Cybersecurity Management
  • $95 hourly
    Ex-Big 4 senior consultant, based in London with 8+ years of experience in assisting clients in cybersecurity, IT compliance, AI security management and security risk assessment projects. ❗You have lost contracts because you were not certified? ❗Your clients pressure you to provide them with an information security certification (PCI-DSS, SOC 2, ISO 27001, HIPAA, FedRAMP, CMMC, ISO 42001) ? ❗You don't know what to answer to the security assessment questionnaire you recently received from your biggest client & it's taking too much time ? ❗You don't have time and resources to be consumed by compliance efforts and endless meetings? ❗You are struggling to understand the certification process, the related cost, and the timelines? ❗You just purchased a compliance tool (Drata, Vanta, Thoropass/HeyLaika, Sprinto, OneTrust/Tugboat, SecureFrame, Strike Graph, Audit Board, TrustCloud) but don't know the next step or don't have time for it? Services provided: 📝 Policies & Procedure writing & review 📝 Security gap analysis (based on frameworks on your choice, ISO 27001, NIST, SOC 2, etc.) 📝 IT and Compliance Audits 📝 Performing Risk Assessments, risk treatments, and establishing actions plans & roadmaps. 📝 Evaluation of the existing IT security state of maturity against established standards & regulatory requirements. 📝 Organization-wide security strategy 📝 Support in Governance, Risk & Compliance (GRC) projects 📝 Cloud security governance, management and strategy 📝 Security Operations 📝 DPO service: I can provide you with assistance with regards to GDPR/CCPA compliance, policy writing/reviewing, GDPR gap assessment analysis, and accompanying you in your GDPR compliance journey and Data Privacy requirements. 📝 CISO service: I can provide you with assistance and support in defining your security strategy, putting in place action plans and following up implementation over the long run. 💥WHY ME AND NOT ANOTHER FREELANCER?💥 ✅ Big 4 consultant expertise. End-to-end managed security services. ✅ All work is completed by myself, with constant communication with you and taking into account your every remark & need. ✅ Excellent Client Reviews: I focus on providing you with VALUE and earning your TRUST. ✅ Over-Delivering: I focus on GIVING you more than what I expect to RECEIVE. I am happy when my client's expectations are exceeded. ✅ Responsiveness: All lines of communications are open, and I can be reached very easily. ✅ Kindness & Ethics: As security and compliance professional, we hold ourselves to high ethical values, treating everyone with respect, understanding and genuinely IMPROVING my client's situation. Let's get in touch. (The hourly rate shown is indicative only, as I adapt depending on the project and client's budget) Security questionnaire and vendor assessment tools: CyberGRX, Panorays, KY3P (S&P, PWC), RSM, CyberVadis, SIG, CAIQ, VAS, HECVAT, OneTrust, Graphite Connect, Centrl, Whistic, Compliance management tools: Drata, Vanta, Onetrust Compliance Automatization - Tugboat Logic, Sprinto, SecureFrame, Thoropass (HeyLaika), Trust Cloud, Strike Graph, Audit Board, ISMS.online, Instant27001.com Security/Compliance frameworks: ISO 27001, SOC 2, FedRAMP, NIST 800-53, NIST 800-171, NIST CSF, TISAX, HIPAA, HITRUST CSF, GDPR, NERC, ISO 27017, ISO 27018, CMMC, CMMI, TX-RAMP, StateRAMP, AZ-RAMP, NY DFS 23 / NYCRR Part 500, PCI-DSS, FFIEC, C5, ENISA, Center of Information Security (CIS), IRAP, ISO 42001
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Certified Information Systems Security Professional
    Cloud Security
    Governance, Risk & Compliance Software
    Security Management
    Data Privacy
    SOC 2 Report
    GDPR
    IT Compliance Audit
    Risk Assessment
    ISO 27001
    Information Security
    Security Policies & Procedures Documentation
    Vulnerability Assessment
    Information Security Consultation
  • $25 hourly
    Welcome to my profile! As an accredited ISO 9001 and ISO 27001 Lead Auditor, I bring a wealth of expertise in driving quality management and information security standards for businesses of all sizes. My passion lies in helping organizations streamline their processes, enhance operational efficiency, and secure their information assets. What I Offer: ⚡ Comprehensive Auditing: In-depth audits for ISO 9001 (Quality Management Systems) and ISO 27001 (Information Security Management Systems), ensuring compliance and identifying areas for improvement. ⚡ Customized Solutions: Tailored advice and strategies to meet your specific organizational needs, while aligning with international standards. ⚡ Continuous Improvement: Guidance on implementing best practices for ongoing quality and security enhancements. ⚡ Risk Management: Expert analysis and recommendations to mitigate risks, ensuring robust and resilient systems. ⚡ Training and Support: Providing staff training and support to understand and effectively implement ISO standards. Why Choose Me? ⚡ Proven Track Record: Years of experience successfully auditing and consulting various companies, leading to enhanced quality and security standards. ⚡ Client-Centric Approach: I prioritize understanding your unique challenges and goals to provide the most effective solutions. ⚡ Up-to-Date Knowledge: Constantly updating my skills and knowledge to stay at the forefront of ISO standards and auditing techniques. ⚡ Detail-Oriented: Meticulous attention to detail, ensuring no aspect of your systems is overlooked. ⚡ Effective Communication: Clear and concise communication to ensure you are informed and engaged throughout the auditing process. Whether you're looking to achieve initial ISO certification, maintain compliance, or improve your existing systems, I am here to guide you every step of the way. Let's work together to elevate your organization's quality and security standards to new heights! Contact Information: ✉️ Email: heeanaacharya@outlook.com 📱 Phone: +91 9718835704 🗓️ Calendar: calendly.com/heenasharma/isoconsultation
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    HIPAA
    SOC 3
    GDPR
    SOC 2 Report
    ISO 9000
    ISO 9001
    CMMC
    SOC 1
    Six Sigma
    ISO/IEC 20000
    ISO 27017
    ISO 27018
    ISO 27001
    ISO 14001
    SOC 2
  • $25 hourly
    ⚡ TOP RATED Freelancer | ⚡ 11+ Years Experience I'm a Top Rated Upwork Freelancer and Offer Services in Malware Removal, Virus Removal, Ethical Hacking / Internet Security, WordPress Speed Optimization, Websites Transfer, SSL Installation, WordPress Development, Linux Server Administration and Zen Cart / Drupal / MODX / Moodle / Joomla Upgrade. Over the last 11 years, I Have Worked on 4000+ Websites Security (Cleaning from Malicious Code and Hardening Security), 1000+ Websites Transfer, 200+ WordPress Websites Speed Optimization (Delivered Results As Per Google PageSpeed Insights, GTmetrix) and 500+ SSL Installs (Including HTTP to HTTPS migration). Service Description: 1. Malware / Virus Removal from Websites (Cleaning Hacked Websites) and Servers. ✔100% Malware Cleanup Including Database Clean ✔Japanese Keyword Hack, SEO Spam / Pharma Hack Fix ✔Credit Card Stealers and Ecommerce Malware Fix ✔Google Blacklist Removal (This Site may be Hacked), Google Deceptive Warning Fix ✔McAfee SiteAdvisor, Norton Blacklist or Any VirusTotal Based Blacklist Fix ✔WP-VCD Malware, Backdoor / Malicious Javascript / Conditional Redirects Fix 2. Website Security Maintenance (Implementing Future Security Measures and Guiding How to Maintain Security for the Future). 3. Website Transfer/Migrate to New Host / Domain (Any PHP-based CMS or Custom-coded Website). 4. SSL Install, HTTP to HTTPS Migration with Secure Padlock. 5. WordPress (Websites Development and Troubleshooting Which Includes Fixing Critical Error / Fatal Errors). 6. Linux Server Administration. 7. Optimize and Increase the Speed of WordPress Websites. 8. Zen Cart / Drupal / MODX / Moodle / Joomla Upgrade (Upgrade to the Latest Stable Version). 9. Penetration Testing (Checking Websites for Security Vulnerabilities).
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Website Migration
    WordPress Malware Removal
    WordPress
    SSL
    McAfee VirusScan
    Internet Security
    Website Security
    Virus Removal
    Penetration Testing
    Malware Removal
    Firewall
    Vulnerability Assessment
    Network Security
  • $30 hourly
    Hi, If you need a cyber security and information security professional with higher education (Ph.D.), certification(CISSP), and experience(CISO, Enterprise SOC design, and management, GRC, Security Architect) with a proven top-rated plus profile, I am here. Let's make your organization a safe and secure place for your precious information and data. As a cybersecurity architect and information security compliance expert, my primary focus is safeguarding sensitive data and ensuring critical information systems' integrity, confidentiality, and availability. I have extensive experience in designing and implementing robust security solutions that protect against cyber threats and comply with industry regulations. I thrive in dynamic and challenging environments, constantly adapting to emerging technologies and staying ahead of the evolving threat landscape. My expertise includes conducting risk assessments, developing security policies and procedures, and leading incident response teams. As a cybersecurity expert, I have a proven track record of implementing and maturing industry-leading standards such as the NIST Cybersecurity Framework, NIST 800-53, and NIST 800-37, FedRAMP, ISO 27001 ISMS, CMMC v.2. I take pride in designing and developing state-of-the-art cybersecurity operation centers (SOC) from scratch, integrating them seamlessly with network operation centers (NOC). Additionally, I have designed and developed a state-of-the-art Cyber Security Operations Center (SOC) from scratch. By integrating it with the Network Operations Center (NOC), I have created a seamless environment for promptly monitoring and responding to security incidents. To enhance operational efficiency, I have established playbooks, monitoring processes, and incident response procedures that align with industry best practices. This ensures a proactive approach to identifying and mitigating security risks. I hold a Ph.D. in cyberpolitics, specializing in studying the intersection between politics and cyberspace. My research focuses on cyber security threats, online activism, and the impact of digital technologies on political processes. I have extensive experience working with government agencies, private organizations, and non-profit institutions to develop strategies for addressing cyber threats and ensuring a safe and secure digital environment. Additionally, I am an avid writer and have published various articles and research papers on cyberpolitics. -As a leading auditor, I designed, developed, deployed, and reported Enterprise Organizations IT and Information Security Audits. If you need a CISO with higher education, certification, and experience, I am here to help. When I'm not busy securing networks and systems, you can find me exploring the latest trends in cybersecurity, attending industry conferences, and expanding my knowledge through continuous learning. Feel free to reach out if you have any questions or need assistance with cybersecurity. Let's create a secure digital world together. Ibrahim AKDAG CISO CISSP|Ph.D.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Governance, Risk Management & Compliance
    SOC 2 Report
    FedRAMP
    Compliance
    ISO 27001
    Risk Assessment
    CMMC
    NIST SP 800-53
    Penetration Testing
    Security Assessment & Testing
    Vulnerability Assessment
    Cybersecurity Management
    Information Security
  • $125 hourly
    ✅ My methodology for all of my work begins with understanding your business, first and foremost ✅ Seven years experience working in Cyber Security ✅ Certified as a Cyber Security Incident Handler (GCIH) and a Security Auditor (GCCC) ✅ Qualified at BSc level in Computer Security and Forensics ✅ Experience as a Non-Executive Director - I understand the business context as well as the technical and security aspects ✅ Experience in a variety of positions within security: - Technical (SOC analyst) - Risk (Information security officer) - Strategy (cybersecurity strategy specialist) - CISO (chief information security officer) ✅ I am not the type of consultant for a tick-in-the-box approach. If you genuinely want to achieve a better Cyber Security understanding and hygiene, my work quality will be a good fit. Description: A pragmatic, down-to-earth CyberSecurity professional who translates technical jargon into understandable business terms. I have worked in technical roles, risk management and strategy roles in both large enterprises and smaller organisations, giving me a balanced mix of experience when it comes to projects and job duties. I'm currently working as a part-time CISO for a cyber security organisation as well as a part-time freelance consultant. The vast majority of my experience is in the financial services sector, the most heavily regulated and mature industry for cybersecurity. However, I've also worked in retail in addition to a consultancy services role, working directly with customers in identifying breaches and recommending how they can improve their security posture. With cyber security, a business can't focus on improving everything, so it is important to focus on those few areas which give the greatest return on investment. My speciality is explaining cyber related businesses risk in a simple way, and advising on solutions in a rational, quantified manner to maximise ROI, both in effort and cost. I offer practical and pragmatic consultancy with: - vCISO (virtual chief information security officer) - Security training, coaching and awareness - Threat/risk/control assessments - Strategy, framework and policy development - Cyber-essentials certification
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Technical Documentation
    Information Security Awareness
    Security Operation Center
    Information Security Governance
    Risk Assessment
    Cybersecurity Management
    Security Policies & Procedures Documentation
  • $220 hourly
    Former private sector and government executive with leadership, consulting, advising, strategic and business development at the forefront of my professional skills. Compliance expertise in: FISMA, NIST CSF, NIST SPs 800 Series, HIPAA, FedRAMP, PCI DSS, Sarbanes Oxley, GLBA, GDPR, ISO 27001. CISSP with more than 20 years in cybersecurity and IT. Cybersecurity professor and skilled trainer in risk management and compliance, with expertise in developing professionals into the cyber managers and leaders they want to become. I teach fundamentals and advanced coursework in risk assessments, security testing, business continuity, secure application development, and securing emerging technologies. Business expertise in grant and proposal writing, as well as policy and procedure development. Technical writing to include strategic plans, white papers, briefing papers, and presentations. I have been writing, convincing, persuading, and communicating effectively through writing my entire career. I am also effective in providing business capture and business development support.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Nonprofit Organization
    Certified Information Systems Security Professional
    Data Protection
    Policy Writing
    Compliance
    Tech & IT
    Risk Analysis
    Business Continuity Plan
    Business Consulting
    Enterprise Risk Management
    Risk Assessment
    Project Risk Management
    Technical Writing
    Technical Documentation
  • $275 hourly
    *2023 Tampa Business Woman of the Year* *2023 Tampa Small Business of the Year CEO* *Global 2022 Cybersecurity Woman Entrepreneur of the Year* As a Top Rated Upwork Professional with a 100% success rate on multiple projects and CEO of an award winning business, rest assured that I execute at a high level of experience and professionalism. I have 20+ years of certified experience in Information Security and Assurance, Information Technology (IT), Project Management, Training, and Leadership. Master of Science Degree in Information Security and Assurance (MSISA), a Bachelor of Science Degree in Business / IT Management, and multiple active industry certifications including: ► Certified Information Security Manager (CISM) ► Certified Ethical Hacker (CEH) ► Certified Hacking Forensic Investigator (CHFI) ► Certified Penetration Tester (CPT) ► Microsoft Certified System Engineer (MCSE) ► GIAC ISO-27000 Specialist ► CompTIA Security+, Network+, and A+. Prior active duty military (Navy veteran) with extensive experience as Chief Executive Officer (CEO) and Chief Security Officer (CSO) for a Government contractor and in the private sector. I have successfully led and executed dozens of security audits and accreditation efforts all leading to Authorizations to Operate (ATOs) and ISO 27001 preparation that led to zero non-conformities. My area of expertise includes but is not limited to: Cybersecurity Maturity Model Certification (CMMC), DFARS (NIST 800-171), NIST Cybersecurity Framework (CSF), NIST Risk Management Framework (RMF), Independent Verification & Validation (IV&V), ISMS, ISO 27001, Corporate Security Policies & Procedures, Security Awareness, Acceptable Use Policies (AUPs), Remote Access / VPN, Third Party Access and Compliance, System Security Plans (SSPs), Security Test Plans (STPs), Security Control Traceability Matrices (SCTMs), and Plans of Action & Milestones (POA&M). My team, Paragon Cyber Solutions, has in-depth experience with security assessments / audits, penetration testing, ethical hacking, secure code review and development, and workforce enhancement (training and certifications). We are an authorized CMMC C3PAO with the following designations / certifications: 8(a), EDWOSB, DM/DWBE, MBE, veteran, minority owned small business. Contact me for any of your information security needs.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Procedure Development
    GDPR
    ISO 27001
    Information Security Governance
    Certified Information Systems Security Professional
    Cloud Security Framework
    Information Security Awareness
    Internet Security
    Certified Information Security Manager
    Security Assessment & Testing
    Information Security
    Network Security
  • $55 hourly
    I’ve helped companies get ISO 27001/SOC-2/PCI-DSS/FedRAMP/CMMC certifications and compliance against standards such as NIST and HIPAA. I offer 𝗠𝗢𝗡𝗘𝗬-𝗕𝗔𝗖𝗞 𝗚𝗨𝗔𝗥𝗔𝗡𝗧𝗘𝗘 to my clients against ISO 27001, SOC 2 and PCI-DSS compliance! Are your clients requesting security certifications or compliance against HIPAA, ISO 27001, SOC 2, PCI-DSS, or FedRAMP etc.? Do you want a cost effective solution for achieving and maintaining compliance? Do you want help is filling out the security assessment questionnaires and want someone to respond in a way that you are able to win the deal? Do you want surety/ confirmation that your certification project will be a success and you won't loose money over consultation? If you have already purchased a DIY compliance tool (Drata, Vanta, Thoropass/HeyLaika, Sprinto, OneTrust Compliance Automatization/Tugboat Logic, SecureFrame, and so on) but don’t have the time and energy to achieve and maintain compliance, Do you want to know and enhance your company's current security posture? MY PROFILE I have over 9 years of experience and have worked within IT GRC (Governance, Risk, Compliance), internal controls and review assurance roles within financial, telecom, fintech and banking industry. The combination of Information technology, accounting & auditing has molded me into an individual who can perform IS Audits (General Controls, Application Controls, Specialized Audits, IT policy & SOPs), IT risk reviews (Risk Assessments, BCP & DR, Risk Mitigation & Control Design), Functional Reviews & QA (Quality Assurance) Services, IT security consultancy (IS Policy & Implementation under different frameworks i.e. 27001, NIST, COBIT 5, PCI, HiTrust, HIPAA, GDPR, SOC 2, SOX) and pre-implementation & post-implementation project reviews, BRD creation by following industry best practices. I can secure your cloud environment with expertise in AWS and Azure by following security hardening best practices. MY CREDENTIALS - CISSP (Certified Information Systems Security Professional) - USA - CISA (Certified in Information System Audit) - USA - CRISC (Certified in Risk & Information Systems Control) - USA - CGEIT (Certified in Governance of Enterprise IT) - USA - SQL Fundamentals (Oracle) - CEH Certified (Certified Ethical Hacker) - Cyber security Fundamentals Certification - Kaspersky - Google Analytics - NSE 5 (Network Security Analyst) Tags: Information Security Analyst Chief Information Security Officer ( CISO ) Information Security Manager SOC Analyst SOC (Security Operations Center) Tools: SIEM, CrowdStrike Falcon, Fortinet, FortiAnalyzer, FortiGate, FortiSIEM, Stellar Cyber, Cylance, Splunk, AWS CloudWatch, Microsoft Defender (Azure), AWS CloudTower, GCP
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Information Security Consultation
    Information Security
    Cybersecurity Management
    Security Policies & Procedures Documentation
    PCI
    Cloud Security Framework
    NIST SP 800-53
    SOC 2
    HIPAA
    IT General Controls Testing
    Security Operation Center
    ISO 27001
    SOC 2 Report
  • $200 hourly
    As a Top Rated vCISO with a 100% job success rate, rest assured that I execute at a high level of expertise, integrity, and professionalism. I am the President & Founder of Aspire Cyber, a full-service consulting firm that rapidly delivers privacy and cybersecurity compliance solutions to help small and medium-sized businesses satisfy their legal, regulatory, and contractual requirements. Aspire Cyber was founded on the core belief that every business should have access to world-class cybersecurity talent, regardless of budget or security needs. I have over 20 years ​of experience managing information security projects and implementing strategic cybersecurity controls for the United States Army, Bank of America, and numerous Fortune 100 companies. We offer entirely “Done For You” solutions that help your business rapidly achieve compliance while we manage everything. Don’t waste 6-18 months trying to figure this out yourself. Regulatory and industry cybersecurity frameworks have hundreds of different controls you must comply with and require knowledge of IT, Cybersecurity, HR, Legal, and more. Aspire Cyber is a leading provider of comprehensive cybersecurity compliance solutions. Our team of experts has a proven track record of implementing NIST SP 800-171 practices to help defense contractors achieve Cybersecurity Maturity Model Certification (CMMC). We make it easy for your business to prove it's a safe choice for handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). Schedule a free call with me to learn how our team of dedicated cybersecurity experts can help save you months of time and, in many cases, five or even six figures in excessive spending trying to become compliant without expert guidance. ★High Profile Clients ✔ I worked for the United States Army, Lockheed Martin, Bank of America, Hewlett-Packard Enterprise, and many others. Aspire Cyber specializes in the following areas: ★ Risk Assessment and Auditing - We have conducted over 200 Information Security, Business Continuity, and Cloud assessments. -Compliance (NIST, PCI, HIPAA, ISO 27001, GDPR, CCPA, COPPA, FedRAMP) - Cybersecurity Advisor -Cloud Secure Design -Data Privacy Officer (DPO) -Cloud Security -Policy Writing -Penetration Testing -Application Security -Incident Response -Vulnerability Management -Third-Party Risk Management -Security Awareness Training ★ I hold the following degrees and certifications: ✅ Certified CMMC Assessor (CCA) ✅ Certified CMMC Professional (CCP) ✅ CMMC Provisional Instructor ✅ Certified Information Systems Security Professional (CISSP) ✅ Certified Cloud Security Professional (CCSP) ✅ Certified Information Security Manager (CISM) ✅ Certified Risk and Information Systems Control (CRISC) ✅ CMMC Registered Practitioner ✅ CompTIA Security+ ✅ CompTIA A+ ✅ Master of Business Administration (MBA) ✅ Graduate Certificate Cybersecurity Technology WHY CHOOSE ASPIRE CYBER? -Professionalism: We treat all clients respectfully and adhere to the highest ethical standards. -Fast: We always aim to deliver your project ahead of schedule. -Expertise: We have vast experience across various cybersecurity and compliance areas. -Responsiveness: Constant and effective communication is the key to a successful engagement. 🙋🏼‍♂️Our team is eager to partner with your organization to deliver cybersecurity compliance solutions rapidly. Contact Aspire Cyber today to learn how we can fulfill your cybersecurity needs.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Cloud Security Framework
    NIST SP 800-53
    Policy Writing
    Information Security Governance
    FedRAMP
    Information Security Awareness
    Risk Assessment
    NIST Cybersecurity Framework
    Business Continuity Plan
    Information Security
    Incident Response Plan
    Security Testing
    Vulnerability Assessment
  • $40 hourly
    🏆 12+ years of experience in eDiscovery and digital forensics industry. 🏆 Certified eDiscovery Professional 🏆 Certified Digital Forensics Professional 🏆 Worked with legal industries and the team of lawyers and CA. 🏆 30k Projects delivered in real world 🏆 Trained more than 10k professionals 🏆 Helped legal companies to improve their workflows and SOPs. My services include: ✅eDiscovery and litigation support ✅Digital Forensics Analysis ✅Data recovery and analysis ✅Expert witness testimony ✅Mobile device forensics ✅Incident Response and Data Breach Investigations ✅eDiscovery Consulting ✅Data Recovery Services ✅Cybersecurity Consulting ✅Training and Workshops ✅Compliance and Data Governance ✅ IT Support Professional Skills - ✅eDiscovery - Delivered a number of projects by using Nuix, Relativity, Law Pre Discovery, eCapture IPRO and Brainspace. ✅Computer Forensics - Analyzing computer system crimes, recovering data from electronic devices like USB, HDD & others. Gathering evidence and information from suspected computer/source by using legal & most popular forensics tools like Encase, FTK, Nuix, Magnet Forensics & Digital Imaging Tools and devices(FTK Imager, Encase Imager & Tableau TD2/3).Password Cracking or Recovering manually and automatically by using legal password cracking tools. Reconstructing damaged computer systems. ✅Mobile Forensics – Logical and Physical Extraction from suspected mobile/source mobile in forensics manner by using Mobile forensics tools like – Ufed, XRY, Tarantula, MPE, Oxygen Forensics Tool, MobilEdit Forensic & others. ✅CDR Analysis, Link Analysis. ✅Vulnerability Assessment & Penetration Testing - Performs real-time monitoring, investigation, analysis, reporting of security events from multiple sources including Windows, Network devices, Firewall logs, IPS/IDS, Proxy Logs, applications and databases by tools like Nessus, Nexpose, Metasploit, Armitage & others. ✅IT Solutions – All types of computer, laptop software, hardware & networking solutions. ✅Extensive experience in installation, administration, and networking in various environments. ✅ Thorough knowledge of Windows Vista; Windows XP; Windows 2000 Server; Windows Server 2003; Windows Server 2008, Windows Server 2012; ✅Active Directory; DNS; DHCP; Group Policy Windows Firewall; PowerShell; FTP & IIS. ✅Utilized Install software package for application deployment. ✅Excellent command of running projects employing industry-standard project management techniques. ✅Extensive documentation and training experience. ✅Email Clients configuration. ✅Successful project and technical team member and motivator. I can assist with cases involving civil litigation, criminal matters, internal investigations, and more. I am meticulous in my work, ensuring that all evidence is handled in a professional and ethical manner and that all findings are presented in a clear and concise manner. You can rest assured that your eDiscovery and digital forensics needs will be met with professionalism.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Search Engine Optimization
    Ediscovery
    Security Analysis
    TCDI EDiscovery
    Security Operation Center
    Lead Generation
    Penetration Testing
    Incident Response Plan
    Information Security Consultation
    Digital Forensics
    Malware Removal
    Network Security
  • $70 hourly
    "Excellent ethical hacker. Very prompt, knowledgeable, and comprehensive" "Working with Konstantin was a good experience. Well rounded security experience helped us with number of different issues." My business motto is "Nil Satis Nisi Optimum" ("Nothing but the best is good enough") - because I know you feel the same about your business! CompTIA Security+ and Pentest+ seasoned certified security expert. My main specialization is information security system design, audit, vulnerability assessment and solutions implementation. I have experience with cloud (AWS, GCP) and on-prem infrastructure security, Linux and Windows OS, Active directory infrastructure and many different tools and software for specific security needs. In my job, I follow the best practice, local laws and international standards such as ISO 27000 and NIST 800 families.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Network Penetration Testing
    Security Analysis
    Security Infrastructure
    Internet Security
    Financial Audit
    System Hardening
    Compliance
    Web Application Security
    IT Compliance Audit
    Security Engineering
    Security Policies & Procedures Documentation
    Application Security
    Information Security
    Network Security
    Firewall
  • $65 hourly
    As a seasoned cybersecurity professional with a decade of industry experience, I have forged a dynamic career that seamlessly blends technical expertise with strategic leadership. Throughout my journey, I have consistently demonstrated an unwavering commitment to fortifying digital landscapes and protecting organizations from the ever-evolving threats of the cyber realm. Over the years, I have honed my skills in penetration testing, vulnerability assessment, and ethical hacking, navigating complex systems to identify weak points and rectify them before malicious actors could exploit them. My proficiency extends to crafting robust security architectures, implementing encryption protocols, and establishing multi-layered defense mechanisms that shield critical data from compromise. My technical acumen also encompasses incident response and digital forensics. I have adeptly managed and mitigated a range of cyber incidents, swiftly restoring operational integrity and preserving digital evidence for thorough investigations. This hands-on experience has equipped me with a profound understanding of the anatomy of cyberattacks, allowing me to proactively design strategies that anticipate threats and thwart potential breaches. Recognizing the importance of a holistic approach to cybersecurity, I transitioned to leadership roles that allowed me to fuse my technical expertise with strategic thinking. As a manager, I have orchestrated cross-functional teams of diverse talents, fostering collaboration and synergy to tackle complex security challenges head-on. In my managerial capacity, I have been instrumental in formulating comprehensive security policies and standards that align with industry best practices and compliance regulations. I have overseen the implementation of security awareness training programs, empowering employees to become the first line of defense against social engineering and phishing attempts. Furthermore, my tenure in cybersecurity management has seen me liaise with C-suite executives and boards of directors, effectively translating technical jargon into business language to articulate the value of robust cybersecurity investments. This skill has been pivotal in garnering support for budget allocations that enable the adoption of cutting-edge technologies and the reinforcement of cybersecurity measures. I look forward to being a part of your cyber defensive strategy!
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Information Technology Operations
    Incident Response Plan
    Network Security
    Network Penetration Testing
    User Identity Management
    Cloud Security
    Network Administration
    Cloud Architecture
    Office 365
    Computer Network
    Incident Management
    Security Engineering
    Encryption
    Application Security
    Firewall
  • $30 hourly
    With a degree in Computer Engineering and a passion for writing, my experience spans across writing whitepapers, blogs, research reports, content for websites, thesis for academic submissions, sales pitch, business proposals and more. I am highly organized and schedule my time to get things accomplished accordingly. I am detail-oriented and an excellent researcher. I can be entrusted with big projects as I prefer to complete my work before deadlines giving you ample time to review my work and provide feedback. I take pride in my work
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Amazon Web Services
    Robotics
    Editing & Proofreading
    Artificial Intelligence
    Blockchain
    Website Copywriting
    ISO 27001
    Cloud Security
    Information Security
    Disaster Recovery
    Network Security
    Policy Writing
    Technical Writing
    PCI
    Project Risk Management
  • $40 hourly
    I'm an OSCP (Offensive Security Certified Professional), OSWE (Offensive Security Web Expert), CREST CRT, and CEH (Certified Ethical Hacker) certified penetration tester. I can conduct vulnerability assessments and penetration testing for your web applications, mobile applications, and cloud infrastructures. I can also audit the code of your PHP / Python / JS (NodeJS) applications and fix code-level vulnerabilities. My day to day work includes: -- Research on bleeding edge technologies -- PHP/Python/JavaScript development -- Code auditing -- Database management -- APIs development & integration -- AWS services (EC2, SES, SNS, SQS, Route53, S3, Lambda, API gateway) -- Penetration testing -- Data scraping -- and a lot more
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Network Security
    Security Testing
    Network Penetration Testing
    PHP
    JavaScript
    Laravel
    Penetration Testing
    Information Security
    Cloud Security
    Web App Penetration Testing
    Web Application Security
    Website Security
    Linux System Administration
    Amazon Web Services
  • $20 hourly
    We are a group of Senior Cyber Security Experts with over 4+ years of Hands-on Digital Forensics (Windows/ Linux/ Mac OS) and Cyber Security Specialist. We've created multiple cyber security related services and training delivered them to several clients. Also provide a large number of Investigations and Consulting Services to our clients such as: • Malicious Emails Investigations • Email Attachments Investigations (Malware Analysis) • Email Inboxing Handling (Inbox any mail to any inbox) • Computer System Forensics (Digital Forensics) • Memory Forensics (Hard Drive, Ram Evidence Recovery) • Offensive Engagements (Penetration Testing Services) • Creating Cyber Security Training If your issue is not listed here, please don't be disappointed. We'll probably be able to help out so feel free to reach out with a message at least once. -----------------------------------------ANTI PHISHING------------------------------------- What is being investigated in Email Investigation:- - Header Analysis     - Identifying possible source of origin     - Identifying Spoofed emails     - Validate legitimacy by examining SPF, DKIM and DMARC Records     - Link Analysis     - Follow up investigation on any links the email contains or redirects to with a verdict on that site     - Verdict on attachments (Malicious / Non-Malicious) With our Advanced Investigation you'll receive Detailed Report (Malicious Reasons, Links and Attachments Information, Malware Analysis Information) also provide our ANTI-PHISHING EXTENSION for your browser security. -----------------------------------------ANTI PHISHING------------------------------------- ----------------------------------------- FORENSICS ----------------------------------------- What is being investigated in Forensics (Windows/ Linux/ Mac OS):- - Computer System Forensics     - Real-Time, on-line Evidence gathering     - Off-line Computer Disk Forensic     - Memory Forensics     - Physical Memory Forensic (With Destroyed Data Recovery)     - Critical Data pertaining to Threats exists solely in System Memory     - Non-cacheable Injected Code fragments ----------------------------------------- FORENSICS -----------------------------------------   It's important for us to build long term relationships with clients, so we provide the best quality of work  with the best price offers. We thought "A satisfied customer is the best business strategy". Looking forward to hearing from you! Thank You!
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Information Security Awareness
    Information Security Governance
    Antivirus & Security Software
    Office 365
    Email Security
    Ethical Hacking
    OWASP
    Multiple Email Account Management
    Information Security
    System Security
    Information Security Consultation
    Application Security
    Digital Forensics
  • $70 hourly
    ☑️ 𝗤𝘂𝗮𝗹𝗶𝘁𝘆-𝗳𝗼𝗰𝘂𝘀𝗲𝗱 𝗲𝗻𝗱-𝘁𝗼-𝗲𝗻𝗱 ☁️ 𝗰𝗹𝗼𝘂𝗱 𝘀𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀, 𝗰𝗼𝗻𝘀𝘂𝗹𝘁𝗶𝗻𝗴 𝗮𝗻𝗱 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 🔒 𝗮𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲 𝗱𝗼𝗻𝗲 𝗿𝗶𝗴𝗵𝘁 𝘁𝗵𝗲 𝗳𝗶𝗿𝘀𝘁 𝘁𝗶𝗺𝗲. 🎯𝟭𝟲+ 𝘆𝗲𝗮𝗿𝘀 𝗼𝗳 𝗽𝗿𝗼𝗳𝗲𝘀𝘀𝗶𝗼𝗻𝗮𝗹 𝗲𝘅𝗽𝗲𝗿𝗶𝗲𝗻𝗰𝗲, 𝟰 𝗺𝗶𝗹𝗹𝗶𝗼𝗻 𝗨𝗦𝗗+ 𝗶𝗻 𝗽𝗿𝗼𝗷𝗲𝗰𝘁𝘀 𝗱𝗲𝗹𝗶𝘃𝗲𝗿𝗲𝗱 𝗮𝗻𝗱 𝗺𝗮𝗻𝗮𝗴𝗲𝗱. 𝗘𝘅𝘁𝗲𝗻𝘀𝗶𝘃𝗲 𝗙𝗼𝗿𝘁𝘂𝗻𝗲 𝟱𝟬𝟬 𝗰𝗼𝗺𝗽𝗮𝗻𝘆 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗲𝘅𝗽𝗲𝗿𝗶𝗲𝗻𝗰𝗲. ☑️ 📞 Invite me to your job and we can book a complimentary 30-minute consultation together that’s earnestly helpful. 📞 You could hire someone else for a lower rate who takes 5x as long to do the job right. You could also hire me, sit back relax and let an expert implement your solution exactly as needed. Think of me as your cloud solutions Advil. I reliably relieve headaches instead of causing them. ❝𝙍𝙞𝙙𝙞𝙘𝙪𝙡𝙤𝙪𝙨𝙡𝙮 𝙚𝙛𝙛𝙞𝙘𝙞𝙚𝙣𝙩 𝙞𝙨 𝙩𝙝𝙚 𝙥𝙝𝙧𝙖𝙨𝙚 𝙩𝙝𝙖𝙩 𝙘𝙤𝙢𝙚𝙨 𝙩𝙤 𝙢𝙞𝙣𝙙 𝙬𝙝𝙚𝙣 𝙄 𝙩𝙝𝙞𝙣𝙠 𝙖𝙗𝙤𝙪𝙩 𝙉𝙖𝙣𝙙𝙮. 𝙄 𝙝𝙖𝙙 𝙩𝙝𝙚 𝙥𝙡𝙚𝙖𝙨𝙪𝙧𝙚 𝙤𝙛 𝙬𝙤𝙧𝙠𝙞𝙣𝙜 𝙬𝙞𝙩𝙝 𝙝𝙞𝙢 𝙛𝙤𝙧 𝙩𝙬𝙤 𝙮𝙚𝙖𝙧𝙨, 𝙘𝙤𝙡𝙡𝙖𝙗𝙤𝙧𝙖𝙩𝙞𝙣𝙜 𝙤𝙣 𝙨𝙚𝙫𝙚𝙧𝙖𝙡 𝙥𝙧𝙤𝙟𝙚𝙘𝙩𝙨. 𝙄 𝙬𝙖𝙨 𝙥𝙖𝙧𝙩𝙞𝙘𝙪𝙡𝙖𝙧𝙡𝙮 𝙞𝙢𝙥𝙧𝙚𝙨𝙨𝙚𝙙 𝙗𝙮 𝙉𝙖𝙣𝙙𝙮’𝙨 𝙖𝙗𝙞𝙡𝙞𝙩𝙮 𝙩𝙤 𝙝𝙖𝙣𝙙𝙡𝙚 𝙚𝙫𝙚𝙣 𝙩𝙝𝙚 𝙩𝙤𝙪𝙜𝙝𝙚𝙨𝙩 𝙨𝙞𝙩𝙪𝙖𝙩𝙞𝙤𝙣 𝙚𝙛𝙛𝙤𝙧𝙩𝙡𝙚𝙨𝙨𝙡𝙮. 𝙏𝙝𝙖𝙩 𝙨𝙠𝙞𝙡𝙡 𝙤𝙛𝙩𝙚𝙣 𝙩𝙖𝙠𝙚𝙨 𝙮𝙚𝙖𝙧𝙨 𝙩𝙤 𝙙𝙚𝙫𝙚𝙡𝙤𝙥 𝙖𝙢𝙤𝙣𝙜 𝙖𝙣𝙮 𝙥𝙧𝙤𝙛𝙚𝙨𝙨𝙞𝙤𝙣𝙖𝙡𝙨, 𝙗𝙪𝙩 𝙞𝙩 𝙨𝙚𝙚𝙢𝙚𝙙 𝙩𝙤 𝙘𝙤𝙢𝙚 𝙥𝙚𝙧𝙛𝙚𝙘𝙩𝙡𝙮 𝙣𝙖𝙩𝙪𝙧𝙖𝙡𝙡𝙮 𝙩𝙤 𝙝𝙞𝙢. 𝙉𝙤 𝙢𝙖𝙩𝙩𝙚𝙧 𝙝𝙤𝙬 𝙩𝙚𝙣𝙨𝙚 𝙖 𝙢𝙚𝙚𝙩𝙞𝙣𝙜, 𝙉𝙖𝙣𝙙𝙮 𝙢𝙖𝙙𝙚 𝙨𝙪𝙧𝙚 𝙞𝙩 𝙚𝙣𝙙𝙚𝙙 𝙬𝙞𝙩𝙝 𝙖 𝙨𝙢𝙞𝙡𝙚. 𝘼𝙨 𝙖 𝙩𝙚𝙖𝙢 𝙢𝙚𝙢𝙗𝙚𝙧 𝙤𝙧 𝙖 𝙡𝙚𝙖𝙙𝙚𝙧, 𝙉𝙖𝙣𝙙𝙮 𝙚𝙖𝙧𝙣𝙨 𝙢𝙮 𝙝𝙞𝙜𝙝𝙚𝙨𝙩 𝙧𝙚𝙘𝙤𝙢𝙢𝙚𝙣𝙙𝙖𝙩𝙞𝙤𝙣.❞ 🗣 𝙅𝙖𝙞𝙧𝙤 𝙎𝙚𝙦𝙪𝙚𝙞𝙧𝙖 - 𝙈𝙚𝙙𝙞𝙖𝙩𝙤𝙧 & 𝙄𝙣𝙩𝙚𝙧𝙣𝙖𝙩𝙞𝙤𝙣𝙖𝙡 𝘾𝙞𝙫𝙞𝙡 𝙇𝙖𝙬 𝘼𝙩𝙩𝙤𝙧𝙣𝙚𝙮 - 𝙅𝙖𝙞𝙧𝙤 𝙎𝙚𝙦𝙪𝙚𝙞𝙧𝙖 & 𝘼𝙨𝙨𝙤𝙘𝙞𝙖𝙩𝙚𝙨 🗣 Career highlights of mine include: 🔸 Working with Dell, one of the Department of Defense's cyber security programs and several other Fortune 500 companies. 🔸 Currently working on a complex and ongoing security project for an Australian Government Defense contractor. 🔸 I hold multiple industry security certifications including my MCT (Microsoft Certified Trainer) and I have also earned a master's degree. Here’s a highlight of the solutions, skills and services I commonly help my clients with: ✅ Creating cloud security architectures, well architect frameworks, and cloud governance models ✅ Designing, administering and maintaining Azure Sentinel instances for clients and internal instances. ✅ Creating and configuring Azure Sentinel, including the understanding of KQL (Kusto Query Language) for writing queries and correlations depending on security use cases. ✅ Conduct a compliance audit of Azure infrastructure and policies, as well as fine-tune the environment using NIST and CIS benchmarks ✅ General security process review, planning, and solutions implementation ✅ Creating zero trust cyber security models ✅ Assess, strategize, and implement - conditional access policies, geo-fencing, and retiring legacy authentication clients ✅Privileged identity management, decrease global admins, other privilege roles - reviewing, strategizing and implementation ✅ Identity protection: review, strategy and implementation. Examine users or sign-ins who are potentially dangerous. Setting up conditional access policies ✅ Working with companies or on projects with multinational challenges ✅ Risk Assessment and Auditing: ▪️ Knowledge of security best practices (NIST, SANS, DISA) ▪️ Knowledge of attack platforms ▪️ Familiarity with IT systems and practices ▪️ Expertise with It security risk assessment, analytics, and reporting Here’s a highlight of the platforms I have extensive experience working with: 🛠 Microsoft Azure, Azure Sentinel and Office 365 (O365) 🛠 Microsoft Defender (Cloud Apps (MCAS), Identity, Endpoints, Azure) 🛠 Microsoft Intune 🛠 Microsoft Exchange 🛠 Microsoft DLP 🛠 Microsoft AVD 🛠 Microsoft W365 Thanks for learning about me! If you’re interested in working together, please invite me to your job on Upwork to book a free consultation call with me. Talk soon! Nandy Bo ❝ 𝙄𝙩 𝙝𝙖𝙨 𝙗𝙚𝙚𝙣 𝙖 𝙥𝙡𝙚𝙖𝙨𝙪𝙧𝙚 𝙩𝙤 𝙬𝙤𝙧𝙠 𝙬𝙞𝙩𝙝 𝙉𝙖𝙣𝙙𝙮 𝙙𝙪𝙧𝙞𝙣𝙜 𝙩𝙝𝙚 𝙩𝙧𝙖𝙣𝙨𝙞𝙩𝙞𝙤𝙣 𝙤𝙛 𝘾𝙖𝙡𝙡𝙘𝙤𝙢. 𝙉𝙖𝙣𝙙𝙮 𝙞𝙨 𝙫𝙚𝙧𝙮 𝙜𝙚𝙣𝙪𝙞𝙣𝙚, 𝙝𝙤𝙣𝙚𝙨𝙩 𝙖𝙣𝙙 𝙝𝙚𝙡𝙥𝙛𝙪𝙡 𝙞𝙣 𝙣𝙖𝙩𝙪𝙧𝙚. 𝙃𝙚 𝙖𝙡𝙨𝙤 𝙝𝙖𝙨 𝙖 𝙫𝙚𝙧𝙮 𝙞𝙣-𝙙𝙚𝙥𝙩𝙝 𝙠𝙣𝙤𝙬𝙡𝙚𝙙𝙜𝙚 𝙤𝙛 𝙄𝙏 𝙬𝙝𝙞𝙡𝙚 𝙢𝙖𝙞𝙣𝙩𝙖𝙞𝙣𝙞𝙣𝙜 𝙖 𝙫𝙚𝙧𝙮 𝙗𝙧𝙤𝙖𝙙 𝙥𝙧𝙤𝙗𝙡𝙚𝙢-𝙨𝙤𝙡𝙫𝙞𝙣𝙜 𝙤𝙪𝙩𝙡𝙤𝙤𝙠. 𝙏𝙝𝙚𝙨𝙚 𝙛𝙚𝙖𝙩𝙪𝙧𝙚𝙨 𝙢𝙖𝙠𝙚 𝙝𝙞𝙢 𝙣𝙤𝙩 𝙤𝙣𝙡𝙮 𝙖 𝙥𝙡𝙚𝙖𝙨𝙪𝙧𝙚 𝙩𝙤 𝙬𝙤𝙧𝙠 𝙬𝙞𝙩𝙝 𝙗𝙪𝙩 𝙖𝙡𝙨𝙤 𝙫𝙚𝙧𝙮 𝙞𝙣𝙨𝙥𝙞𝙧𝙖𝙩𝙞𝙤𝙣𝙖𝙡. ❞ 🗣 𝙅𝙤𝙧𝙙𝙤𝙣 𝘽𝙞𝙡𝙡 - 𝙈𝙖𝙣𝙖𝙜𝙞𝙣𝙜 𝘿𝙞𝙧𝙚𝙘𝙩𝙤𝙧 - 𝘾𝙖𝙡𝙡𝙘𝙤𝙢 𝙄𝙣𝙩𝙚𝙧𝙣𝙖𝙩𝙞𝙤𝙣𝙖𝙡 🗣
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Spam Filter
    Microsoft Exchange Online
    Email Security
    Office 365
    Microsoft Azure
    Cloud Engineering Consultation
    Risk Assessment
    Security Analysis
    Mobile Device Management
    Microsoft Endpoint Manager
    Cloud Security
    Information Security
    Cloud Implementation
    Solution Architecture Consultation
  • $150 hourly
    I am a dedicated Cybersecurity Advisor specializing in Security, Compliance, and Privacy, with a focus on ISO 27001, SOC 2, PCI DSS, GDPR, and CCPA. With over 10 years of experience and a background as a Big 4 security manager, 🔒 Expertise in Cybersecurity and Compliance: Big 4 Experience: Leveraging extensive experience to align your security compliance needs. Comprehensive Services: From policy writing to security gap analysis and IT audits, I offer a range of services to secure your organization's information and build trust with your customers. 🚨 Addressing Your Concerns: Certification Pressures: Assisting organizations facing pressures to acquire certifications like PCI-DSS, SOC 2, ISO 27001, HIPAA, and more. Security Assessment Queries: Providing answers and solutions to any security assessment questionnaires received from clients. Compliance Efforts: Offering support to those struggling with time and resource-consuming compliance efforts and certification processes. Purchasing of compliance tools such as Vanta, Drata, Safebase, Secureframe etc. and need someone to manage it 🛠 Services Offered: Policy & Procedure Writing & Review Security Gap Analysis IT and Compliance Audits Risk Assessments & Implementation Security Strategy Development Governance, Risk & Compliance (GRC) Support DPO & vCISO Services: Assistance with GDPR/CCPA compliance, GDPR gap assessment analysis, and support in defining security strategies. 💡 Why Choose Me? Affordable Expertise: Offering Big 4 expertise tailored to fit your budget. Personalized Approach: All tasks are personally completed by me, ensuring constant communication and consideration of your every remark & need. Client-Centric Value: Focused on providing value, earning trust, and exceeding client expectations through responsiveness and over-delivering. Ethical Standards: Upholding high ethical values, treating everyone with respect, and genuinely improving my client's situation. 📞 Let's Connect! I am adaptable depending on the project and client's needs, and I am committed to improving your organization's security posture. Let's discuss how I can assist you in navigating through your cybersecurity and compliance journey.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    GDPR
    FedRAMP
    PCI
    PCI DSS
    HIPAA
    SOC 2
    Security Policies & Procedures Documentation
    ISO 27001
    Information Security
    Information Security Consultation
    IT Compliance Audit
    Cybersecurity Management
    Risk Assessment
    Information Security Governance
    Security Management
  • $125 hourly
    Hello! Are you in need of a cybersecurity compliance expert who can ensure that your organization meets its legal, ethical, and operational obligations? Look no further! With over 13 years of experience in the field, Larry is the top choice for all your cybersecurity needs. Larry brings a warm touch to the table, backed by years of experience and a passion for cybersecurity. With a B.S.B.A. in Information Technology and certifications like 𝗖𝗜𝗦𝗦𝗣, 𝗖𝗜𝗦𝗠, 𝗜𝗦𝗢 𝟮𝟳𝟬𝟬𝟭 𝗟𝗲𝗮𝗱 𝗜𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁𝗲𝗿, 𝗲𝘁𝗰., Larry offers in-depth knowledge and practical implementation experience in 𝗡𝗜𝗦𝗧, 𝗛𝗜𝗣𝗔𝗔, 𝗦𝗢𝗖 𝟮, 𝗜𝗦𝗢 𝟮𝟳𝟬𝟬𝟭, 𝗙𝗘𝗗𝗥𝗔𝗠𝗣 𝗮𝗻𝗱 𝗖𝗠𝗠𝗖. 𝐒𝐞𝐫𝐯𝐢𝐜𝐞𝐬 𝐎𝐟𝐟𝐞𝐫𝐞𝐝: ★vCISO Management ★Policies & Procedures Development ★Privacy Management ★Compliance Program Implementation ★Gap Assessments ★Risk Management ★Security Questionnaires ★SSP Development ★Cybersecurity Strategy Larry has successfully completed numerous projects, ensuring compliance with industry standards and delivering outstanding results. By leveraging their expertise, clients have achieved improved cybersecurity measures, mitigated risks, and successfully passed audits. Imagined Cloud | Founder: "Larry exceeded our expectations with their comprehensive cybersecurity solutions. They not only helped us navigate complex compliance requirements but also provided valuable insights that improved our overall security posture. Highly recommended!" Larry is not just another cybersecurity expert - what sets them apart is their client-centric approach. By addressing your unique needs and challenges, Larry customizes their services to ensure maximum effectiveness and a great client experience. With a prompt and responsive communication style, you can trust that your concerns will be addressed in a timely manner. Keywords: cybersecurity expert, compliance, HIPAA, NIST, SOC 2, ISO 27001, CMMC, FEDRAMP, ISO 27001 policies and procedures development, vCISO, risk assessment, compliance software
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    SOC 2
    CMMC
    ISO 27001
    Certified Information Security Manager
    Governance, Risk Management & Compliance
    Information Security Governance
    HIPAA
    Security Infrastructure
    IT Compliance Audit
    Regulatory Compliance
    Information Security Consultation
    Security Policies & Procedures Documentation
    Cybersecurity Management
    Information Security
  • $50 hourly
    An experienced cyber-security specialist & quality assurance & regulatory professional with a proven track record in governance, risk & compliance. I bring a wealth of hands-on experience in Information Security audits, Risk Management, Risk Assessment, Vendor Risk Assessment, Information Security Policy and procedures formulation, compliance with various security standards for several global clients and also performed cyber-security compliance assessments using NIST 800-53, NIST CSF based controls and supports remediation and mitigation activities. I also have experience in managing Quality Management System (single-handedly), drafting Standard Operating Procedures (SOP), managing Corrective & Preventive Action (CAPA) & Non-conformances/deviations, Training & Development, Document Management, KPI Management, Audit (Internal/External) Management in adherence to MDSAP, EU MDR 2017/745 & ISO 13485:2016 with deep understanding of these laws and standards. I have a deep understanding of various laws such as HIPAA. GDPR, Data Protection Act, MDSAP, EU MDR 2017/745 and standards such as ISO 27001:2013, PCI-DSS, SOC2, ISO 13485:2016 etc.
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Financial Audit
    PCI
    Cybersecurity Management
    GDPR
    IT Compliance Audit
    PCI DSS
    Data Privacy
    Risk Assessment
    ISO 27001
  • $125 hourly
    Information Security, Governance, Risk, and Compliance (GRC) professional. • HITRUST CCSFP, CISSP, PCI ISA, ITIL • 15+ years in Information Security (Governance, Risk, and Compliance) • 15+ years in highly regulated environments (PCI, HIPAA, FISMA) • 15+ years implementing/managing ISO 27001, NIST 800-53, NIST-CSF, PCI-DSS • 10+ years of policy and procedure development and management • 10+ years of process optimization, streamlining • 15+ years in IT (design, development, implementation, and management) • Bachelor of Business Administration - Finance
    vsuc_fltilesrefresh_TrophyIcon Information Security Audit
    Company Policy
    Risk Assessment
    HITRUST Common Security Framework
    Governance, Risk Management & Compliance
    Certified Information Systems Security Professional
    HIPAA
    PCI
    ServiceNow
    NIST SP 800-53
  • Want to browse more freelancers?
    Sign up

How it works

1. Post a job (it’s free)

Tell us what you need. Provide as many details as possible, but don’t worry about getting it perfect.

2. Talent comes to you

Get qualified proposals within 24 hours, and meet the candidates you’re excited about. Hire as soon as you’re ready.

3. Collaborate easily

Use Upwork to chat or video call, share files, and track project progress right from the app.

4. Payment simplified

Receive invoices and make payments through Upwork. Only pay for work you authorize.

Trusted by

How do I hire a Information Security Audit Freelancer on Upwork?

You can hire a Information Security Audit Freelancer on Upwork in four simple steps:

  • Create a job post tailored to your Information Security Audit Freelancer project scope. We’ll walk you through the process step by step.
  • Browse top Information Security Audit Freelancer talent on Upwork and invite them to your project.
  • Once the proposals start flowing in, create a shortlist of top Information Security Audit Freelancer profiles and interview.
  • Hire the right Information Security Audit Freelancer for your project from Upwork, the world’s largest work marketplace.

At Upwork, we believe talent staffing should be easy.

How much does it cost to hire a Information Security Audit Freelancer?

Rates charged by Information Security Audit Freelancers on Upwork can vary with a number of factors including experience, location, and market conditions. See hourly rates for in-demand skills on Upwork.

Why hire a Information Security Audit Freelancer on Upwork?

As the world’s work marketplace, we connect highly-skilled freelance Information Security Audit Freelancers and businesses and help them build trusted, long-term relationships so they can achieve more together. Let us help you build the dream Information Security Audit Freelancer team you need to succeed.

Can I hire a Information Security Audit Freelancer within 24 hours on Upwork?

Depending on availability and the quality of your job post, it’s entirely possible to sign up for Upwork and receive Information Security Audit Freelancer proposals within 24 hours of posting a job description.

Schedule a call