Hire the best Information Security Audit Freelancers in Pakistan
Check out Information Security Audit Freelancers in Pakistan with the skills you need for your next job.
- $45 hourly
- 5.0/5
- (16 jobs)
I'm Ali Hassan Ghori, a passionate and well-known cybersecurity professional with over 10 years of experience in safeguarding critical systems. I am listed in more than 350 Hall of Fames for reporting vulnerabilities and improving security posture of organizations. I have been recognized by the global tech giants like: ⭐Google ⭐Apple ⭐Microsoft ⭐Facebook ⭐Twitter (now 'X') ⭐RedHat ⭐Oracle ⭐LinkedIn My expertise lies in identifying and eliminating vulnerabilities before they can be exploited. I'm equipped with industry-leading certifications, including: ✅Certified Penetration Testing Engineer (CPTE) from Mile2 ✅Certified Red Team Professional (CRTP) from Pentester Academy ✅Certified Ethical Hacker (CEH) from EC-Council ✅Certified Vulnerability Assessor (CVA) from Mile2 ✅EC-Council Certified Security Analyst (ECSA) from EC-Council ✅ISO 27001 Lead Implementor from SGSPK ✅Certified AppSec Practitioner (CAP) from SecOps ✅Certified Blockchain Practitioner (CBP) from SecOps I possess a comprehensive skillset that enables me to perform in-depth security assessments across various domains, including: ✅Web Application Security Assessments ✅Mobile Application Security Assessments (Android/iOS) ✅Network Vulnerability Assessments ✅Cloud & Container Security Assessments ✅Red Teaming ✅Social Engineering ✅Configuration Review ✅Segmentation Testing Technical Arsenal - Manual in-depth testing for OWASP Top 10, CWE/SANS Top 25, MITRE ATT&CK etc. - Skilled in programming and scripting languages (Python, C#, Asp.NET, PHP, Ruby on Rails, Laravel, C/C++, Bash etc. - Global testing standards and compliances, including NIST, CREST, PCI DSS, HIPAA. GDPR etc. - Possess a keen analytical mind and attacker mindset to identify creative exploitation techniques. - Proficient in pentesting tools like Burp Suite, OWASP Zap, Nessus, Acunetix, Metasploit, Wireshark etc. I'm committed to delivering high-quality work that meets the needs of my clients, and I'm always striving to keep my skills up-to-date with the latest industry trends and technologies. If you're looking for a skilled and experienced cybersecurity professional for your project, please don't hesitate to get in touch.
Information Security Audit
WordPress Malware RemovalWeb Application SecurityMobile App TestingWebsite SecurityApplication SecurityPenetration TestingVulnerability Assessment - $100 hourly
- 4.9/5
- (15 jobs)
Highly competent and tech-savvy Penetration tester and cyber security analyst with hands-on experience in business continuity, vulnerability assessment and penetration testing, risk management, risk mitigation, compliance, Risk Assessment of digital assets, and Application development. Applied expertise in information security best practices and configuration, including security audit, risk assessment, regulatory requirements, standards and procedures for information data, host and network security practices, information security policy standards, procedures, and other methodologies. Dedicated to excellence, improving IT compliance, streamlining processes, and spearheading the development of technical solutions in highly structured and regulated environments. Noted for impeccable work, a core set of values, business ethics, and personal integrity, doing the right thing at all times, completing projects with diligence, efficiency, and effectiveness. ---------------------------------- AREAS OF EXPERTISE---------------------------------- • VAPT – Vulnerability Assessment and Penetration Testing • Risk Assessment of Digital Assets • Applications Security • Network Security • Malware Analysis • Kali Linux • Python Scripting • RAT Development • Android App Development ---------------------------------- CAREER CONTRIBUTIONS----------------------------------- - Facilitated Government in securing their public-facing digital assets by identifying and reporting vulnerabilities in “Citizens Portal Mobile App” and “Covid-Govt. Mobile App”. Major reported vulnerability: “Insecure Data Storage” | “Unintended Data Leakage” | “Insecure Communication” | “Susceptible to Reverse Engineering” | “Use of Hardcoded Credentials” - Recognized and appreciated officially by KP Cyber Emergency Response Center for identifying Information Security Issues in web/mobile applications. - Completed 50+ International projects. I have happy clients from all over the world. CERTIFICATIONS ~~ Certified Ethical Hacker. ~~ Fortinet Certified Network Security Expert, NSE1+NSE2. ~~ Certified Associate in Python Programming. TRAININGS DONE IN FIELD OF CYBER SECURITY ~~ Digital Forensics. ~~ OS Hardening. ~~ End User Security. ~~ Privacy and Data Protection Laws. ~~ Essentials of Cyber Security and Vulnerability Assessment. ~~ Web Application Penetration Testing. ~~ Mobile App Penetration Testing. ~~ Network Penetration Testing. Familiar with pentesting Network, Wireless, Bluetooth, Mobile Apps, Web Apps on various devices with various screen sizes and versions. Moreover, will provide user experience and full report of the bugs and record the testing and provide you recordings and screenshots with marking of the issues. Report Submission includes Screenshots (proof of concept) of vulnerability been exploited, CVE, CVSS risk level and mitigation to them. SERVICES: "OWASP top 10 vulnerability assessment" ☑️ SQL Injection. ☑️ Broken Authentication. ☑️ Insecure Data Storage. ☑️ Sensitive Information Leakage. ☑️ Insufficient Cryptography. ☑️ Cross-Site Scripting attack. ☑️ Broken Access Control. ☑️ Security Misconfiguration. ☑️ Business Logic Flaws. ☑️ Path Traversal Attack. ☑️ Insecure Design. ☑️ Software And Data Integrity Failures. ☑️ Server Side Request Forgery- SSRF. "OWASP Mobile Top 10 vulnerability assessment" ✔️ Static analysis ✔️ Dynamic Analysis ✔️ Reverse engineering ✔️ Code review ✔️ Find potential security flaw in application ✔️ SSL pinning check ✔️ Improper Platform Usage ✔️ Insecure Data Storage ✔️ Insecure Communication ✔️ Insecure Authentication ✔️ Insufficient Cryptography ✔️ Insecure Authorization ✔️ Client Code Quality ✔️ Code Tampering ✔️ Extraneous Functionality ✔️ Logging of Sensitive Data ✔️ Leakage of Sensitive Data ✔️ Malware check ✔️ Check list of IP's app is communicating with ✔️ API Tempering ✔️ Sandbox testing ✔️ Root Detection Work Methodology: # Information Gathering # Reconnaissance # Vulnerability Assessment # Exploitation # Maintaining Persistent Access # Clearing Traces # Report Submission I will first understand your requirement and then propose you best solution possible.
Information Security Audit
Network SecurityCertified Associate in Python ProgrammingKali LinuxWeb Application SecurityEthical HackingRisk AssessmentPython ScriptSecurity AnalysisCybersecurity ManagementPenetration TestingSecurity TestingVulnerability AssessmentPythonApplication Security - $51 hourly
- 5.0/5
- (9 jobs)
✅ Top-Rated Cybersecurity Expert 💼 8+ Years in Bug Bounty & Pen-testing 🔐 Recognized by 200+ Organizations 🏆 Top 31 on Bugcrowd 🎯 Specializing in Web, Mobile & API Security Testing ⌚ Supporting All Time Zones Are you seeking a battle-tested cybersecurity expert to fortify your digital assets? With over 8 years of professional experience I have a proven track record in uncovering and reporting vulnerabilities for tech giants such as Apple, Google, Microsoft, The U.S. Department of Defense & The Government of Singapore. As an active Bug Bounty Hunter ranked on platforms like HackerOne and Bugcrowd, I bring a wealth of real-world experience to every engagement. 💬 Why Choose Me? 🔒 Extensive Experience: I've identified and responsibly disclosed hundreds of security flaws across diverse platforms, from startups to Fortune 500 companies. 🔍 Comprehensive Security Services: • Web and Mobile Application Penetration Testing • API Security Assessments • Network Vulnerability Scanning • Bug Bounty Program Consultation • Security Awareness Training • Detailed Reporting with Actionable Remediation Steps 🔑 Personalized Service: Every project is unique. I tailor my approach based on your Application/Network and security requirements. 📞 Clear Communication: From initial scoping to final debriefing, I offer detailed reports, regular meetings, and follow-up services to ensure all your concerns are addressed. Let’s secure your Applications together ---- Reach out for a consultation!
Information Security Audit
Security ManagementWeb App Penetration TestingSecurity AnalysisSecurity EngineeringWebsite SecurityWeb Application SecurityEthical HackingNetwork Penetration TestingOWASPVulnerability AssessmentInformation Security ConsultationPenetration Testing - $17 hourly
- 4.9/5
- (12 jobs)
Thank you for viewing my profile. I specialize in providing auditing, compliance, and risk assessment services with respect to ISO-27k assessments, SOC2, NIST 800-53, and NIST Cybersecurity Framework (CSF). Moreover, cybersecurity gap analysis, Capability Maturity Model (CMM) levels, and auditing reports are the services that I can provide. Experience: 7+ Years of Experience in Information Security Auditing, Compliance and Evaluation Professional Services: - Design policies and implement IT control testing procedures - Conduct risk assessments and develop risk mitigation strategies - Monitor and report on risk management activities and risk exposure - Coordinate and support internal and external audits - Work closely with IT, legal, audit, and business teams to ensure comprehensive GRC coverage - Consulting on cybersecurity frameworks and strategies Professional Journey: o Successfully enabled desktop application to get approval from Australian Taxation Office (ATO) by reporting its compliance with ISO-27001:2022 o Developed cybersecurity policies for organizations in Saudi Arabia o Helped client to get license for a product in compliance with Qatar Data Protection Law o Provided compliance services to achieve compliance against CTDISR-Pakistan o Prepared playbook for a tool meant to check compliance of organization against EU AI Act o Helped US based finance based organization to achieve compliance against SOC2 o Provided auditing services followed by remediation plan for Pakistan based healthcare, telecom, ISPs and various other sectors Technical Proficiency: - Preparing detailed audit reports - Identifying key findings and tracking technical progress - Authoring research papers and developing comprehensive technical documentation Certifications: - Certified ISO27001 Lead Auditor by CQI|IRCA, - Certified in Cybersecurity (CC) by (ISC)^2, - Certified ISO-20000 IT Service Management Associate, - Certified ISO-27001 Information Security Associate, - Certified ISO-9001 Quality Management Systems Associate. Projects Taken: National and International Projects for Auditing and Compliance in telecom, health care, ISPs, government and semi-government sectors International Standards: SOC2, NIST 800-53, ISO-27001:2013, ISO-27002:2002, NIST CSF- Cybersecurity Framework, ISO/IEC 27011:2016 (Telecom Sector), and CIS Controls- Critical Security Controls., PCIDSS, NIST CSF, SAMA, HIPAA, ISO-22301, GDPR Keywords: Internal Audit, cybersecurity, risk assessment, gap analysis, compliance, risk assessment report, risk analysis, IT compliance audit, GRC, ISO 27001, ISO 27002, SOC2, NIST, NIST 800-53, NIST Cybersecurity Framework, NIST CSF, CIS Top 20, technical Writing, policies, procedures, and guidelines, GDPR, HIPAA, ISO22301, SAMA CSF, PCIDSS
Information Security Audit
SOC 2Internal AuditingGDPR Compliance ReviewCompliance ConsultationGap AnalysisNIST SP 800-53NIST Cybersecurity FrameworkPolicy DevelopmentGovernance, Risk Management & ComplianceInformation Security ConsultationRisk ManagementPolicy WritingIT Compliance AuditISO 27001 - $30 hourly
- 4.8/5
- (28 jobs)
I am a professional cybersecurity consultant with more than 14+ years of experience. I have completed OSWE, OSCP and CRTP certifications. I could professionally help in the following cybersecurity domains: - Web Application/API Penetration Testing (DAST) - Mobile Application Penetration Testing - Network Penetration Testing - Wireless Network Penetration Testing - Cloud Penetration Testing - OT/SCADA Penetration Testing - Thin Client Penetration Testing - Desktop Apps Penetration Testing - Source Code Review (SAST) - Red Teaming - Social Engineering - Security Architecture Review - Configuration Assessment - GRC (Governance, Risk Assessment and Compliance) - Cyber Capability Education & Training
Information Security Audit
PythonJavaScriptInformation SecurityPHPPenetration TestingEthical HackingCybersecurity ManagementLinuxInformation Security AwarenessInformation Security GovernanceSecurity AnalysisMetasploitInformation Security ConsultationNetwork Security - $10 hourly
- 5.0/5
- (94 jobs)
As an experienced Cybersecurity Professional, my expertise encompasses Penetration Testing, Vulnerability Scanning, Information Security Management, and Compliance Oversight. With a comprehensive background, I provide multifaceted skills for effective digital asset protection in the dynamic cybersecurity landscape. In Cybersecurity Assessment, I excel in Threat Identification and Mitigation, adept in using tools like Burp Suite, Metasploit, OWASP ZAP, Nessus, and Nmap. My proficiency extends to Google CASA Tier 2 assessments, where I specialize in both dynamic and static scanning, leveraging OWASP ZAP and Fluid Attacks for robust evaluations. This expertise complements my in-depth understanding of Network Protocols, Firewall Configuration, and Database Management, and experience in various Operating Systems. My programming skills in Python, Perl, Ruby, and Bash Scripting enable the development of custom security tools, automating Penetration Testing and Vulnerability Assessment processes. These abilities, coupled with my analytical problem-solving skills, empower me to anticipate and counter Cyber Attacks effectively. In Web Application Security, I combine knowledge of Web Development and Penetration Testing for comprehensive Application Security Assessments. As an OSINT Specialist, I utilize public data sources for enhanced Risk Assessments and Threat Modeling. My role as a Chief Information Security Officer (CISO) and Compliance Officer underlines my commitment to Information Security Policies and regulatory standards adherence. Dedicated to professional growth, I continuously engage with the latest Cybersecurity Trends and technologies through Industry Conferences and Professional Development Courses. My extensive skill set is geared towards providing effective Risk Mitigation Strategies, ensuring the security and integrity of digital assets.
Information Security Audit
ISO 27001Information Security Threat MitigationMaltegoTechnical SupportTechnical WritingNetwork Penetration TestingRisk AssessmentEthical HackingRisk AnalysisCyber Threat IntelligenceWeb App Penetration TestingRisk ManagementVulnerability AssessmentPenetration Testing - $20 hourly
- 4.0/5
- (25 jobs)
✔️ Get the burden of security and compliance management taken off your shoulder, so you can focus on building your company. Cybersecurity expert with specialization in SIEM/SOC and SOAR technologies, offering comprehensive information security engineering services. With a track record of safeguarding organizations from cyber threats, I bring expertise in threat detection, incident response, and automation to enhance your security posture. Let's fortify your digital defenses and ensure your data remains secure. Expertise: 🛡️ Vulnerability Scans and Assessment. ✔️ Deployment of different SIEM solutions (LogRhythm, Splunk, IBM QRadar, Log Sign, Wazuh, Rapid7, etc.) ✔️ Deployment of EDR, XDR solutions. ✔️ finely-tuned SIEM alarm rules and developed incident response playbooks for enhanced security readiness. ✔️ Comprehensively defend by aligning MITRE ATT&CK against cyber threats at every phase of an attack. ✔️ Manage SOCAAS(SOC as a Service) 💰 Save money by knowing the right approach, security tool, or solutions. ✔️ Cyber Security Tutor | Conduct Training for Cyber Awareness. ✔️ Tasks of Programming (C++, Python, JavaScript) | Logs Parsing (Regular Expression). ✔️ Digital Forensic. Commitments: ✅ Safeguard Your Business Ahead of Threats ✅ Client Satisfaction ✅ Supporting all time zones ✅ Long-term engagements I have gained expertise in most cyber security tools for Vulnerability Assessment (VA) and Penetration Testing (PT). I am eager to partner with your organization to deliver cybersecurity & compliance solutions. Just chat me up 🤙
Information Security Audit
Vulnerability AssessmentPenetration TestingCyber Threat IntelligenceSecurity Operation CenterTechnical WritingInformation Security ConsultationInformation Security Threat MitigationInformation Security GovernanceInformation SecuritySOC 2 ReportSOC 2Cybersecurity ToolCybersecurity ManagementCybersecurity Monitoring - $30 hourly
- 4.9/5
- (80 jobs)
Greetings! I am Muhammad Taha Siddiqui, a seasoned Cyber Security Consultant with over 8 years of industry experience. I hold a Master's degree in Information Security and currently serve as a Senior Cyber Security Consultant in a US based firm, specializing in GRC consultancy services. My expertise spans ISO27001, NIS2, DORA, GDPR, SOC2, NIST CSF, NIST 800-171 compliance, penetration testing, and vulnerability assessments. Services I Offer: 1. ISO 27001 Implementation & Consultancy - End-to-end design, implementation, and certification support for Information Security Management Systems (ISMS). - Gap analysis, risk treatment planning, and technical guidance on implementation of controls. 2. Compliance Audits - Internal Audits aligned with SOC 2, ISO 27001, PCI-DSS, and other regulatory standards. - Pre-certification readiness assessments and corrective action plans. 3. Policy & Procedure Development - Customized cybersecurity policies, SOPs, and playbooks compliant with ISO 27001, NIST 800-171, GDPR, SOC 2, and PCI-DSS. - Policy review/alignment for evolving threats and regulations. 4. Risk Assessments & Audits - Risk-based assessments to identify vulnerabilities and prioritize remediation. - Quantitative/qualitative risk analysis with actionable mitigation strategies. 5. Penetration Testing & Vulnerability Management - Comprehensive testing for web apps, APIs, Android apps, networks, and cloud environments (AWS/Azure/GCP). - Detailed reports with remediation guidance and retesting support. 6. GDPR Compliance - Data Protection Impact Assessments (DPIAs) and GDPR compliance roadmaps. - Breach response planning and EU representative services. 7. GRC Advisory Services - Strategic guidance for ISO 27001, NCA ECC, NIS2, EU DORA, HIPAA, HITRUST, NIST 800-171, and other frameworks. - Governance alignment, third-party risk management, and audit preparation. -------------------MY JOURNEY--------------------------- As a dedicated cybersecurity professional, I’ve successfully delivered projects across Penetration Testing, Risk Management, and compliance frameworks including ISO 27001, HIPAA, PCI-DSS, NCA ECC, SAMA CSF, and SOC2. My expertise includes designing tailored compliance roadmaps, conducting vulnerability assessments, and aligning organizations with international standards to mitigate risks and avoid penalties. Notably, I managed a World Bank-funded cybersecurity initiative, developing and implementing an ISO 27001-based program that streamlined governance processes and enhanced the organization’s security posture. Whether safeguarding sensitive data, achieving compliance, or hardening systems against threats, I combine technical controls with strategic insights to deliver measurable results for clients in regulated industries. WHY PARTNER WITH ME? ✅ Certified expertise in global frameworks (e.g., NIST, ISO 27001, NCA ECC, HIPAA, GDPR). ✅ Proven track record in high-stakes environments (financial, healthcare, IT, government). ✅ Remote-friendly workflow with clear communication across time zones. -------------------CERTIFICATIONS AND ACHIEVEMENTS--------------------------- I hold the following certifications and achievements: -ISO27001 Lead Auditor. - Certified Multi-Cloud Red Team Analyst. - Qualys Certified Specialist. - IBM Cyber Security Analyst (Professional Certificate by IBM). - GDPR Data Protection Officer Skills, University of Derby. - Burp Suite Mastery (Web Application Security Testing Tool). - Fortinet Network Security Expert, NSE 1 & NSE 2. - Certified Network Security Specialist. - AWS Security Fundamentals. - Cybersecurity Threat Landscape. - Information Security Incident Handling, Charles Sturt University, Australia. - Hacking Countermeasures, Charles Sturt University, Australia. - CISM Prep. - CISA (MS Coursework equivalent to CISA) - Knowledge of CISSP (MS Coursework equivalent to CISSP) I look forward to collaboration. Kind regards! Cyber Security Consultant, Muhammad Taha Siddiqui.
Information Security Audit
Web Application FirewallPolicy WritingFortinetISO 27017SOC 2 ReportMicrosoft AzureCertified Information Systems Security ProfessionalISO 27001Information SecurityVulnerability AssessmentCybersecurity ManagementNetwork SecurityPenetration TestingDigital Forensics - $55 hourly
- 5.0/5
- (45 jobs)
I’ve helped companies get ISO 27001/SOC-2/PCI-DSS/FedRAMP/CMMC certifications and compliance against standards such as NIST and HIPAA. I offer 𝗠𝗢𝗡𝗘𝗬-𝗕𝗔𝗖𝗞 𝗚𝗨𝗔𝗥𝗔𝗡𝗧𝗘𝗘 to my clients against ISO 27001, SOC 2 and PCI-DSS compliance! Are your clients requesting security certifications or compliance against HIPAA, ISO 27001, SOC 2, PCI-DSS, or FedRAMP etc.? Do you want a cost effective solution for achieving and maintaining compliance? Do you want help is filling out the security assessment questionnaires and want someone to respond in a way that you are able to win the deal? Do you want surety/ confirmation that your certification project will be a success and you won't loose money over consultation? If you have already purchased a DIY compliance tool (Drata, Vanta, Thoropass/HeyLaika, Sprinto, OneTrust Compliance Automatization/Tugboat Logic, SecureFrame, and so on) but don’t have the time and energy to achieve and maintain compliance) Do you want to enhance your company's current security posture? MY PROFILE I have over 10 years of experience and have worked within IT GRC (Governance, Risk, Compliance), internal controls and review assurance roles within financial, telecom, fintech and banking industry. The combination of Information technology, accounting & auditing has molded me into an individual who can perform IS Audits (General Controls, Application Controls, Specialized Audits, IT policy & SOPs), IT risk reviews (Risk Assessments, BCP & DR, Risk Mitigation & Control Design), Ethical Hacking, Functional Reviews & QA (Quality Assurance) Services, IT security consultancy (IS Policy & Implementation under different frameworks i.e. 27001, NIST, COBIT 5, PCI, HiTrust, HIPAA, GDPR, SOC 2, SOX) and pre-implementation & post-implementation project reviews, BRD creation by following industry best practices. I can secure your cloud environment with expertise in AWS and Azure by following security hardening best practices. I have also served as DPO (Data Protection Officer) for various clients to help them conform with GDPR requirements. MY CREDENTIALS - CISSP (Certified Information Systems Security Professional) - USA - CISA (Certified in Information System Audit) - USA - CRISC (Certified in Risk & Information Systems Control) - USA - CGEIT (Certified in Governance of Enterprise IT) - USA - SQL Fundamentals (Oracle) - EH (Ethical Hacker) - Cyber security Fundamentals Certification - Kaspersky - Google Analytics - NSE 5 (Network Security Analyst) Tags: Information Security Analyst Chief Information Security Officer ( CISO ) Information Security Manager SOC Analyst SOC (Security Operations Center) Tools: SIEM, CrowdStrike Falcon, Fortinet, FortiAnalyzer, FortiGate, FortiSIEM, Stellar Cyber, Cylance, Splunk, AWS CloudWatch, Microsoft Defender (Azure), AWS CloudTower, GCP
Information Security Audit
Information Security ConsultationInformation SecurityCybersecurity ManagementSecurity Policies & Procedures DocumentationPCICloud Security FrameworkNIST SP 800-53SOC 2HIPAAIT General Controls TestingSecurity Operation CenterISO 27001SOC 2 Report - $80 hourly
- 5.0/5
- (2 jobs)
🚀 Certified IT Auditor | Cybersecurity & Risk Compliance Expert | CISA Certified 🚀 I am a Certified Information Systems Auditor (CISA) with over 24 years of IT experience, specializing in IT audits, cybersecurity, governance, risk management, and compliance (GRC). My career spans internal and external IT audits, penetration testing (VA/PT), business process reengineering (BPR), and compliance audits across financial institutions, multinational corporations, and government agencies. I have worked with banks, fintech, telecom, energy, and large enterprises, ensuring compliance with global security standards such as: ✔ ISO 27001 (Information Security Management) ✔ SOC 1 & SOC 2 Type II (IT Audit & Risk Compliance) ✔ PCI DSS (Payment Security) ✔ SWIFT Customer Security Controls Framework (CSCF) ✔ NIST Cybersecurity Framework (CSF) ✔ PTA’s Critical Telecom Data & Security Regulations (CTDISR-2020) ✔ SBP, SECP & Other Regulatory Standards 🔹 What I Offer 🔹 ✅ IT Audit & Compliance ✔ IT General Controls (ITGC) & Application Control Audits ✔ Pre/Post ERP Implementation Audits (SAP, Oracle) ✔ Financial Systems Audit & Risk Assessment ✔ Vendor Risk Assessment & Third-Party Audits ✅ Cybersecurity & Risk Management ✔ Vulnerability Assessment & Penetration Testing (VA/PT) ✔ Incident Response Planning & SOC Maturity Assessment ✔ Business Continuity & Disaster Recovery Planning (BCP/DRP) ✔ Physical Security & Data Center Security Audits ✅ Governance, Risk & Compliance (GRC) ✔ ISO 27001 Certification Readiness ✔ IT Risk Register Review (ISO 31000) ✔ SOC 1 & SOC 2 Compliance Readiness ✔ Cybersecurity Framework Implementation (NIST, CIS, etc.) ✔ Data Privacy Compliance (GDPR, HIPAA, SBP Guidelines) ✅ Business Process Reengineering & IT Strategy ✔ Enterprise IT Risk Management Strategy ✔ Digital Transformation & IT Infrastructure Optimization ✔ IT Policy Development & Security Awareness Training 🔹 Key Achievements 🔹 ✔ Conducted 250+ IT audits for banks, fintech, telecom, and government agencies ✔ Led ISO 27001 & SOC 2 compliance projects for enterprises, ensuring audit success ✔ Successfully conducted penetration testing and cybersecurity risk assessments for financial institutions ✔ Developed cybersecurity frameworks for Saudi Pak Leasing, Bank of Khyber, and Al Moiz Group ✔ Assisted global companies with SWIFT CSCF, PTA CTDISR, and PCI DSS compliance 🔹 Industries Served 🔹 🏦 Banking & Fintech | 🏢 Corporate Enterprises | 📡 Telecom & Technology | ⚡ Energy & Utilities | 🏥 Healthcare & Insurance 🔹 Why Work With Me? 🔹 ✔ Deep Industry Experience – 24+ years in IT & 10+ years in auditing ✔ CISA Certified & Compliance-Focused – Strong track record in risk assessment & cybersecurity ✔ Results-Oriented Approach – Delivering value-driven IT audit & security solutions ✔ Strong Communication & Leadership – Managing teams & leading complex security projects 💡 Ready to Secure Your Business? Let’s Connect! 💡 💬 Contact me today to discuss your IT audit, cybersecurity, and compliance needs!
Information Security Audit
IT InfrastructurePenetration TestingVulnerability AssessmentCybersecurity ManagementDisaster Recovery PlanBusiness Continuity PlanApplication AuditData PrivacyIT Compliance AuditRisk AssessmentIT General Controls TestingNetwork Access ControlSecurity Policies & Procedures DocumentationProject Management - $35 hourly
- 5.0/5
- (2 jobs)
✅ ISO 27001, SOC 2, SAMA CSF, NCA, GDPR, PDPL & NIST Compliance—Made Simple! ✅ 🔒 Struggling with cybersecurity compliance? 🔍 Need ISO 27001, SOC 2, GDPR, or SAMA CSF certification support? 🚀 Want to strengthen your security posture and pass audits efficiently? I help businesses achieve, maintain, and simplify compliance with industry-leading security standards. With 10+ years of experience in GRC, cybersecurity audits, and risk management, I have worked with companies across finance, telecom, fintech, and healthcare to reduce security risks and ensure regulatory compliance. 🔹 My Expertise Includes: ✔ ISO 27001, 27017, 27018, 27701 & SOC 2 Compliance & Certification – Policy development, risk assessments, gap analysis, and internal audits. ✔ Cybersecurity Governance, Risk & Compliance (GRC) – Implementation of security frameworks like NIST 800-53, CIS Controls, HIPAA, PCI DSS, ISO 27001, SAMA CSF, BCM, NCA ECC, NCA DCC, PDPL, GDPR, DPTM. ✔ Risk Management & Security Audits – IT risk assessments, third-party vendor risk assessments, gap analyses, and compliance audits. ✔ Virtual CISO (vCISO) & Advisory Services – Fractional CISO support for businesses needing strategic cybersecurity leadership. ✔ Automated Compliance Tools – Expert in Lockpath, AuditBoard, OneTrust, ServiceNow GRC to streamline compliance. 🔹 Certifications & Technical Skills: 📌 Certified Information Security Manager (CISM) - ISACA USA 📌 Certified Information Security Auditor (CISA) - ISACA USA 📌 Certified in Cybersecurity (CC) - ISC2 USA 📌 ISO 27001 Lead Auditor (LA) - IRCA UK 📌 Certified Computer Hacking & Forensics Investigator (CHFI) - EC Council 📌 Master’s in Information Security (MS IS) | Bachelor’s in Computer Science (BS CS) 💡 Need help with compliance, security policies, risk assessments, or audit preparation? I can save you time, reduce risks, and ensure a smooth certification process. My few successful project: 📌 ISO 27001:2022, Data Protection Trust Mark Certification, ISO27017, ISO27018 consultancy services for a Leading Telecom Company in Singapore 📌 SAMA CSF & PDPL Compliance for Banks in Egypt, Saudi Arabia. 📌 IT/Cybersecurity Audit (ISO 27001) for a Fintech Company in Bahrain 📌 Compliance Software Consultation for an IT Firm in Oman 📌 IT/Cybersecurity Audit Services to a group of companies in UAE. 📌 ISO27001 Implementation services to multiple firms in Consulting, retail, fertilizer companies. 📢 Let’s discuss your cybersecurity needs. Click “Invite” to connect!
Information Security Audit
Disaster Recovery PlanBusiness Continuity PlanOWASPNIST Cybersecurity FrameworkCloud SecurityGDPR Compliance ReviewComplianceVendor ManagementGovernance, Risk Management & ComplianceISO 27018ISO 27017ISO 27001Information Security Awareness - $60 hourly
- 5.0/5
- (4 jobs)
Hi! I'm Abdulrehman, a highly skilled cybersecurity specialist with expertise in ethical hacking, web security, and vulnerability assessment. With a proven track record in identifying and mitigating network vulnerabilities, I bring a comprehensive set of technical skills and strategic problem-solving abilities to safeguard your digital assets. As an experienced ethical hacker, I possess a deep understanding of penetration testing methodologies and advanced security tools. My proficiency includes working with renowned software like Kali Linux, Metasploit, Burp Suite, Nmap, and more. Leveraging these tools, I conduct thorough security audits, vulnerability assessments, and penetration tests to ensure the highest level of protection for your systems and applications. Beyond technical expertise, I pride myself on effective communication and collaboration with clients. By actively listening to your specific security needs, I develop tailored solutions that align with your goals. Whether you require assistance in combating cyber threats, achieving compliance with industry standards, or securing your cloud infrastructure, I am prepared to deliver impactful results. Key Areas of Expertise: ✔️Ethical Hacking and Penetration Testing: Identifying and mitigating network and web application vulnerabilities. ✔️Web Security: Offering comprehensive security assessments, malware detection, and breach prevention. ✔️Vulnerability Management: Conduct thorough assessments, static and dynamic code analysis, and providing remediation recommendations. ✔️CMS Security: Expertise in securing WordPress, Joomla, Drupal, and Magento platforms, including virus and malware detection and removal. ✔️Cloud Security: Assessing AWS infrastructure vulnerabilities and providing actionable recommendations for enhanced security. ✔️API Security: Ensuring the security of your APIs through thorough testing and vulnerability detection. ✔️Incident Response: Assisting with malware and hack removal, restoring compromised systems, and implementing proactive security measures. ✔️Network Security: Conducting network penetration testing, security hardening, and implementing effective defense strategies. ✔️Compliance and Auditing: Assisting with firewall audits, PCI-DSS compliance, and ensuring adherence to industry regulations. With my dedication to continuous learning and staying up-to-date with the latest security trends, you can trust me to deliver cutting-edge solutions and protect your digital environment effectively. Let's fortify your security together for a safe and resilient future. Contact me today to discuss your cybersecurity needs!
Information Security Audit
Network Penetration TestingWeb Application SecurityApplication SecurityWordPress Malware RemovalInformation Security GovernanceSecurity AnalysisSecurity TestingEthical HackingNetwork SecurityDigital ForensicsVulnerability AssessmentWeb App Penetration TestingInternet SecurityPenetration Testing - $70 hourly
- 5.0/5
- (12 jobs)
Welcome to the profile of a renowned ethical hacker and bug bounty hunter, ranked among the top 400 hackers on Bugcrowd. With a remarkable portfolio that includes accolades from industry titans such as Samsung, Binance, cPanel, and F5, I bring unrivalled expertise and a track record of accomplishment to the table. What I Offer: Ethical Hacking Excellence: With extensive technical skills and an unwavering resolve to find vulnerabilities, I specialise in detecting and addressing security threats across a wide range of platforms and situations. Whether it's web apps or mobile apps, I have the expertise and knowledge to effectively strengthen your digital defences. Bug Bounty Mastery: As an experienced bug bounty hunter, I have gained the trust of major corporations by my careful methodology and unrelenting dedication to perfection. My contributions have been recognised by reputable businesses such as Samsung, Binance, cPanel, F5, and many others, demonstrating my ability to generate results that exceed expectations. Beyond bug finding, I provide full security consulting services that are tailored to your individual requirements. Whether you need strategic advice on On cyber security best practices or hands-on support in remediation efforts, I deliver practical insights to help you protect your assets and reduce any threats in advance. Why Choose Me: Trusted by Industry Leaders: My track record of accomplishment speaks for itself, with accolades from top-tier firms demonstrating my knowledge and professionalism. When you work with me, you will receive access to the same degree of expertise that has gained the trust of industry leaders globally. Proactive Approach: I believe in staying one step ahead of cyber threats by taking a proactive approach to security. By conducting extensive evaluations and executing effective mitigation measures, I assist customers in reducing potential hazards before they become full-fledged catastrophes. Collaborative collaboration: I see each client interaction as a collaborative collaboration with the goal of mutual success. I prioritise open communication, openness, and reactivity to guarantee that your individual demands and objectives are precisely satisfied. Let us strengthen your security posture: In an era of rising cyber dangers, investing in strong cyber security measures is critical for protecting your company's integrity and reputation. Partner with me to strengthen your defences, reduce potential risks, and remain ahead of the curve in today's ever-changing threat landscape. Contact me today to discuss how we help improve your security posture and secure what matters most to you.
Information Security Audit
Web TestingBug BountyOWASPWeb Application SecurityEthical HackingSecurity AnalysisPenetration TestingSystem SecuritySecurity Assessment & TestingSecurity TestingVulnerability AssessmentApplication Security - $75 hourly
- 4.9/5
- (25 jobs)
🏆 Top 3% on Upwork. ✅ Fluent English. ✅ Swift response and communications. I have more than 15 years of experience as a consultant, auditor & trainer in multinational organisations including Deloitte. I have developed strong expertise pertaining to gap assessment, risk assessment, information security documentation, information security governance, cyber security documentation, cyber security governance,and cyber security training. 👉 Below are my educational achievements: 🏆 CISSP-------(Certified Information Systems Security Professional) 🏆 HITRUST Certified CSF Practitioner-------(CCSFP) 🏆 CISM-------(Certified Information Security Manager) 🏆 CISA-------(Certified Information System Auditor) 🏆 CDPSE-------(Certified Data Privacy Solutions Engineer) 🏆 CCSK-------(Certificate of Cloud Security Knowledge) 🏆 ISO 27001-------Lead Implementer & Lead Auditor 🏆 ISO 22301-------Lead Implementer 🏆 MSc, BSc-------(Computer Engineering) 🏆 MBA Executive I also have extensive experience with a wide range of standards and regulations such as PCI DSS, ISO 27001, 27017, 27018, 22301, 37301, 31000 GDPR, HIPAA, HITRUST, NIST, SOC 2, SAMA CSF and NCA Standards in KSA. Furthermore, I have published 2 IEEE research papers and one journal paper, all related to cybersecurity. 👉Few examples of successfully delivered numerous projects related to cybersecurity, data protection, risk management, audit, and technology governance. ✅ Cybersecurity policies set for MechaPal, Japan ✅ HIPAA, HITRUST compliance for Healthtech startup in US ✅ GRCaaS project for Saudi Industrial Cities (Second year in progress) ✅ PCI DSS project for Bsecure (Fintech) ✅ SAMA CSF compliance documentation which includes risk management framework for Saudi Home Loans, Manafa Capital, MISForward, AlSagr Insurance, Alrajhi Takaful, MedGulf ✅ Data Protection Project for Saudi Government Agency ✅ HIPAA and NIST CSF compliance mapping for Security Scorecard, USA ✅ GDPR compliance project for Visionet, USA ✅ IT audit of Pakistan largest G2P program: BISP ✅ PCI DSS compliance project at Askari Bank, BAB, Fintechs (Bsecure, Tweeq, Tiqmo) ✅ Risk Assessment, VAPT and ITGC project at Mobilink Microfinance Bank ✅ ISO 27001 Project for SECP (Pakistan) & Emergent Payment (Ghana), HTS (Pakistan), Skyband (KSA), Modon (KSA), Volga Partners (USA), Skyband(KSA), RES(KSA) , Zepto Systems(Pakistan) ✅ Policy Development for MDC, UK ✅ ETGRM compliance for Telenor bank, Pakistan ✅ Data protection policy and security manual for Faceki, Bahrain ✅ Security policies development required by Master Card for mybook, Qatar
Information Security Audit
HITRUST Common Security FrameworkISO 27001Data ProtectionPresentation DesignPCI DSSComplianceData PrivacyBusiness ServicesGDPRInformation Security GovernanceSOC 2 ReportNIST SP 800-53Information SecurityCybersecurity ManagementInformation Security Consultation - $75 hourly
- 5.0/5
- (3 jobs)
Looking for a Cyber Seucurity expert? If yes, you found one! I have a proven track record of successfully designing, implementing, and managing security solutions for diverse set of clients and industries. Here's a portfolio of work I've done so far: - Design and implement security policies and procedures to safeguard company assets and data - Led risk assessments and vulnerability testing on internal systems and networks - Lead and manage the Implementation of security tools such as SIEM (Wazuh), firewalls (Fortinet), antivirus software (CrowdStrike), Mobile Device Management (Google MDM, Samsung Knox) and Password Vaults - Led comprehensive threat analyses to pinpoint vulnerabilities and formulated strategic countermeasures, - Led a team in evaluating emerging threats through trend analysis & deployment of threat intelligence platforms. - Deployed Google Credential Provider for Windows (GCPW) across 4000+ company systems, enhancing user access security. Simultaneously, managed the rollout and ongoing administration of Falcon CrowdStrike Endpoint Detection and Response (EDR) for robust threat monitoring for over 2000 users. - Led the design and setup of forensics lab, selecting and implementing advanced tools and technologies tailored for efficient data recovery and detailed forensic investigations - Design and implement incident response and disaster recovery planning - Provide leadership and guidance to other departments on security policies, Security audits, Data classification and protection - Collaborate with other companies and vendors to ensure security compliance and identify potential vulnerabilities and Data leakage Conduct security awareness training to employees and stakeholders to improve security awareness and promote best practices - Experienced in monitoring and analyzing SIEM, UBA, network traffic, IDS, and security logs. Develop, deploy, and maintain SIEM rules with leading SIEM technologies, IDS/IPS, firewalls, and DLP - Implemented and managed QRadar SIEM platform for real-time monitoring and correlation of security events - Updated and improved Fortinet firewall policies to enhance network security and block malicious traffic - Designed and implemented ticketing system for IT and security operations using Zoho HelpDesk - Implemented network security measures, including MAC address binding, to enhance access control - Conducted in-depth analysis of security logs, network traffic, and system behavior to detect and respond to incidents - Collaborated with IT teams to investigate and resolve security incidents in a timely manner - Assisted in the development and execution of incident response plans to mitigate risks and minimize impact My problem-solving and analytical skills, combined with a strong attention to detail, enable me to identify problems, opportunities and design solutions that deliver tangible business benefits. Looking forward to working with you to help you with achieve a desired outcome!
Information Security Audit
Website SecuritySecurity Operation CenterGitHubSecurity AnalysisSOC 3Web App Penetration TestingGoogle Workspace AdministrationMachine LearningPenetration TestingSecurity Assessment & TestingCybersecurity ManagementInformation SecurityNetwork SecurityInformation Security Consultation - $40 hourly
- 5.0/5
- (7 jobs)
- 13+ years of experience in Internal Control, Internal Audit, Compliance and Risk Management - Experience with cybersecurity and IT Security frameworks (SOC2, NIST, ISO27001) - Experience with regulatory compliance such as SOX, Privacy and other sector specific regulations - Experience with Audits (internal and external) and leading companies to certification - Experience with Gap Assessments and creating improvement plans and roadmaps to achieve compliance - Experience with Process Improvements and GRC Services: Governance, Risk and Compliance Advisory Internal Audit projects Gap Assessments for compliance and certifications Process Improvements Advisory on audits
Information Security Audit
Vulnerability AssessmentPenetration TestingNIST SP 800-53Cloud Security FrameworkApplication SecuritySOC 2CIS Control AssessmentISO 27001System SecurityNIST Cybersecurity FrameworkHIPAAGovernance, Risk Management & ComplianceRisk AssessmentCybersecurity Management - $10 hourly
- 4.7/5
- (3 jobs)
🚀 An experienced Software Developer with a diverse skill set encompassing Python, Oracle Apex, C, C++, Java, and SQL. With over 10 years of hands-on experience in software development, I have successfully delivered robust solutions across various domains, ranging from web development to enterprise applications. Key Skills: Python Development: Proficient in developing scalable and efficient applications using Python, leveraging frameworks such as Django and Flask to deliver customized solutions tailored to clients' needs. Oracle Apex: Skilled in Oracle Application Express (Apex) for rapid development of database-driven web applications, ensuring high performance and security standards. C/C++ Development: Solid expertise in C and C++ programming languages, adept at designing and implementing low-level system software, algorithms, and data structures. Java Development: Proficient in Java programming, with a strong foundation in object-oriented design principles, Java EE, and frameworks like Spring Boot for developing robust enterprise applications. SQL: Proficient in SQL query optimization, database design, and management, with hands-on experience in working with relational databases such as Oracle, MySQL, and PostgreSQL. Web Scraping: Skilled in web scraping using Python libraries like BeautifulSoup and Scrapy to extract data from websites efficiently and accurately for various applications such as data mining and business intelligence. Data Analysis: Proficient in data analysis using Excel for data manipulation, visualization, and reporting. Additionally, experienced in IBM Cognos and Power BI for advanced analytics, dashboard creation, and business intelligence solutions. Cybersecurity: Experienced in cybersecurity principles and practices, including threat detection, incident response, and vulnerability assessment. Proficient in implementing security measures to protect systems and data from cyber threats. Automation: Skilled in automation using Python and PowerShell scripting to streamline processes, automate repetitive tasks, and improve operational efficiency in IT environments.
Information Security Audit
OracleOracle PLSQLSecurity Operation CenterSecurity AnalysisWebsite SecurityIT Compliance AuditSoftware TestingDigital ForensicsPythonScriptingFlutterOracle APEXWeb ScrapingSoftware Development - $30 hourly
- 5.0/5
- (10 jobs)
I am a highly skilled and certified cybersecurity professional with over 10 years of experience in safeguarding businesses against cyber threats. My expertise includes risk assessment, NIST-CSF, ISO 27000, ethical hacking, vulnerability assessments, penetration testing, and implementing robust security solutions. I have a proven track record of helping clients enhance their cybersecurity posture and protect sensitive data. Let me secure your digital assets and provide peace of mind. Key Skills: • SANS Top 25 detection • OWASP Top 10 detection • Vulnerability Assessment • Penetration Testing • Network Security • Source Code Review • Web / Mobile / Desktop Application Security • Application Security Architecture Review • Information Security Policy Development • Incident Response • Compromise Assessment • Security Awareness Training • Compliance (PCI DSS, GDPR, HIPAA) • ISO 27000 Gap Assessment / internal Audit / Readiness / Implementation • NIST • Risk Assessment and Management • CIS Top 18 • Forensics (Acquisition, Imaging, Documentation) • Application Stress Testing • Data Privacy Tools: • Nessus • Nexpose • Burp Suite • Core Impact • Metasploit • Acunetix • HCL Scan • SonarQube • JMeter • SQL Map Certifications: • CISM (Certified Information Security Manager) • OSCP (Offensive Security Certified Professional) • C) PTE (Penetration Testing Engineering) • C) VA (Certified Vulnerability Assessor) • CHFI (Computer Hacking Forensics Investigator) • C) SS (Certified Security Sentinel) Why Choose Me: • Proven Expertise: I have successfully helped numerous clients secure their businesses against cyber threats. • Custom Solutions: Tailor-made security solutions to fit your unique business requirements. • Client Education: Empowering clients with knowledge about cybersecurity best practices. • Timely Delivery: Punctual delivery of high-quality results within specified deadlines. Let’s Secure Your Future: I am dedicated to ensuring your digital assets are protected from evolving cyber threats. Let’s discuss how I can enhance your cybersecurity strategy and provide you with the peace of mind you deserve. Feel free to reach out to me for a detailed discussion about your cybersecurity needs.
Information Security Audit
ISO 27001Internet SecurityWebsite SecurityInformation Security GovernanceCybersecurity ManagementVulnerability AssessmentNetwork SecuritySecurity TestingKali LinuxInformation SecurityPenetration Testing - $25 hourly
- 5.0/5
- (46 jobs)
🚀 Certified Cybersecurity Expert with 6+ Years of Experience in Ethical Hacking & Penetration Testing As a Senior Penetration Tester, I specialize in Web Application Security, Mobile App Security, API Penetration Testing, and Network Vulnerability Assessments. With 500+ completed penetration tests, I help businesses identify, mitigate, and prevent security vulnerabilities, protecting them from cyber threats, data breaches, and malicious attacks. 🔍 Expertise & Achievements: ✅ 500+ Web Application Security Audits (OWASP Top 10, XSS, SQL Injection, CSRF, SSRF) ✅ 200+ Mobile Application Penetration Tests (Android, iOS, Hybrid Apps) ✅ 300+ API Security Assessments (REST, SOAP, OAuth, Authentication & Authorization) ✅ 100+ External Network Penetration Tests (Vulnerability Scanning, Perimeter Security) ✅ 30+ Internal Network Security Audits (Active Directory, Firewall Hardening, Intranet Testing) ✅ Certified Ethical Hacker (CEH) & Security Researcher 🔒 Why Choose Me? I follow the highest cybersecurity standards and frameworks (OWASP, NIST, PTES) to provide Blackbox & Greybox penetration testing with detailed, actionable reports. My expertise extends to AWS, Azure, and Google Cloud Security, ensuring cloud infrastructure protection. 🛡️ Penetration Testing Services: ✔️ Web, Mobile, API, and Network Security Testing (OWASP Top 10, Vulnerability Assessments) ✔️ External & Internal Network Penetration Testing (Firewalls, Active Directory, VPN Security) ✔️ Cloud Security Assessments (AWS, Azure, Google Cloud, Kubernetes) ✔️ Regulatory Compliance & Security Testing (PCI DSS, SOC 2, GDPR, HIPAA, OSSTMM) ✔️ Red Teaming, Security Audits, and Risk Mitigation ⚙️ Penetration Testing Tools & Techniques: 🔹 Burp Suite | Nmap | Metasploit | Nessus | Wireshark | Kali Linux 🔹 Blackbox & Greybox Testing | Automated & Manual Security Audits 📌 Available 24/7 for Cybersecurity Consulting & Penetration Testing. Secure your applications, networks, and infrastructure today! 🚀
Information Security Audit
Cybersecurity MonitoringRed Team AssessmentNetwork Penetration TestingWeb App Penetration TestingCyber Threat IntelligenceNIST Cybersecurity FrameworkSecurity Assessment & TestingSecurity EngineeringSecurity AnalysisInternet SecurityPenetration TestingVulnerability AssessmentCloud Security - $15 hourly
- 5.0/5
- (8 jobs)
IT Security professional with more than 7 years of experience of developing and implementing security solutions along with Operational support in fast-paced environments with various national and international clients. I am skilled in various enterprise applications and network security solutions with proven history of delivering exceptional risk management support and delivering the best of my services. My skills include: - Identity and Access Management - Firewalls / IDS/ IPS - SIEM (QRadar, AlienVault , Wazuh) - Log correlation and aggregation (Splunk, ELK) - DevOps - System administration & Support - Network Security & Administration - Application Deployment & Support - Troubleshooting
Information Security Audit
Application SecuritySystem SecurityVICIDIALVulnerability AssessmentNetwork AnalysisApplication IntegrationSystem DeploymentVMware ESX ServerSecurity AnalysisSplunkVPNFirewallSystem AdministrationSystem Monitoring - $20 hourly
- 4.9/5
- (33 jobs)
With the prestigious CISSP certification, I bring advanced expertise in building cybersecurity programs, developing skilled teams, and implementing risk-centric defense-in-depth strategies. I focus on aligning security initiatives with business goals, helping organizations safeguard their digital assets through tailored strategies and robust solutions. 1. Security Frameworks & Compliance: SOC 2, ISO 27001, GDPR, PCI, and more. 2. Risk Management: Identifying, assessing, and mitigating security risks effectively. 3. Team Development: Building and mentoring cybersecurity teams for operational excellence. 4. Incident Response & Resilience: Developing IRP plans, BCP/DRP frameworks, and conducting tabletop exercises. 5. Cybersecurity Best Practices: Secure system architectures, network security, and incident response planning. 6. Policy Development: Crafting actionable security policies and procedures aligned with global standards. 7. Cloud Security: Assessing and improving the security of AWS, Azure, and hybrid environments. Performance Metrics: Establishing measurable KPIs to track and enhance cybersecurity posture. With a strong commitment to excellence and proven methodologies, I empower businesses to build trust, protect their assets, and achieve their security goals.
Information Security Audit
Certified Information Security ManagerWeb Application SecurityCybersecurity MonitoringCloud SecurityInformation Security AwarenessGovernance, Risk Management & ComplianceCertified Information Systems Security ProfessionalArtificial IntelligenceMalware RemovalCybersecurity ManagementInformation Security ConsultationInformation SecurityDigital Forensics - $10 hourly
- 5.0/5
- (16 jobs)
I am a Cybersecurity Specialist & Penetration Tester with expertise in ethical hacking, red teaming, vulnerability assessments, and cybersecurity compliance (ISO 27001, NIST, PCI-DSS, GDPR). I help businesses uncover security risks, prevent cyber threats, and strengthen defenses against evolving cyberattacks. 🔹 Key Certifications & Compliance Expertise: ✅ CISSP, CEH, Digital Forensics, Malware Analysis ✅ Compliance: ISO 27001, PCI-DSS, HIPAA, NIST, SOC2, GDPR 🔹 Services I Offer: ✅ Penetration Testing & Red Teaming – Simulating real-world attacks to identify & exploit vulnerabilities before attackers do. ✅ Dark Web & OSINT Investigations – Uncovering data leaks, threat actors, and cyber risks. ✅ Cloud Security (AWS, Azure, GCP) – Securing cloud environments from modern cyber threats. ✅ Security Architecture & Threat Modeling – Strengthening security frameworks & risk mitigation strategies. ✅ Technical Writing & Compliance Documentation – Security reports, PCI-DSS SAQ filing, risk assessments, and compliance audits. ✅ Cloudflare WAF & Anti-DDoS Protection – Enhancing web security, application firewalls, and cyber defense.
Information Security Audit
Cybersecurity ManagementNetwork Penetration TestingRisk AnalysisTechnical SupportInformation SecurityCyber Threat IntelligenceTechnical WritingWeb App Penetration TestingEthical HackingVulnerability AssessmentDigital ForensicsNetwork SecurityPenetration TestingRisk Management - $25 hourly
- 5.0/5
- (1 job)
I am a Cyber Security Consultant or Pentration Tester and SOC L2 Analyst with 7 years experience ranging from small start-ups to multinational businesses. I hold a OSEP | OSCP | CISM | CISA | CEH | CHFI | E-CIH | BTL1 | MCT | CDPSE | GRC | ISO 270001 Implementer (EC-Councils or ISACA or Security Blue Team and Skill Front). I have more then 27 International Certifications authorize by Google, IBM and some of USA based university. I have done many international (UK, South Africa, USA, Kuwait ) project and work as Cyber Security consultant and Penetration testing. I'm author of "Security Bug". The book is ANSI standard content. Book available on Kindle Amazon.
Information Security Audit
ISO 27001Ethical HackingSOC 3Cyber Threat IntelligenceCertified Information Systems Security ProfessionalSecurity InfrastructureCompliance ConsultationPenetration TestingSecurity Policies & Procedures DocumentationInformation Security ConsultationInformation SecurityCybersecurity ManagementVulnerability AssessmentSecurity Assessment & Testing - $20 hourly
- 4.9/5
- (21 jobs)
Welcome to my profile! I am a master's graduate with a passion for information security. I have extensive experience in developing and implementing documentation for compliance with ISO 27001, HIPAA, and HITRUST standards. With a solid background in finance and a deep understanding of information security best practices, I am well-equipped to help organizations protect their sensitive data and achieve compliance with industry regulations. I have a track record of success in developing comprehensive and easy-to-understand documentation that is tailored to the specific needs of each organization.
Information Security Audit
Report WritingPolicy DevelopmentGap AnalysisISO 27001HITRUST Common Security FrameworkInternal AuditingRisk ManagementProcedure DocumentationISO 9001HIPAAInformation Security - $15 hourly
- 5.0/5
- (1 job)
Cybersecurity Expert | Penetration Testing | Information Security I am a skilled Information Security Analyst specializing in safeguarding digital assets through practical, hands-on experience. My focus is on identifying vulnerabilities, improving security posture, and ensuring robust protection against cyber threats. *Disclaimer: Your security is my priority. Let's secure your digital assets today!* # Key Expertise: *Penetration Testing* - I uncover vulnerabilities, deliver detailed reports, and provide actionable solutions to secure your systems. *Cybersecurity Audits* - Specialized in intrusion detection, incident response, and implementing effective security policies. *CTF Enthusiast* - Problem-solving expert in cryptography, reverse engineering, and real-world security challenges. --- # Technical Skills: - *Programming*: C++, Data Structures, SQL - *Cybersecurity*: Vulnerability Assessment, Security Audits, Incident Management - *Tools*: Wireshark, Burpsuite, Metasploit, Nessus, Nmap, OWASP ZAP, SQLmap, Cisco Packet Tracer --- # Key Strengths: - IT Security, Endpoint Protection, Vulnerability Management, Threat Analysis, Incident Response --- # Accomplishments: - Led website audits, enhancing security and reducing risk. - Reduced vulnerabilities with tailored remediation strategies. - Founded cybersecurity initiatives, leading penetration testing efforts for faster results. --- *Why Work With Me?* I bring deep cybersecurity expertise and a passion for protecting digital assets. Let’s work together to fortify your systems against threats!
Information Security Audit
Incident Response PlanCybersecurity MonitoringVulnerability AssessmentSecurity ApplianceSecurity TestingSecurity Assessment & TestingSecurity AnalysisNessusWiresharkOWASPKali LinuxWeb App Penetration TestingCyber Threat IntelligenceNetwork Penetration Testing - $35 hourly
- 4.4/5
- (3 jobs)
Cybersecurity Graduate with practical experience in: 🔒 ISO Implementation and Audit. 🔐 NIST Risk Management Framework. 🔍 CISSP Domains Audit. 📈 Business Continuity Plan. 🚨 Incident Response Plan. 💥 Disaster Recovery Plan. Feel free to drop me a message regarding your specific requirements or projects.
Information Security Audit
Software ArchitectureSecurity AnalysisPhysical SecurityAsset ManagementRisk AssessmentBusiness Continuity PlanIncident Response PlanDisaster Recovery PlanISO 27001NIST Cybersecurity FrameworkGovernance, Risk Management & ComplianceGovernance, Risk & Compliance SoftwareInformation Security - $20 hourly
- 5.0/5
- (8 jobs)
𝐄𝐥𝐞𝐯𝐚𝐭𝐞 𝐘𝐨𝐮𝐫 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐰𝐢𝐭𝐡 𝐚 𝐓𝐨𝐩-𝐑𝐚𝐭𝐞𝐝 𝐄𝐱𝐩𝐞𝐫𝐭! As a certified Information Security Professional with over 3 years of experience in Governance, Risk & Compliance (GRC), I bring a proven track record of achieving ISO 27001 Compliance Certifications and ensuring compliance with international standards such as PCI DSS and GDPR. Here's what I bring to the table: ✅ Risk Posture Discovery, Gap Assessment, and Risk Register ✅ Designing and developing robust cybersecurity frameworks for IT systems and networks ✅ Crafting forward-looking Cybersecurity roadmaps and strategies ✅ Developing and refining IT Security Policies & Procedures ✅ Asset inventory management for IT ecosystems ✅ Building resilient Business Continuity and Disaster Recovery Plans ✅ Incident response framework and playbook development ✅ SIEM expertise, from use case development to logs integration and rationalization ✅ Hands-On Auditing and Implementation of National and International Security frameworks (ISO27001, ISO2017, ISO27018, GDPR, PCI DSS, PCI SSF) ✅ Mastery of ISMS – Information Security Management System Development and Implementation, including Gap and Risk Assessment, Security Policies, Processes, Procedures, and Playbook creation ✅ Expertise in Secure Software Development Lifecycle, OWASP, and Static/Dynamic penetration testing Leverage my skills to enhance your organization's security posture and achieve your goals! Contact me today, and let's turn your cybersecurity challenges into triumphs. Your success is my mission!
Information Security Audit
Information Security GovernanceSecurity Operation CenterPCI DSSCybersecurity MonitoringISO 27018ISO 27017ISO 27001Information Security ConsultationInformation Security Want to browse more freelancers?
Sign up
How hiring on Upwork works
1. Post a job
Tell us what you need. Provide as many details as possible, but don’t worry about getting it perfect.
2. Talent comes to you
Get qualified proposals within 24 hours, and meet the candidates you’re excited about. Hire as soon as you’re ready.
3. Collaborate easily
Use Upwork to chat or video call, share files, and track project progress right from the app.
4. Payment simplified
Receive invoices and make payments through Upwork. Only pay for work you authorize.