Hire the Best Information Security Audit Freelancers
in Bangladesh

More than 3,000 reviews on G2
Rating is 4.5 out of 5.
4.5/5
of Upwork by G2 peer reviewers
Iftekharul I.

Dhaka, Bangladesh

$30/hr
5.0
31 jobs

✅7+ years of expertise ✅100+ Pentest ✅Upwork Top 10% With 7+ years of experience in offensive security and penetration testing, I’ve secured renowned fintech, E-commerce, SaaS, Banking, LMS and enterprise web apps/APIs. I deliver clear, actionable security reports that help dev teams remediate findings and support compliance and security efforts. I have extensive experience in Vulnerability Assessment, Penetration Testing, and Vulnerability Management. Helped securing big names some of the Leading international bank; national government ministry; top regional payment gateways. My Services: =========== ▪️ Manual, automated, agentic AI vulnerability assessment & Penetration Testing ▪️ Web, Network, System & Cloud Penetration Testing ▪️ Simulate attackers' techniques to test defense ▪️ SAST / DAST Security Scanning ▪️ Application Security Audits for Compliance (PCI-DSS, ISO 27001, HIPAA, FDA, SOC 2, etc.) ▪️ Cloud Configuration Reviews & Threat Modeling (AWS, Azure, GCP) ▪️ Cybersecurity & Penetration Testing Training ▪️ Visual Security Reports with Technical & Executive Summaries ▪️ Provide step-by-step fixes to strengthen your app My Core Expertise: ================ 1. Web & API testing using Burp Suite, OWASP ZAP, AI Agents 2. Network pentesting with Nmap, Nessus, Metasploit, Hydra 3. Cloud security assessments using ScoutSuite, Prowler, and manual checks 4. Active Directory & internal infrastructure exploitation 5. Secure code review with Semgrep, Snyk 6. Scripting in Python, Bash, JavaScript, PHP 7. SIEM analysis, threat hunting with Splunk, and QRadar Read about my certifications, projects, reviews, and portfolios below 👇

  • Information Security Audit
  • Information Security
  • Penetration Testing
  • Ethical Hacking
  • Network Security
  • Cybersecurity Management
  • Web Application Security
  • Vulnerability Assessment
  • Internet Security
  • Security Testing
  • Security Analysis
  • Cloud Security
  • IT Compliance Audit
  • Website Security
  • Web App Penetration Testing
Md Shohel R.

Khulna, Bangladesh

$80/hr
4.6
57 jobs

✅ Top Rated Plus Expert ✅ 7450+ Hours ✅ Certified Professional Penetration Tester Certifications : 🏅 OSCP (Offensive Security Certified Professional) 🏅 ISO 27001:2022 Lead Auditor 🏅 eCPPT (Certified Professional Penetration Tester) 🏅 eWPTX (Web Application Penetration Tester Extreme) 🏅 CEH (Certified Ethical Hacker) To whom it may concern, With over 6900+ hours of hands-on experience and more than 300+ successful Penetration Tests and Security Assessments, I bring a wealth of expertise to every project. My focus has been on Web, Network and Mobile (Android and iOS) applications, especially within the finance sector, using a variety of technologies and frameworks. My experience also extends to server security testing and hardening. I take pride in delivering detailed, professional reports that meet and exceed compliance audit requirements. These reports outline every vulnerability discovered, along with practical, actionable solutions. Sample reports can be provided upon request. Consider me an extension of your internal team dedicated to ensuring the highest standards of security for your organization. I respond promptly to your needs and work tirelessly to safeguard your systems. Core Services: ✓ Web Application Penetration Testing (OWASP TOP 10 based) ✓ Mobile (Android and iOS) Applications Penetration Testing ✓ Network Penetration Testing ✓ API Penetration Testing ✓ Cloud Security Assessment ✓ External Penetration Testing ✓ Internal Penetration Testing ✓ Security Hardening ✓ Phishing Simulations ✓ Security Risk Assessment ✓ Security Policy Assessment ✓ Security Training Methodologies and Frameworks: ✓ OWASP TOP 10 ✓ OSSTMM ✓ NIST ✓ PTES ✓ PCIDSS ✓ ISO 27001 ✓ CIS ✓ MITRE ATT&CK® Pentesting Tools: BurpSuite Professional, Nessus, Acunetix, Nmap, Metasploit, Mimikatz, MobSF, Sqlmap, John the Ripper, Kali Linux, Wireshark, Hashcat, Python Framework I’m here to help your company achieve the best in security, ensuring your applications and networks are fortified against threats.

  • Information Security Audit
  • Information Security
  • Page Speed Optimization
  • Linux System Administration
  • WordPress Malware Removal
  • Web Application Security
  • Web Application Firewall
  • Network Security
  • Penetration Testing
  • Network Penetration Testing
  • Vulnerability Assessment
  • Information Security Consultation
  • Firewall
  • Cloud Security Framework
  • Mobile App Testing
Mesbaul I.

Dhaka South City Corporation, Bangladesh

$20/hr
5.0
4 jobs

🔐 Certified Penetration Tester | Web, Mobile & API Security Expert | CEH | ISO 27001 LA I’m Mesbaul Islam, a cybersecurity professional with over 4+ years of hands-on experience in penetration testing and vulnerability assessments across web apps, mobile apps (Android/iOS), APIs, and internal/external networks. I’ve successfully completed 300+ security assessments for clients in finance, telecom, e-commerce, and SaaS, helping organizations identify and fix critical security flaws before attackers can exploit them. 🛡️ Services I Offer: ✅ Web Application Penetration Testing (OWASP Top 10) ✅ Mobile Application Security Testing (Android & iOS) ✅ API Penetration Testing (REST, GraphQL, SOAP) ✅ Network and Infrastructure Penetration Testing ✅ Server Security Assessment & Hardening ✅ Security Report Writing for Audit/Compliance ✅ Digital Forensics & Incident Investigation ✅ Training on VA/PT tools and methodologies 📄 Deliverables You Get: ✓A professional, easy-to-read report with all findings ✓Proof of concept (PoC) for vulnerabilities ✓Actionable remediation tailored to your systems ✓Support during audits or developer discussions 🎓 Certifications: 🏅CEH – Certified Ethical Hacker (EC-Council) 🏅ISO 27001:2022 Lead Auditor 🏅C)VA – Certified Vulnerability Assessor (mile2) 🏅CNSP – Certified Network Security Practitioner 🏅Digital Forensics Essentials – EC-Council 📘 Methodologies: OWASP, NIST 800-115, PTES, ISO 27001, MITRE ATT&CK®, CIS Benchmarks 🧰 Tools I Use: Burp Suite Pro, Nessus, Nmap, Acunetix, SQLMap, MobSF, Wireshark, Metasploit, John the Ripper, Hashcat, Kali Linux, custom Python tools I believe in clear communication, transparent results, and building long-term client relationships. Whether you're a startup securing your MVP or an enterprise strengthening compliance, I’m here to help you stay secure. 📬 Let’s connect to discuss your security needs — your protection is my priority.

  • Information Security
  • Nessus
  • Kali Linux
  • Wireshark
  • Penetration Testing
  • Digital Forensics
  • Vulnerability Assessment
  • Computer Network
  • Microsoft Windows
  • Python
  • Network Analysis
  • Wireless Security
  • Network Penetration Testing
  • Web Application Security
  • Linux System Administration
Mohammad Harun A.

Dhaka, Bangladesh

$20/hr
5.0
1 jobs

👤 Mohammad Harun Al Rashid | ICT & Cybersecurity Specialist | 19+ Years of Experience I’m a seasoned ICT professional with over 19 years of experience, including 8+ years specializing in Cybersecurity and 6+ years in ICT team leadership. Currently serving as Joint Director (Head of IT) at a national NGO in Bangladesh working in microfinance, I also provide part-time consultancy in: 🔍 ICT & IS Audits 🛡️ Vulnerability Assessment and Penetration Testing (VAPT) 🔐 ISO 27001 Audits My role blends both technical expertise and strategic oversight, allowing me to drive robust cybersecurity solutions across critical financial and non-financial institutions. 🔧 Core Competencies 🔹 IT/IS Audit & Risk Assessment (Banks, Enterprises) 🔹 Cybersecurity Consulting (ISO 27001, NIST, Local Regulatory Frameworks) 🔹 Vulnerability Assessment & Penetration Testing (VAPT) 🔹 Secure Web Development (PHP, Laravel, JavaScript) 🔹 Cybersecurity Awareness & Capacity Building 📜 Certifications & Credentials ✔️ Certified Information Systems Auditor (CISA) – ISACA ✔️ Certified Ethical Hacker (CEH) – EC-Council ✔️ ISO/IEC 27001 Lead Auditor ✔️ PRINCE2 Foundation (2017) ✔️ COBIT® 5 Foundation ✔️ ITIL Foundation ✔️ Cisco Certified Network Associate (CCNA) ✔️ Microsoft Certified Solutions Associate (MCSA) ✔️ Red Hat Certified Engineer (RHCE) 🧩 Selected Consultancy Projects 🔸 ISO 27001 Audit ▪️ NRB Bank Ltd., Bangladesh ▪️ Mutual Trust Bank Ltd. ▪️ Dhaka Bank Ltd. 🔸 ICT Audit ▪️ Central Procurement Technical Unit (CPTU), Planning Commission (PwC Project) ▪️ IPDC Finance Ltd. 🔸 VAPT Assessment ▪️ Digital Healthcare Solutions ▪️ Department of Social Services (DSS) 🖥️ Technical Skills 💼 Servers: Experienced in managing both Linux & Windows-based mail and web servers 🌐 Networking: Skilled in managing firewalls, routers, and secure configurations 🛠️ Development: Proficient in developing web & desktop applications, and database design, development, and maintenance

  • Penetration Testing
  • Vulnerability Assessment
  • ASP.NET
  • PHP
  • CentOS
  • Android App Development
  • MySQL Programming
  • Microsoft Small Business Server Administration
  • MikroTik RouterOS
  • Microsoft SQL Server Programming
Md Azizur R.

Dhaka, Bangladesh

$75/hr
4.9
35 jobs

I help organizations become audit-ready, secure, and compliant - without overengineering or slowing down business. With 17+ years in cybersecurity, I operate as a Fractional CISO (vCISO), bridging technical execution, risk governance, and compliance across fast-growing SaaS companies, fintech, and enterprise environments. I specialize in building end-to-end security programs aligned with: ISO/IEC 27001 SOC 2 NIS2 Directive HIPAA 🎯 What I Deliver 🔐 Compliance & Audit Readiness SOC 2 Type I & II end-to-end readiness ISO 27001 ISMS design, implementation & audit support NIS2 gap assessment & full implementation roadmap HIPAA compliance for SaaS, VoIP, and cloud platforms 🛡️ Security Leadership (vCISO) Security strategy aligned with business goals Risk management (NIST CSF, CIS Controls) Board-level reporting (Risk vs Cost vs Impact) Vendor & third-party risk management ⚙️ Technical & Cloud Security AWS / GCP / Azure security architecture & hardening DevSecOps & Secure SDLC (SAST, DAST, IAST integration) Application & API security testing Identity & Access Management (IAM / PAM) 🔍 Offensive Security & Assurance Penetration testing (Web, mobile and Network) Red team simulation & threat modeling Secure code review & vulnerability management 🧠 Why Clients Hire Me I don’t just deliver policies - I deliver working security programs I translate technical risk into business decisions I align compliance with real-world architecture (AWS, SaaS, DevOps) I help you pass audits AND actually be secure 🏆 Credentials CISM • CISA • CEH • ECSA • LPT (Master) ISO 27001 Lead Implementer (BSI) AWS Security Specialty • Azure Security (AZ-500) 💡 Engagement Model Fractional CISO (ongoing advisory) Compliance programs (SOC 2 / ISO 27001 / NIS2 / HIPAA) Security assessments & remediation Audit readiness & evidence preparation 🚀 Let’s Talk If you're preparing for an audit, scaling securely, or need a CISO-level partner without full-time cost, I can help you get there efficiently.

  • Information Security
  • Vulnerability Assessment
  • Database Security
  • Network Security
  • Cybersecurity Management
  • Application Security
  • Penetration Testing
  • Source Code Scanning
  • Security Testing
  • Security Policies & Procedures Documentation
  • Security Engineering
  • ISO 27001
  • Cloud Security
  • Security Analysis
  • Secure SDLC
Md Mahabubur R.

Uttarati, Bangladesh

$75/hr
4.8
41 jobs

Greetings! I'm Md Mahabubur Rahman, a dedicated "Google Certified Security Analyst" with a mission to safeguard digital landscapes. With 4 years of experience, I specialize in creating security frameworks and defending against evolving cyber threats. --- What I Offer: In the dynamic world of cybersecurity, I provide a range of services to fortify your digital assets. From conducting comprehensive vulnerability assessments and penetration testing to designing and implementing robust security architectures, I am committed to ensuring your online presence is resilient and secure. --- Why Choose Me: 🔒 Expertise in Threat Mitigation: I excel in identifying and neutralizing potential threats through proactive risk assessments and strategic planning. 📏 Industry-Standard Compliance: I stay current with the latest industry standards and regulations, ensuring your systems meet or exceed compliance requirements. 🚨 Incident Response and SOC L1 Skills: As a Google Certified Security Analyst, I am well-versed in incident response, monitoring, threat detection, and analysis – skills essential for SOC L1 professionals. In the event of a security incident, my rapid response and mitigation strategies are designed to minimize downtime and protect your sensitive data. --- Key Skills: - Penetration Testing - Security Audit - Network Testing - Insecure OS/Firmware - Cross-Site Scripting (XSS) - Server Security Misconfiguration - Application-Level Denial-of-Service (DoS) - Server-Side Injection - Client-Side Injection - Sensitive Data Exposure - Malware Detection and Removal (Websites & Computers) - Ransomware Data Decryption - Content Removal from Websites - Phone Number Information Security - WordPress Speed Optimization - Amazon Web Services - Cloud Penetration Testing - Data Recovery - Malware, Phishing, Breach, and Data Leakage Detection - Social Media Security Issues - Incident Response - SIEM Management - Security Operations --- Industries I've Worked In: My experience spans industries such as "Manha Technology", "Eshikhon.com", "Recrutu", and '"salvanos", where I've successfully implemented my cybersecurity solutions. --- Enhance Your Cybersecurity: I’m excited to help strengthen your cybersecurity. Whether you’re a small business or a large enterprise, let’s talk about improving your defense against cyber threats.

  • Information Security
  • Penetration Testing
  • Social Media Management
  • Ethical Hacking
  • Security Assessment & Testing
  • Network Security
  • Web Development Consultation
  • Amazon Web Services
  • Digital Forensics
  • SEO Audit
  • Incident Response Plan
  • Security Operation Center
  • WordPress Malware Removal
  • WordPress Bug Fix
  • SOC 1

How it works

Post a job for free Post a job

Tell us what you need. Create your own job post or generate one with AI then filter talent matches.

Hire top talent fast

Consult, interview, and hire quickly, so you can meet the freelancers you're excited about.

Collaborate easily

Use Upwork to chat or video call, share files, and track project progress right from the app.

Payment simplified

Manage payments in one place with flexible billing options. Only pay for approved work, hourly or by milestone.

Don't just take our word for it

How do I hire a Information Security Audit Freelancer in Bangladesh on Upwork?

You can hire a Information Security Audit Freelancer in Bangladesh on Upwork in four simple steps:

  • Create a job post tailored to your Information Security Audit Freelancer project scope. We'll walk you through the process step by step.
  • Browse top Information Security Audit Freelancer talent on Upwork and invite them to your project.
  • Once the proposals start flowing in, create a shortlist of top Information Security Audit Freelancer profiles and interview.
  • Hire the right Information Security Audit Freelancer for your project from Upwork, the world's largest work marketplace.

At Upwork, we believe talent staffing should be easy.

How much does it cost to hire a Information Security Audit Freelancer?

Rates charged by Information Security Audit Freelancers on Upwork can vary with a number of factors including experience, location, and market conditions. See hourly rates for in-demand skills on Upwork.

Why hire a Information Security Audit Freelancer in Bangladesh on Upwork?

As the world's work marketplace, we connect highly-skilled freelance Information Security Audit Freelancers and businesses and help them build trusted, long-term relationships so they can achieve more together. Let us help you build the dream Information Security Audit Freelancer team you need to succeed.

Can I hire a Information Security Audit Freelancer in Bangladesh within 24 hours on Upwork?

Depending on availability and the quality of your job post, it's entirely possible to sign up for Upwork and receive Information Security Audit Freelancer proposals within 24 hours of posting a job description.