Hire the best Information Security Audit Freelancers in the United States

Check out Information Security Audit Freelancers in the United States with the skills you need for your next job.

Get started

$99 hourly
Sammy B.
- 5.0/5
- (41 jobs)
I help organizations build and manage a strong cybersecurity program. I have established resilient cybersecurity in Fortune 100 companies —Warner Bros., EA Sports, Pfizer, State Farm Insurance, and Goldman Sachs and can do the same for your business.

Information Security Audit
Cloud Security
Network Security
Cybersecurity Monitoring
SOC 2
HIPAA
PCI
Certified Information Systems Security Professional
ISO 27001
Security Infrastructure
Compliance Consultation
Web Application Security
Vulnerability Assessment
Penetration Testing
Security Policies & Procedures Documentation
$150 hourly
Montie B.
- 5.0/5
- (12 jobs)
I focus on providing cybersecurity compliance, cyber risk assessment, and cybersecurity consulting services to small businesses specializing on the implementation of and compliance with CMMC, DFARS 252.204-7012, and NIST 800-171 requirements. I have worked with NIST 800-171 since 2019 providing guidance to small businesses on meeting the requirements of NIST-171. This includes System Security Plan (SSP) development, Plan of Actions and Milestones (POA&M) creation, Policy and Procedure Development, and technical control implementation. There is more to CMMC compliance than buying a set of pre-made policy and procedure templates. As recent government legal action shows, the Department of Defense is pursuing legal action against companies not meeting CMMC and DFARS requirements after claiming to meet the requirements to win DoD contracts. Let me help your organization meet compliance and more importantly - stay compliant! I provide recommendations to small business owners that are cost-effective to meet cybersecurity compliance requirements and lessen cybersecurity risk. Specialties: cyber risk assessments, security gap analysis, policy and procedure development, system security plan (SSP) development, Plan of Action and Milestones (POA&M) creation Frameworks: CMMC, NIST 800-171, NIST Cybersecurity Framework Education: Doctorate - Cybersecurity (in-progress), Masters – Administration, Masters – Computer Science, Bachelors – IT Management Certifications: CMMC Certified Professional (CCP), CISSP, PMP, CRISC, CCSP, HCISPP, AWS Cloud Practitioner

Information Security Audit
Policy Analysis
Security Analysis
Information Security Governance
Certified Information Systems Security Professional
Cybersecurity Management
Information Security
Information Security Consultation
NIST SP 800-53
CMMC
$150 hourly
Luciana O.
- 5.0/5
- (191 jobs)
I am the founder of BetterCyber Consulting, a cybersecurity consulting and managed services firm specializing in startups, small businesses, and mid-sized companies. As an Upwork Expert-Vetted Cybersecurity Consultant, I help businesses identify risks, implement security controls, and meet compliance requirements without unnecessary costs or complexity. My experience in cybersecurity includes positions at Fortune 100 companies like PayPal and Marathon Petroleum. I hold several security certifications and earned a master’s degree in Information Security Engineering from The SANS Technology Institute. I offer the following cybersecurity services: ● Technical Security Assessments – Security reviews for AWS, Azure, Google Cloud, Microsoft 365, Google Workspace, Slack, and more. ● Penetration Testing – Web, cloud, mobile, and on-premises security testing. ● Compliance Assessments – NIST 800-171 & 800-53, FedRAMP, ISO 27001, CIS Controls, CMMC, HIPAA, and SOC 2. ● Security Strategy & Architecture – Build scalable security programs. ● Incident Response & Threat Mitigation – Detect and respond to threats. ● Managed Security Services – Ongoing security monitoring and advisory. ● Virtual CISO (vCISO) Services – Security leadership for businesses without a full-time CISO.

Information Security Audit
PCI DSS
NIST SP 800-53
CMMC
Risk Assessment
Cloud Security
Internet Security
Information Security Awareness
Security Engineering
Security Analysis
Email Security
Penetration Testing
Information Security
Security Policies & Procedures Documentation
Cybersecurity Management
$200 hourly
Christine I.
- 5.0/5
- (25 jobs)
Im Christine and I’m cyber security professional and graduate professor with 10 years of technology/cyber experience and a PhD in security engineering. My areas of expertise include: Risk Assessment and Auditing Small business cybersecurity programs Technical writing Cyber awareness and training Email security and phishing campaigns InfoSec policy writing Vulnerability management Security metrics and reporting Security Strategy and program development CISO as a Service And More! I am also an internationally published author with superior research, technical writing, proofreading and editing skills. I have written over 200 blogs and articles, white papers, case studies, and more to help clients educate potential customers, generate new leads, and more.

Information Security Audit
Vulnerability Assessment
Cybersecurity Management
Information Security
Security Analysis
Information Security Governance
Security Engineering
Information Security Awareness
Certified Information Systems Security Professional
$75 hourly
Kevin N.
- 5.0/5
- (13 jobs)
I am a Tennessee licensed attorney with years of experience reviewing and negotiating data privacy and data security contracts for large corporations. I can perform cybersecurity risk assessments for proposed business implementations where your company’s data is at risk. I am familiar with the HIPAA Privacy and Security rules, GDPR, CCPA, and various state data breach notification laws as well as cybersecurity frameworks from NIST, ISO, and COBIT. I hold a CIPP certification (ID: 256623I). My greatest strengths are in writing, negotiating, and researching. I was the managing attorney for a personal injury law office for over a year before I transitioned into the corporate world. As a practicing personal injury attorney, I managed over 100 cases while closing favorable settlements for my clients. I have worked for major corporations reviewing, drafting, and negotiating their data security contracts with third party vendors. I am currently enrolled in a Masters degree program and will earn my MsCyber (Cybersecurity) degree in 2021.

Information Security Audit
Policy Writing
Legal Consulting
Information Security
HIPAA
Legal Writing
Data Privacy
Contract Drafting
Legal Research
Contract Negotiation
$180 hourly
Damyan R.
- 5.0/5
- (20 jobs)
Privacy compliance is all about assessing the risks to your data processing activities and putting in place controls to prevent information about individuals being mismanaged or abused. The challenge to accomplishing this is twofold, namely: - have you gone into unconventional depth to understand the dynamics of those risks; and - have you got a framework that will make it easier for you to maintain this cycle of assessing risk/putting in controls. Similarly to achieving enviable results in the gym, the key to unlocking the value of privacy compliance is being consistent in paying attention to how your data processing activities evolve, ensuring you follow through with the assess/mitigate cycle outlined above and retaining access to a resource who can give you tailored guidance on the issues that are relevant to your organisation. With cross-industry experience encompassing sectors such as insurance, gambling and e-commerce, I act as a strategic advisor to organisations, helping them navigate both regulatory compliance and commercial issues. Having worked with executive leadership from global conglomerates as well as boutique service providers in countries such as the United States, the United Kingdom, Israel and Gibraltar, I believe that I am capable of building relationships with an array of stakeholders, ensuring continuity of management and culture. I am also a Certified Information Privacy Manager (CIPM), Certified Information Privacy Professional - Europe (CIPP/E) and I hold a law degree (LL.B) from Lancaster University, United Kingdom. I am also recognised as a Fellow of Information Privacy (FIP) by the International Association of Privacy Professionals (IAPP).

Information Security Audit
Regulatory Compliance
Legal Consulting
GDPR
Contract Drafting
IT Compliance Audit
Privacy Law
California Consumer Privacy Act
Swiss-US Privacy Shield
Information Security Governance
Compliance Training
Data Privacy
Data Protection
Legal
EU-US Privacy Shield
$83 hourly
Ken E.
- 5.0/5
- (3 jobs)
15+ years experience with infrastructure design, deployment, administration and migration of on-site/hybrid computing environments and applications to use AWS infrastructure and services. Familiarity with Linux and Windows environments.

Information Security Audit
Web Application Development
SOC 2
Scripting
PHP
Cloud Migration
GitLab
Terraform
OpenShift
AWS Lambda
Web Application
AWS Server Migration
DevOps
Solution Architecture
$80 hourly
Alexander B.
- 5.0/5
- (3 jobs)
Hello, I am Alex Brown. I am a Certified Information System Security Professional (CISSP) and Offensive Security Certified Professional (OSCP) with 13 years of industry experience and a masters degree in Cybersecurity. The majority of my career I have spent working with NIST 800-37 Risk Management Framework (RMF), performing security assessments, architecting security solutions, and applying security remediations. I have worked through all 6 stages of the RMF process from system categorization to system maintenance. I have developed cyber documentation to support security controls, developed polices and procedures to enforce system security practices and document system configuration. In addition, I have implemented technical security controls such as Windows and Linux patches, Windows and Linux OS configuration settings, and network device firmware and configuration settings. I have extensive experience in vulnerability assessment, security analysis, and applying security controls. I am extremely familiar with industry scanning tools such as Nessus and DISA Security Technical Implementation Guides (STIGs). I have worked with other security tools including Kali Linux and Metasploit. I have worked with application firewalls including Windows Firewall, iptables, and Symantec Enterprise Protection. I have extensive experience analyzing results from security scans, assessing risk, and applying measures to mitigate or remediate the security issue. I have developed Vulnerability Assessment Reports identifying the open vulnerabilities impacting the organizations system. I have developed Risk Assessment Reports where open vulnerabilities are assessed for overall risk by looking at likelihood of a vulnerability being exploited and the impact it would have on the organization. I have maintained Plan of Actions and Milestones (POA&M) where ongoing non-compliant security controls are tracked and assigned completion expectations and criteria. In addition to my technical knowledge and experience in the cyber field, I have also performed project management activities on cyber efforts. I have managed control accounts, maintained schedules, managed sub-contractors, and worked directly with customer clients on cyber deliverables. I have a strong background in understanding expectations to meet customer demands with strict schedule and cost demands.

Information Security Audit
Nessus
Penetration Testing
Microsoft Windows PowerShell
Windows 10 Administration
Certified Information Systems Security Professional
Security Analysis
Cybersecurity Management
Red Hat Enterprise Linux
Vulnerability Assessment
Bash Programming
$125 hourly
Terry M.
- 5.0/5
- (8 jobs)
Information Security, Governance, Risk, and Compliance (GRC) professional. • HITRUST CCSFP, CISSP, PCI ISA, ITIL • 15+ years in Information Security (Governance, Risk, and Compliance) • 15+ years in highly regulated environments (PCI, HIPAA, FISMA) • 15+ years implementing/managing ISO 27001, NIST 800-53, NIST-CSF, PCI-DSS • 10+ years of policy and procedure development and management • 10+ years of process optimization, streamlining • 15+ years in IT (design, development, implementation, and management) • Bachelor of Business Administration - Finance

Information Security Audit
Company Policy
Risk Assessment
HITRUST Common Security Framework
Governance, Risk Management & Compliance
Certified Information Systems Security Professional
HIPAA
PCI
ServiceNow
NIST SP 800-53
$220 hourly
Kenice M.
- 5.0/5
- (29 jobs)
Former private sector and government executive with leadership, consulting, advising, strategic and business development at the forefront of my professional skills. Compliance expertise in: FISMA, NIST CSF, NIST SPs 800 Series, HIPAA, FedRAMP, PCI DSS, Sarbanes Oxley, GLBA, GDPR, ISO 27001. CISSP with more than 20 years in cybersecurity and IT. Cybersecurity professor and skilled trainer in risk management and compliance, with expertise in developing professionals into the cyber managers and leaders they want to become. I teach fundamentals and advanced coursework in risk assessments, security testing, business continuity, secure application development, and securing emerging technologies. Business expertise in grant and proposal writing, as well as policy and procedure development. Technical writing to include strategic plans, white papers, briefing papers, and presentations. I have been writing, convincing, persuading, and communicating effectively through writing my entire career. I am also effective in providing business capture and business development support.

Information Security Audit
Nonprofit Organization
Certified Information Systems Security Professional
Data Protection
Policy Writing
Compliance
Tech & IT
Risk Analysis
Business Continuity Plan
Business Consulting
Enterprise Risk Management
Risk Assessment
Project Risk Management
Technical Writing
Technical Documentation
$150 hourly
Raymond M.
- 4.6/5
- (2 jobs)
Education: 10+ years accounting, audit, business, forensics and information: administration, assurance, security and technology education resulting in two bachelor and two master degrees as well as ten graduate certificates and/or certifications at the University of South Florida, Harvard University and Capitol Technical University. Experience: 25+ years of information: audit, compliance, freelance, governance, policy, risk management, security operations, technical writing and/or technology experience at nine entities in six roles as a security: analyst, auditor, consultant, freelancer, instructor and programmer in six industries in banking, health, GOV, non-profit education, technology and telecom. Accomplishments: * Authored 250+ policies & procedures.. * Conducted 50+ audits & assessments. * Utilized 25+ frameworks & standards. * Managed 25+ security projects. * Defended 100+ incident attack types. * Conducted 10+ PCI compliance Awarded: * Achieved top 1% and earned "Innovative Solution" award in vulnerability management recognized by EDUCAUSE in non-profit education. * Safeguarded police & fire station safety systems. * Secured critical U.S. infrastructure. *Founded two IT security programs and achieved the City of San Antonio's first PCI compliance. Website: vciso.biz Regards, Raymond (Scott) Miller MBA MSIA CISA CIA CGAP CFE R.Scott.Miller@usa.com

Information Security Audit
Technical Writing
Information Security Threat Mitigation
PCI DSS
NIST Cybersecurity Framework
NIST SP 800-53
ISO 27001
HIPAA
Information Security Awareness
Information Security Governance
Information Security Consultation
Vulnerability Assessment
Rapid7 Nexpose
Security Policies & Procedures Documentation
Information Security
$65 hourly
Craig H.
- 5.0/5
- (1 job)
PROFILE Security operations leader, teacher, and mentor with comprehensive experience in information security program management, and design as well as infrastructure planning and development for government, enterprise, healthcare, advanced tech, and financial sector organizations SUMMARY OF EXPERTISE Cyber Operations Program Development, Management, Recruiting, and Budgeting for On-Prem and Cloud Environments SecOps Governance, Risk, and Compliance (GRC) - Risk Assessments, SOC 2, ISO 27001, GDPR, SSPs, HIPAA Vendor management for auditing, penetration testing, and SecOps tooling Security Event Monitoring with NGAV, Web Application Firewall, SIEM, AWS/GCP, SOAR, and IDS Products Cross-Team Collaboration and Leadership

Information Security Audit
Compliance
Data Privacy
Governance, Risk & Compliance Software
Information Security Governance
Information Management
Risk Assessment
Teaching
ISO 27001
SOC 2
Technical Writing
Intrusion Detection System
Information Security
Information Security Consultation
System Security
$120 hourly
Ian K.
- 5.0/5
- (1 job)
Visionary CIO with a proven track record of driving digital transformations, unlocking strategic agility, and capitalizing on cutting-edge technology projects to leapfrog competition and deliver outstanding business results. I expertly align technology investments with corporate objectives to accelerate: growth, operational efficiency, and compliance. My transformational leadership creates high-performance teams that foster innovation, continuous improvement, and problem-solving with data-driven decisions. Serving as a trusted advisor to C-level executives, I shape the future of organizations by implementing innovative technology solutions to generate exceptional value and dominate global markets. Let's forge a tech edge!

Information Security Audit
Scrum
Conversion Rate Optimization
IT Asset Management
Vendor Management
Prompt Engineering
Brand Naming
Brand Strategy
Brand Positioning
Content Creation
Content Strategy
AI Consulting
Business Strategy
Product Strategy
Artificial Intelligence
$150 hourly
Tim M.
- 5.0/5
- (1 job)
I am an experienced technology executive with over 20 years of experience in security, cloud, data centers, and managed services. I co-founded and served as CTO for VPLS, an MSSP and private cloud service provider with 150 employees, thousands of servers, and petabytes of storage across three global NOCs. At VPLS, I implemented the cybersecurity program, achieving SOC 2, HIPAA, and PCI certifications for all our services. We grew the business profitably until October 2019, when we sold the business to Evocative Data Centers. I then served as VP of Operations at Zenlayer, a global edge cloud service provider with 275+ global data centers and over 650 employees. I led Zenlayer's security transformation initiatives and ISO 27001 and SOC 2 compliance efforts. While at Zenlayer, I scaled operational efficiencies with the security of our customer’s data as the number one priority. I am now co-founder and CEO of Bright Defense, which offers continuous cybersecurity compliance. Our offering includes: - Managed continuous cybersecurity compliance - Compliance automation - Implementation of Information Security / Cybersecurity Programs - Gap Analysis, Assessment, Remediation, Certification and Assurance reports - vCISO services - Managed security awareness and phishing

Information Security Audit
HIPAA
CMMC
Certified Information Privacy Technologist
Certified Information Security Manager
Information Security Governance
Security Engineering
SOC 1
SOC 2 Report
SOC 2
NIST SP 800-53
NIST Cybersecurity Framework
Information Security Consultation
Cybersecurity Management
Information Security
$115 hourly
Riley F.
- 5.0/5
- (4 jobs)
I am an EXPERT in the CIS Controls, RMF, NIST 800-53, NIST 800-171, NIST 800-172, and CMMC, ISO 27001, SOC 2, PCI DSS, and FedRamp. I can get you through any audit or cybersecurity assessment. I have managed a security team at a large company and am a government contractor. I can manage cloud security, application security, network security, cyber operations, TPRM, Disaster Recovery, IAM. I am highly qualified, but not an expert, in Offensive Security, Secure architecture, Incident Response, and Network Configurations. I have my Bachelor’s degree in Cybersecurity from SANS Technology Institute, a cyber and network security certificate from the Georgia Institute of Technology, 9 GIAC Certifications, and my CISSP. I also have agile certs: CSM and SAFe PO/PM.

Information Security Audit
Information Security Governance
Certified Information Security Manager
Information Security Threat Mitigation
Information Security Consultation
Information Security Awareness
Agile Project Management
Agile Software Development
Python
NIST Cybersecurity Framework
Cybersecurity Management
Cyber Threat Intelligence
Artificial Intelligence
Compliance
Information Security
$75 hourly
Rhonda G.
- 5.0/5
- (2 jobs)
Dynamic Cybersecurity and AI Consultant that specializes in transforming digital security landscapes through cutting-edge solutions. With a proven track record of identifying risks and architecting intelligent, robust defenses, I work with clients to enhance their security posture and protect critical assets. My expertise lies in leveraging advanced AI technologies to detect, mitigate, and respond to cyber threats proactively. I am passionate about redefining cybersecurity standards by integrating AI-driven insights and innovation solutions to stay ahead of emerging threats. Core Competencies: - AI-Driven Cybersecurity: Expertise in using AI to enhance threat detection, incident response, and risk management. - Solution Architecture: Proficient in designing and implementing intelligent security solutions tailored to organizational needs. - Strategic Planning: Experienced in developing comprehensive security strategies and roadmaps. - Program Leadership: Lead and manage comprehensive security programs, implementing cutting-edge cybersecurity solutions and performing detailed security assessments to ensure robust protection. - Continuous Improvement: Committed to the ongoing refinement of security measures through AI advancements. Active Certifications: - Certified Information Systems Security Professional (CISSP), ISC2 - Project Management Professional (PMP), PMI Let's collaborate!

Information Security Audit
IT Career Coaching
PCI DSS
Information Security Governance
Information Security Awareness
Information Security
NIST Cybersecurity Framework
IT Consultation
IT Compliance Audit
Vulnerability Assessment
Microsoft Project
Zero Trust Architecture
Project Management
Governance, Risk Management & Compliance
Cybersecurity Management
$150 hourly
Mylesa W.
- 5.0/5
- (2 jobs)
Cloud Security and Compliance Architect Versatile Cloud Security Architect with 13 years of experience with a robust background in Information Technology (IT). As well as over 6 years managing multi-cloud environments. I have an extensive background with the understanding of compiling and securing systems that have to adhere to HIPAA, SOC 2, Federal Requirements to include RMF, FedRAMP, and FDA Part 11. My expertise in Amazon Web Services (AWS), secure, compliant architecture, and systems engineering to include AWS GovCloud. However, I do have an advanced knowledge of other clouds like Google Cloud Platform (GCP), Azure, Oracle Cloud Infrastructure (OCI), dealing with hybrid solutions and migrations. Skilled in mentoring teams and driving innovative security solutions, ensuring seamless cloud migration and robust compliance adherence. Team oriented with the ability to speak to multiple audiences and communicate effectively. Areas of Expertise Amazon Web Services (AWS) Platform Innovation Architecture (Managed security Service Provider Platform-MSSP) Security/Compliance/Networking Architecture/Automation Engineer Cloud Service Provider Compliance & Shared Service Model FedRAMP RMF (NIST) CMMC HIPAA SOC-2 Secure Migration

Information Security Audit
Information Security
Security Assessment & Testing
Secure SDLC
Cloud Architecture
Cloud Implementation
Cloud Engineering Consultation
Business Consulting
FedRAMP
Cloud Security Framework
Amazon Web Services
Cloud Security
$150 hourly
Robert S.
- 5.0/5
- (4 jobs)
With over 15 years of extensive experience in information security, I am a seasoned professional proficient in constructing and leading robust security and IT programs. My expertise encompasses managing technology teams, integrating security across diverse domains, strategic planning, risk management, and conducting compliance audits. I specialize in cloud-native security, automation, and developer-focused initiatives. I run a successfully boutique information security consulting business, Juleson.us, for over 8 years. My relevant skills are: - Transformational Leadership for Technology Teams: Proficient in guiding and inspiring technology teams towards achieving organizational goals. - Integration of Security across People, Processes, Data, and Technology: Skilled in embedding security seamlessly across all aspects of operations. - Strategic Planning and Roadmap Development: Experienced in developing strategic plans and roadmaps to address evolving security challenges. - Risk Management Programs: Expertise in implementing risk management programs adhering to industry standards such as NIST, ISO, CIS, COBIT, and OCTAVE. - Compliance Audits: Proficient in conducting compliance audits for standards including SOC2, ISO27001, and HITRUST. - Cloud-Native and Developer-Focused Security: Specialized in designing and implementing security solutions tailored for cloud environments and developer workflows. - Security Training and Threat Modeling: Skilled in delivering security training programs and conducting threat modeling exercises. - Automation Expertise: Proficient in automation using Python, Go, Bash, Powershell, and SOAR technologies. I hold a Bachelor's degree in Computer Science from Binghamton University, which I earned in 2009. Following my undergraduate studies, I pursued an Advanced Computer Security Professional Certification from Stanford University School of Engineering in the same year. To further solidify my expertise, I obtained industry-recognized certifications including CISSP (Certified Information Systems Security Professional) in 2017, followed by CISM (Certified Information Security Manager) in 2022, and CCISO (Certified Chief Information Security Officer) in 2023. These credentials reflect my dedication to continuous learning and proficiency in the realm of information security.

Information Security Audit
Information Security Threat Mitigation
Information Security Governance
Risk Assessment
Risk Management
HITRUST Common Security Framework
SOC 2
ISO 27001
Application Security
Security Assessment & Testing
Security Operation Center
Security Infrastructure
Security Engineering
NIST Cybersecurity Framework
$200 hourly
Tracy O.
- 5.0/5
- (0 jobs)
I am a subject matter expert in software quality engineering, specializing in the transformation from manual testing to automated testing, process refinement, quality metrics, Agile testing methodologies, and the essential components necessary to successfully navigate PII and SOC audits. With a wealth of experience, I have been recognized for spearheading the comprehensive automation of Software Quality Engineering teams, ranging from startups to Fortune 50 enterprises. In my most recent role as the Senior Director of Quality at TravelNet Solutions, Inc., I focused on building an automation testing framework to move away from an ineffective Adhoc manual testing process. Utilizing key performance indicators (KPIs) to drive continual improvement, the team focused on reducing the monthly Escaped Defect rate and shrinking the test cycle. I did this by quickly forming a six-person quality automation team specializing in the Playwright UI Test Automation Framework and Karate API Test Framework. Allow me to guide your company towards harnessing the advantages of automated testing, facilitating heightened efficiency, accelerated development cycles, and bolstering reliability and resilience across your software applications.

Information Security Audit
Test Strategy
Test Management
Test Automation Framework
Test Plan
Test Automation
Scrum
Continuous Improvement
KPI Metric Development
CI/CD
Incident Management
Change Management
Quality Assurance
Leadership Development
Agile Software Development
$151 hourly
Ani A.
- 5.0/5
- (3 jobs)
- I am a Senior Security Engineer with expertise in application, product security, vulnerability management, and security automation. - I have over a decade of experience in software development processes and security engineering. - I hold a master’s degree in Cybersecurity from Georgia Institute of Technology. - I am proficient in Python, Node.js, and Bash. - Fluent in English, Russian, and Armenian.

Information Security Audit
Bash Programming
JavaScript
Python Script
NIST Cybersecurity Framework
Website Security
Cloud Security
Secure SDLC
Security Engineering
Application Security
Threat Detection
Vulnerability Assessment
Information Security Threat Mitigation
Information Security
Compliance
$100 hourly
Eric D.
- 4.7/5
- (15 jobs)
------------------------------------------------------------------------------------ Transform IT Challenges into Scalable, Affordable Enterprise Solutions Fortune 500 IT Leadership Tailored for Small and Mid-Sized Businesses (SMBs) Are you ready to simplify your IT systems, enhance security, and reduce costs—all while driving your business forward? With over a decade of experience working with Microsoft and Fortune 500 companies, I bring enterprise-level expertise to help SMBs achieve their goals with scalable, affordable IT solutions tailored to small business budgets. ------------------------------------------------------------------------------------ 🌟 How I Help Small and Mid-Sized Businesses Save Money and Scale Faster 🎯 Strategic IT Leadership for SMBs I create tailored IT strategies and roadmaps aligned with your business goals to ensure sustainable growth and competitive advantage. Whether managing teams, executing complex projects, or aligning technology with your vision, I deliver leadership that drives results for small and mid-sized businesses. 🛡️ Cybersecurity for Small Businesses Protect your business with enterprise-grade security frameworks. I specialize in risk mitigation, compliance with standards like HIPAA, PCI-DSS, and NIST, and fortifying systems to safeguard SMBs from emerging threats. 💡 Cost Reduction Strategies for SMBs Through comprehensive IT audits, I eliminate redundancies, negotiate with vendors, and optimize technology spending—helping small businesses unlock significant savings. 🚀 Scalable IT Solutions Drawing from my Fortune 500 experience, I design and implement scalable IT systems that enhance SMB performance without inflating budgets. 🔧 Simplified IT Systems I streamline tools, workflows, and systems for seamless integration, reduced complexity, and improved productivity, delivering simplified IT solutions for small and mid-sized businesses. ------------------------------------------------------------------------------------ Why Choose Me? ✔️ Fortune 500 Expertise for SMBs With hands-on experience across industries like technology, finance, and healthcare, I bring a wealth of enterprise-level best practices to every small business project. ✔️ Proven Success in IT Cost Reduction I’ve helped SMBs cut IT expenses by up to 50%, enhance compliance, and unlock operational efficiencies. ✔️ Business-First IT Solutions I translate enterprise IT strategies into cost-effective, practical solutions that support SMB growth and innovation. ✔️ Track Record You Can Trust My 100% Job Success rating on Upwork reflects my commitment to exceeding client expectations every time. ------------------------------------------------------------------------------------ Core Areas of Expertise 🛡️ Cybersecurity for SMBs: Mitigate risks, strengthen defenses, and ensure compliance with HIPAA, PCI-DSS, NIST, and ISO 27001. ☁️ Cloud Infrastructure for Small Businesses: Build secure, scalable environments using AWS, Azure, and Google Cloud. 🔄 Disaster Recovery & Continuity: Protect your business with enterprise-grade backup and continuity solutions tailored to SMB budgets. 🤖 Advanced IT Solutions: Develop cutting-edge web, mobile, AI, and blockchain applications to future-proof your business. 💰 IT Audits & Cost Reduction: Streamline infrastructure, optimize spending, and eliminate redundancies for significant savings. ------------------------------------------------------------------------------------ What I’ve Achieved ⭐ 50% Cost Savings for SMBs Reduced technology expenses for small businesses by negotiating vendor contracts and consolidating tools. ⭐ Scalable Solutions Inspired by Fortune 500 Helped SMBs implement systems modeled on enterprise practices, driving performance and scalability. ⭐ 52% Compliance Improvement Enhanced cybersecurity and compliance posture for SMBs, ensuring audit success and mitigating risk. -------------------------------------------------------------------- Services I Offer ✅ IT Strategy & Roadmaps for SMBs Develop customized IT strategies aligned with your small business goals to drive sustainable growth. ✅ Cybersecurity & Compliance Strengthen your defenses with robust risk assessments and compliance solutions tailored for SMBs. ✅ Cloud Infrastructure Design Build scalable, affordable cloud solutions with AWS, Azure, or Google Cloud. ✅ Data Analytics & Insights Leverage big data to unlock actionable insights that drive smarter decisions for SMBs. ✅ Technology Simplification Reduce complexity and improve productivity by aligning and streamlining tools and workflows. -------------- Let’s Build Your Success Story Ready to transform your IT challenges into opportunities? With my Fortune 500 experience and a proven record of success, I’ll help you reduce costs, enhance security, and create IT solutions that drive real results for your small business. Contact me today to start your journey toward scalable, affordable IT solutions!

Information Security Audit
System Administration
Investment Research
Presentations
Project Risk Management
Business Consulting
Program Management
Legal Consulting
IT Consultation
AWS Lambda
Smart Contract
Blockchain
Web3
Supabase
MongoDB
PostgreSQL
Python
Node.js
Svelte
Angular
Vue.js
Next.js
React
Project Management
$85 hourly
Jonathan P.
- 5.0/5
- (1 job)
With over 15 years of invaluable experience in the IT industry, I bring a wealth of expertise to the table. Specifically, I have dedicated 8 years of my career to specializing in compliance standards such as HIPAA, HITECH, NERC, ISO 27001, and ADA. My approach involves a meticulous step-by-step process that enables me to thoroughly analyze and address the unique needs of your organization. Having successfully dealt with HIPAA security breaches in the past, I am well-equipped to handle time-sensitive matters with utmost dedication. My primary goal is to ensure that my clients avoid substantial fines and penalties by promptly remedying any compliance issues. If you are in search of a comprehensive risk assessment, I am pleased to offer my services detailed below.: Security Risk Analysis o Annual Risk Assessment o Business Associate Agreement (BAA) o IT Security Documentation o IT Policy and Procedures o Report Analysis o Remediation Recommendations Website Compliance o Review website for ADA, CCPA, and GDPR compliance o HIPAA compliance is by scope only. o Security screenings o Monitoring o Backups o Remediation Strategies Network Vulnerability Assessment o Scoping o Threat Assessment o Setup & Configuration o Vulnerability Report Analysis o Remediation Recommendations Monthly Monitoring o Monthly Security Monitoring and Alerts o HIPAA compliance and alerts against malicious events o Website monitoring, compliance, monthly reports.

Information Security Audit
Firewall
Network Engineering
Cisco
FortiGate Firewall
Fortinet
Information Technology Strategy
Network Monitoring
Security Analysis
Vulnerability Assessment
Network Security
IT Compliance Audit
ISO 27001
HIPAA
Risk Assessment
$75 hourly
Austin S.
- 5.0/5
- (22 jobs)
Certified, results-driven, Information Security Engineer who has a range of experience from Security monitoring and investigation, vulnerability management, cloud security and understanding of various security compliance policies. Profound ability to effectively communicate, both orally and in writing, to various departments, agencies, and stakeholders. Identity and Access Management experience with detailed understanding of Active Directory and implementation of SSO, MFA etc with multiple frameworks. Implemented security controls while performing ongoing system maintenance to prevent, detect, analyze and respond to security incidents. Experienced and effective participant in hunt, computer network defense, real-time analysis and incident response activities, to include ability to reconstruct events from network, endpoint, and log data.

Information Security Audit
IT Compliance Audit
PCI DSS
SOC 2 Report
GDPR
FedRAMP
Compliance
HITRUST Common Security Framework
SOC 2
ISO 27001
Information Security Governance
Information Security
Cybersecurity Management
Incident Response Plan
Vulnerability Assessment
$80 hourly
Benjamin G.
- 5.0/5
- (7 jobs)
Over 25+ years of real-world IT experience with heavy exposure to security, vulnerability & risk assessments, penetration testing, ERP systems and Microsoft SQL Server. Experienced with the following tools/processes: CrowdStrike, penetration testing, OSINT, Burpsuite, Greenbone vulnerability scanner, Kali Linux, Metasploit Framework, OWASP Zap, MITRE Attack Framework, GRC, BCP/DR, Google Cloud, ELK Stack, Python, C# Well-versed in security assessments based on NIST 800-53 security controls, vendor risk analysis & SOC 2 reviews, creating security awareness training & phishing campaigns, and policy/procedure writing. Specializing in: - Information Security - Project management - System administration - Database & system design - ERP systems (Financials, HR, and Budgeting)

Information Security Audit
NIST Cybersecurity Framework
Website Security
Internet Security
Information Security Awareness
Information Security Governance
Microsoft SQL Server Administration
Enterprise Resource Planning
Project Management
System Security
Information Security
Cybersecurity Management
$275 hourly
Courtney J.
- 5.0/5
- (17 jobs)
*2023 Tampa Business Woman of the Year* *2023 Tampa Small Business of the Year CEO* *Global 2022 Cybersecurity Woman Entrepreneur of the Year* As a Top Rated Upwork Professional with a 100% success rate on multiple projects and CEO of an award winning business, rest assured that I execute at a high level of experience and professionalism. I have 20+ years of certified experience in Information Security and Assurance, Information Technology (IT), Project Management, Training, and Leadership. Master of Science Degree in Information Security and Assurance (MSISA), a Bachelor of Science Degree in Business / IT Management, and multiple active industry certifications. Prior active duty military (Navy veteran) with extensive experience as Chief Executive Officer (CEO) and Chief Security Officer (CSO) for a Government contractor and in the private sector. I have successfully led and executed dozens of security audits and accreditation efforts all leading to Authorizations to Operate (ATOs) and ISO 27001 preparation that led to zero non-conformities. My area of expertise includes but is not limited to: Cybersecurity Maturity Model Certification (CMMC), DFARS (NIST 800-171), NIST Cybersecurity Framework (CSF), NIST Risk Management Framework (RMF), Independent Verification & Validation (IV&V), ISMS, ISO 27001, Corporate Security Policies & Procedures, Security Awareness, Acceptable Use Policies (AUPs), Remote Access / VPN, Third Party Access and Compliance, System Security Plans (SSPs), Security Test Plans (STPs), Security Control Traceability Matrices (SCTMs), and Plans of Action & Milestones (POA&M). My team, Paragon Cyber Solutions, has in-depth experience with security assessments / audits, penetration testing, ethical hacking, secure code review and development, and workforce enhancement (training and certifications). We are an authorized CMMC C3PAO with the following designations / certifications: 8(a), EDWOSB, DM/DWBE, MBE, veteran, minority owned small business. Contact me for any of your information security needs.

Information Security Audit
Procedure Development
GDPR
ISO 27001
Information Security Governance
Certified Information Systems Security Professional
Cloud Security Framework
Information Security Awareness
Internet Security
Certified Information Security Manager
Security Assessment & Testing
Information Security
Network Security
$175 hourly
Derrich P.
- 5.0/5
- (33 jobs)
As a Top Rated vCISO with a 100% job success rate, rest assured that I execute at a high level of expertise, integrity, and professionalism. I am the President & Founder of Aspire Cyber, a full-service consulting firm that rapidly delivers privacy and cybersecurity compliance solutions to help small and medium-sized businesses satisfy their legal, regulatory, and contractual requirements. Aspire Cyber was founded on the core belief that every business should have access to world-class cybersecurity talent, regardless of budget or security needs. I have over 20 years of experience managing information security projects and implementing strategic cybersecurity controls for the United States Army, Bank of America, and numerous Fortune 100 companies. We offer entirely “Done For You” solutions that help your business rapidly achieve compliance while we manage everything. Don’t waste 6-18 months trying to figure this out yourself. Regulatory and industry cybersecurity frameworks have hundreds of different controls you must comply with and require knowledge of IT, Cybersecurity, HR, Legal, and more. Aspire Cyber is a leading provider of comprehensive cybersecurity compliance solutions. Our team of experts has a proven track record of implementing NIST SP 800-171 practices to help defense contractors achieve Cybersecurity Maturity Model Certification (CMMC). We make it easy for your business to prove it's a safe choice for handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). Schedule a free call with me to learn how our team of dedicated cybersecurity experts can help save you months of time and, in many cases, five or even six figures in excessive spending trying to become compliant without expert guidance. ★High Profile Clients ✔ I worked for the United States Army, Lockheed Martin, Bank of America, Hewlett-Packard Enterprise, and many others. Aspire Cyber specializes in the following areas: ★ Risk Assessment and Auditing - We have conducted over 200 Information Security, Business Continuity, and Cloud assessments. -Compliance (NIST, PCI, HIPAA, ISO 27001, GDPR, CCPA, COPPA, FedRAMP) - Cybersecurity Advisor -Cloud Secure Design -Data Privacy Officer (DPO) -Cloud Security -Policy Writing -Penetration Testing -Application Security -Incident Response -Vulnerability Management -Third-Party Risk Management -Security Awareness Training ★ I hold the following degrees and certifications: ✅ Certified CMMC Assessor (CCA) ✅ Certified CMMC Professional (CCP) ✅ CMMC Provisional Instructor ✅ Certified Information Systems Security Professional (CISSP) ✅ Certified Cloud Security Professional (CCSP) ✅ Certified Information Security Manager (CISM) ✅ Certified Risk and Information Systems Control (CRISC) ✅ CMMC Registered Practitioner ✅ CompTIA Security+ ✅ CompTIA A+ ✅ Master of Business Administration (MBA) ✅ Graduate Certificate Cybersecurity Technology WHY CHOOSE ASPIRE CYBER? -Professionalism: We treat all clients respectfully and adhere to the highest ethical standards. -Fast: We always aim to deliver your project ahead of schedule. -Expertise: We have vast experience across various cybersecurity and compliance areas. -Responsiveness: Constant and effective communication is the key to a successful engagement. 🙋🏼‍♂️Our team is eager to partner with your organization to deliver cybersecurity compliance solutions rapidly. Contact Aspire Cyber today to learn how we can fulfill your cybersecurity needs.

Information Security Audit
Cloud Security Framework
NIST SP 800-53
Policy Writing
Information Security Governance
FedRAMP
Information Security Awareness
Risk Assessment
NIST Cybersecurity Framework
Business Continuity Plan
Information Security
Incident Response Plan
Security Testing
Vulnerability Assessment
$125 hourly
Dhruvil J.
- 5.0/5
- (1 job)
Security and Compliance | Governance Risk and Compliance | Data Privacy | External audit | Internal audit | Enterprise Security | Product Security | Security Architecture | Third-Party Risk Management | Client Security Assurance | Corporate Security | Threat & Intelligence | Tools & monitoring | Project Management | Zero Trust | DLP | SIEM | IDS | EDR | Antivirus | Certifications: CISSP | CompTia Security+ Frameworks: SOC 2 | ISO 27001 | ISO 27017 | ISO 27018 | ISO 27701 | NIST 800-171

Information Security Audit
SOC 2
ISO 27001
Compliance
Leadership Development
Project Management
Security Management
Risk Management
Data Privacy
Public Speaking
Security Engineering
Network Security
Security Assessment & Testing
Vulnerability Assessment
Information Security
Want to browse more freelancers?
Sign up