Hire the best Penetration Testers in the United States

Name: Penetration Testers
Brand: Upwork
Rating: 4.8 (161 reviews)

Check out Penetration Testers in the United States with the skills you need for your next job.

Get started

Clients rate Penetration Testers

4.8/5

based on 161 client reviews

$99 hourly
Sammy B.
- 5.0/5
- (41 jobs)
I help organizations build and manage a strong cybersecurity program. I have established resilient cybersecurity in Fortune 100 companies —Warner Bros., EA Sports, Pfizer, State Farm Insurance, and Goldman Sachs and can do the same for your business.

Penetration Testing
Cloud Security
Network Security
Cybersecurity Monitoring
SOC 2
HIPAA
PCI
Certified Information Systems Security Professional
ISO 27001
Security Infrastructure
Compliance Consultation
Web Application Security
Information Security Audit
Vulnerability Assessment
Security Policies & Procedures Documentation
$40 hourly
Jan S.
- 4.9/5
- (6 jobs)
OSCP, eCPPTv2, eWPT Certified Penetration Tester :: Web, Mobile App and API Expert :: 99th Percentile at HackerOne :: Cybersecurity Vulnerability & Risk Assessment and Mitigation :: Python, Bash, Powershell, Ruby, C, Javascript Proficient :: Top 0.001% on TryHackMe :: Top 0.1% on HackTheBox I work with companies in order to protect their digital assets, finances, reputations and secure their customer's private data, by discovering vulnerabilities before malicious actors do. - Certified and licensed penetration tester with experience exploiting vulnerabilities across web, network, mobile apps, APIs, PCI DSS compliance tests and more. - Found vulnerabilities in companies like Red Bull, Indeed, Verizon, Seagate, Toyota, UnderArmour, Razer. Merck, Cedar-Sinai and more. - Author of "Enumerating Esoteric Attack Surfaces", the most comprehensive document on web reconnaisance for bug bounty hunters and web-focused penetration testers. - Coding proficiency with Python, Bash, Ruby, Powershell, PHP, Javascript, NodeJS, C if you need code for security automation, customizing existing code, network/AD administration, doing security code analysis (white-box testing) or anything else. - Contributor to hackingthe.cloud , an expansive guide to penetration testing against targets hosted on cloud platforms (AWS, GCP, Azure) - Illustration work sometimes - I've worked with Dungeons & Dragons, TMNT, Brutal Truth, Noisear and many more. Certifications - OSCP (Offensive Security Certified Professional) - eWPT (Web Penetration Tester) - eCPPTv2 (Certified Professional Penetration Tester v2) - CompTIA Pentest+ - Python Institute PCEP Mostly do offsec work but capable of most computer-related tasks, including the ones you need help with right now!! Thanks for reading

Penetration Testing
Web App Penetration Testing
Python
Application Security
Ethical Hacking
Vulnerability Assessment
Information Security
Kali Linux
Metasploit
Bash Programming
Tech & IT
Security Engineering
Cloud Security
Linux
Security Testing
$40 hourly
Jeff R.
- 4.9/5
- (8 jobs)
Expert in Cybersecurity Small/Home Office and Enterprise Systems Management. Certified in Networking, Cybersecurity, Cloud, etc. Tinkerer and hobbyist that is driven to find a solution to any problem no matter the harm to my personal time. This is to always make my customers, friends, family and work satisfied with my professionalism.

Penetration Testing
Wireless Security
CompTIA
Microsoft Azure Administration
Office 365
System Security
Cloud Engineering
Raspberry Pi
Network Access Control
Network Administration
Proxmox VE
Server & Virtualization Software
Server Administration
Cybersecurity Management
Information Technology
$225 hourly
Junius W.
- 5.0/5
- (12 jobs)
Looking for a cybersecurity expert who has fortified the defenses of Fortune 500 companies and secured startups through critical growth phases? Your search ends here. With a proven record of implementing effective, cutting-edge security solutions, I am dedicated to creating resilient, secure operating environments tailored to your business needs. What I Bring to Your Business: • Deep Expertise Across Industries: My career includes engagements with global powerhouses like Pearson’s Government Solutions and Nestlé, alongside projects for SMBs and startups that value scalable, cost-effective security. • Proven Results: • Network Security: Reduced security incidents by 40% and improved network performance by 30% for a leading financial services firm. • Penetration Testing: Identified and resolved critical vulnerabilities for a tech startup, preventing potential data breaches and saving $500,000 in potential losses. • Incident Response: Crafted an incident response plan for a healthcare provider that ensured recovery from a ransomware attack with no downtime. • Compliance Success: Guided a multinational company through complex GDPR and HIPAA regulations, achieving full compliance and avoiding significant fines. High-Demand Services I Offer: • Vulnerability Assessments and Penetration Testing: Identify and fix weaknesses before they become threats. • Zero Trust Security Implementation: Design architectures that minimize your attack surface. • SOC Management and Threat Detection: Set up and manage 24/7 Security Operations Centers, reducing incident response times by 50%. • Compliance and Regulatory Consulting: Ensure your practices meet standards like GDPR, HIPAA, and more, safeguarding your reputation. Client Success Stories: • Financial Sector: Implemented a comprehensive security framework that halved incident rates, resulting in a more secure and efficient environment. • Healthcare Industry: Spearheaded a security overhaul that resulted in zero breaches over two years, solidifying trust and ensuring data protection. • Tech Startups: Enhanced security protocols that helped a startup secure Series B funding by showcasing robust data protection measures. Why Clients Choose Me: • Client-Centric Approach: I prioritize your business needs and align cybersecurity strategies with your goals. • Clear Communication and Transparency: Regular updates and collaborative processes mean you are never left in the dark. • Measurable Outcomes: From reducing downtime by 45% to integrating security into DevOps for a 35% efficiency boost, I deliver tangible results. Tools and Technologies I Excel In: • Pentesting and Network Tools: Metasploit, Nmap, Wireshark • Security Platforms: Kali Linux, Burp Suite, Splunk • Cloud Security: AWS, Azure, Google Cloud • Threat Detection: CrowdStrike, Snort, Suricata Certifications That Ensure Expertise: • Offensive Security Certified Professional (OSCP) • Certified Information Security Manager (CISM) • AWS Certified Security – Specialty • ISC2 Associate and more. Start with a Consultation: Let’s discuss your cybersecurity challenges and outline a roadmap to secure your business. With my help, you can focus on growth while knowing your company’s data and reputation are protected. Don’t be the CFO approving the Cyber Security budget after the attack.

Penetration Testing
Digital Forensics
Automation
Information Security Threat Mitigation
Cloud Security
Intrusion Detection System
Risk Assessment
Cryptography
Information Security Awareness
IT Compliance Audit
Ethical Hacking
Security Policies & Procedures Documentation
Cyber Threat Intelligence
Network Security
Incident Response Plan
$55 hourly
Ameen K.
- 5.0/5
- (10 jobs)
With over 10 years in cybersecurity and 7+ years specializing in penetration testing, I’ve led and executed over 100 assessments across diverse environments—web applications, internal/external networks, red/purple teams, cloud infrastructures, social engineering, mobile platforms, and even physical security. I’ve had the privilege of consulting for some of the biggest Fortune 500 companies, including PayPal, Berkshire Hathaway, TikTok, Meta, Tesla, Saudi Aramco, and more, delivering actionable insights to strengthen their security postures. Additionally, I spent over 9 months working alongside leading financial and social media companies, optimizing and expanding network infrastructures with 100,000+ devices, ensuring streamlined and secure operations at scale. Whether you're a small business or an enterprise, I bring proven expertise to identify vulnerabilities, mitigate risks, and secure what matters most. Let’s build a stronger, more resilient security framework together! 🔢 My stats are: ✅ Saved tens of thousands of dollars for Forbes 500 clients by identifying critical vulnerabilities ✅ Professional certifications (OSCP, GCPN,Security+) ✅ Top 10 in HackTheBox Team Global Rank ✅ Won 2022 DEF CON 30 CTF Competition ✅ Supporting all time zones ✅ Long-term engagements 🔢Core Competencies: 1. Network Penetration Testing 2. Web Application Penetration Testing 3. Social Engineering (Phishing, Vishing) 4. Cloud (Azure/AWS ) Penetration Testing 5. Security Training 6. Defensive Solution Configurations/Reviews (Security Engineering) 7. Malware Analysis 8. Cyber Risk Analysis 9. API Penetration Testing 10. Mobile Penetration Testing 11. External Network Penetration Testing 12. Vulnerability Assessment Testing ✅I love finding vulnerabilities. Whether those vulnerabilities exist in your firewall configuration, your employee training, or under your security fence, I will identify, triage, and alert you of threats before an attacker turns them into the next front page news story. 🔢Working with me, you will: ✅ Customized approach: I understand that every client's needs are unique, and I tailor my approach to meet your specific requirements. This ensures that you get the most comprehensive and effective security testing possible. ✅ Timely delivery: I understand that time is of the essence when it comes to security testing, and I always deliver my reports on time, without compromising on quality. ✅ Complete manual testing for your application and immediate notification if any high-impact issues are found. ✅ Unlimited retesting for the fixed issues and unlimited revisions ✅ Able to find critical bug classes that are often missed by automated pentests. 🔢NOTE: If you want to see my past reports I have done with previous clients know that reports contains sensitive information, NDA is signed for most of them especially from Gov & Forbes 500 clients. Disclosing information like that is breach of client privacy. However, I can share sample report with sensitive information hidden. Skills: Penetration Testing: Extensive experience conducting penetration tests, red team exercises, and purple team engagements across various platforms, including but not limited to, web applications, APIs, wireless, physical, network infrastructure, cloud environments (AWS & Azure), and other devices. Security Tools: Proficient in utilizing a wide range of security tools such as Burp Suite, Metasploit, C2 frameworks, Mythic, Sliver, bloodhound, etc. for penetration tests and red team operations. Defensive and Monitoring Technologies: Familiarity with defensive and monitoring technologies, including Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), Web Application Firewalls (WAF), and Security Information and Event Management (SIEM) solutions. Programming and Scripting: Proficient in scripting languages such as Python and Bash. Skilled in modifying and executing exploits and proof-of-concepts (POCs) to evade defensive countermeasures and emulate threat actor tactics, techniques, and procedures (TTPs). Cybersecurity Compliance: Familiar with security compliance requirements and industry standards, including MITRE ATT&CK, Cyber Kill Chain, HIPAA, NIST Cybersecurity Framework, and OWASP. Communication and Collaboration: Excellent communication and reporting skills to effectively communicate technical issues to both technical and non-technical stakeholders. Proven ability to work independently and collaboratively in a team environment.

Penetration Testing
OWASP
Red Team Assessment
NIST Cybersecurity Framework
Security Testing
Cloud Security
Web App Penetration Testing
Network Penetration Testing
Compliance
Information Security
$50 hourly
Richard S.
- 5.0/5
- (9 jobs)
💡 Industry-Leading 23-Point Code Inspection | Secure, Optimize & Scale Your Digital Assets 💻 Your Partner in Digital Security, Code Excellence, and Compliance 💻 ✔️ SDLC - Software Development Life Cycle ✔️ Cybersecurity Expert – Identify vulnerabilities and fortify systems against evolving threats. ✔️ Code Review & Optimization – Ensure clean, efficient, and scalable code for maximum performance. ✔️ Regulatory Compliance – HIPAA, FedRAMP, FIPS, and other critical security standards. ✔️ Advanced Security & Risk Mitigation – Identify threats before they impact your business. ✔️ Penetration Testing & Vulnerability Scanning – Proactively secure applications and infrastructure. ✔️ Transparent Communication & Reporting – Daily updates to keep you informed. ✔️ Flexible & Dedicated – Adapting to your schedule while providing customized solutions. ✔️ Military-Grade Security Expertise – Bringing top-level cyber defense strategies to businesses. 🔐 Secure Your Digital Future with a Trusted Security Specialist 🔐 I may be new to Upwork, but don’t let my profile fool you. I have over 14 years of hands-on cybersecurity and code review experience. One of my long-term contracts encouraged me to join Upwork to share our expertise with a broader audience—so here I am, bringing top-tier security, performance optimization, and compliance solutions directly to you. 👨‍💻 About Me: A Cybersecurity & Code Review Professional I started my career in the U.S. Air Force, where I mastered cyber defense, operational security, and strategic problem-solving. Over the years, I have worked with government agencies, private enterprises, and startups, providing expert security solutions that go beyond expectations. 💡 Why Work with Me? 🎓 Bachelor’s in Cybersecurity – Strong academic background and practical expertise. 🔒 Top Secret Clearance – Proven ability to handle and secure sensitive data. 🚀 Industry-Leading Technology Expertise – Skilled in Palo Alto Networks firewalls, SIEM platforms, and advanced security tools. 🛠️ Code Review & Penetration Testing Specialist – Identifying and fixing security gaps before they become liabilities. 🌟 Problem-Solver & Innovator – As a 100% disabled veteran, I bring resilience, adaptability, and a mission-driven approach to securing your digital assets. 📌 My Core Services ✅ Code Review & Secure Coding Practices – Identify vulnerabilities and optimize performance. ✅ Penetration Testing & Security Audits – Find and fix security gaps before hackers do. ✅ Cybersecurity Strategy & Compliance – Ensure adherence to security standards (HIPAA, FedRAMP, etc.). ✅ SIEM & Firewall Management – Advanced network security with real-time monitoring and threat mitigation. ✅ Security Automation & Incident Response – Implement AI-driven security solutions for proactive defense. ✅ Cloud & DevSecOps Security – Secure AWS, Azure, and Google Cloud environments. 🚀 Let’s Build a Secure & Scalable Future Together! 🚀 I am dedicated to delivering the highest quality security and code optimization solutions. Whether you need a deep security audit, penetration testing, or a full-scale security strategy, I am here to ensure your digital assets are safe, efficient, and built to last. 📩 Let’s connect and discuss your project today! 🌐 I provide AI-driven code reviews to help businesses build secure, scalable, and high-performance applications. My 23-point inspection process evaluates code for: ✅ Security vulnerabilities & compliance risks (HIPAA, SOC 2, ISO 27001, GDPR, FedRAMP) ✅ Performance bottlenecks & efficiency improvements ✅ Best coding practices for maintainability & scalability ✅ Static code analysis & automated vulnerability detection 💡 Key Expertise: ✔ Languages: Python, JavaScript, React, Node.js, Django, Laravel, PHP, C#, Java, TypeScript, Swift, Kotlin, Solidity ✔ Security & Compliance: OWASP, NIST, FIPS 140-2, PCI-DSS, SOC 2, ISO 27001, HIPAA, GDPR, FedRAMP ✔ Tools & Platforms: SonarQube, GitHub Copilot, SAST/DAST, Elastic Stack, Kubernetes, Cloud Security (AWS, Azure, GCP) ✔ Industries: SaaS, FinTech, Healthcare, E-commerce, AI & Machine Learning, Blockchain 💬 Why Choose Me? 🚀 Faster Turnaround: Code review in 2-3 days (vs. industry standard of 3 weeks) 🔍 AI-Driven Accuracy: Combines AI & expert analysis for better insights ⚡ Compliance-Focused: Ensures your software meets global security standards 📊 Actionable Reports: Clear, detailed, and developer-friendly feedback

Penetration Testing
GDPR Compliance Review
Application Review & Optimization
Security Assessment & Testing
Web App Penetration Testing
Artificial Intelligence
Source Code
Source Code Scanning
System Hardening
Security Analysis
HIPAA
Compliance Testing
Vulnerability Assessment
Review
Code Review
$75 hourly
Scott A.
- 4.9/5
- (44 jobs)
Security engineer and technical editor/writer specializing in cybersecurity architecture, operations, compliance/audit readiness, vulnerability scanning/pen testing, and technical documentation. Experience drafting security policies/procedures, and conducting cybersecurity framework mapping/pre-audit prep for NIST, PCI DSS, SOC2, HIPAA, HITRUST, GDPR, ISO 27001, and privacy and security frameworks. Proven track record of technical team and project management.

Penetration Testing
HIPAA
Technical Documentation
NIST SP 800-53
ISO 27001
Technical Writing
IT Compliance Audit
SOC 2 Report
Internet Security
Security Infrastructure
Application Security
Information Security
Cybersecurity Management
System Security
$120 hourly
Miguel F.
- 4.9/5
- (32 jobs)
I am Miguel Febres, a seasoned Senior IT Consultant with over two decades of versatile experience across various technology-driven roles. My expertise spans WordPress, Desktop Development, Web Development, Web Scraping, and Software Architecture. My deep knowledge and hands-on skills have enabled me to deliver successful outcomes across diverse projects, contributing to strategic growth and efficient solutions for clients. A commitment to innovation, high-quality standards, and effective problem-solving in the IT domain marks my career. WordPress I have extensive experience crafting customized and scalable WordPress solutions, ranging from simple blogs to complex e-commerce platforms. My proficiency includes theme and plugin development, ensuring optimized performance and security. Technologies used: PHP, HTML, CSS, JavaScript, MySQL, WooCommerce, Elementor, WPBakery, Yoast SEO. Desktop Development With strong skills in designing and implementing robust desktop applications, I have led numerous projects that require critical thinking and software management. I focus on user-centric design alongside efficient execution. Technologies used: C#, .NET Framework, Java, Python, Electron, WinForms, WPF. Web Development With a rich knowledge of front-end and back-end technologies, I have built and maintained scalable web applications that address organizations' unique needs. I approach projects by balancing aesthetic design with functionality. Technologies used: HTML, CSS, JavaScript, React, Angular, Node.js, PHP, Django, Ruby on Rails. Web Scraping I specialize in developing efficient web scraping solutions to extract, clean, and manage large data sets from complex web sources. My experience ensures compliance with data guidelines while maximizing scraping proficiency. Technologies used: Python (BeautifulSoup, Scrapy, Selenium), Puppeteer, PHP (Guzzle), REST APIs. Software Architecture My expertise in software architecture enables me to design and guide the development of scalable and maintainable systems. I emphasize strategic planning and architectural best practices to deliver high-performing software solutions. Technologies used: Microservices, RESTful Services, AWS, Azure, Docker, Kubernetes, UML, Agile and DevOps methodologies. I am also a Cybersecurity Analyst and Cloud Engineer. Check my specialized profiles for more information.

Penetration Testing
Microsoft Azure Administration
Microsoft Azure
Azure DevOps
Web Scraping
Reverse Engineering
Web Application
.NET Core
.NET Framework
Encryption
Ethical Hacking
API
C#
Python
Delphi
$30 hourly
Usama M.
- 4.8/5
- (115 jobs)
I am a passionate PhD aspirant in IT Networking, possessing an experience of 6.5+ years in this field. I specialize in legal and ethical cybersecurity, focusing on threat intelligence, digital forensics, ethical hacking (with client authorization), incident response, cloud security, applied cryptography and secure software development. My expertise includes penetration testing (Kali Linux, Burp Suite) in authorized environments, vulnerability assessment, network security, compliance audits (ISO 27001, NIST, GDPR), simulated attack scenarios for resilience testing and malware analysis in secure labs. With a strong foundation in secure coding (C, C++, Java, Python, Rust), IoT security and AI driven threat detection, I ensure robust and compliant security solutions. I excel in a diverse range of skills, including Technical Writing, Academic Report Writing, Research Proposals, and comprehensive Reviewing and Editing. Additionally, I provide expert assistance and tutoring across all areas of Computer Science, ML and Cybersecurity. With extensive experience in mentoring and supervising both Undergraduate and Postgraduate students, I am committed to fostering excellence and innovation in these fields. Should you require my services in any of the aforementioned areas, (or other tasks too) please message me before placing an order and I shall assist you to the best of my ability.

Penetration Testing
Academic Writing
Ethical Hacking
Academic Research
Python
Technical Documentation
Information Technology
Research Papers
Computing & Networking
Data Science
Machine Learning
Artificial Intelligence
Web Development
Network Penetration Testing
Information Security
Internet of Things Software
Computer Network
Computer Science
$30 hourly
Joseph E.
- 5.0/5
- (9 jobs)
Hello! My name is Joseph. With a mix of tech know-how, a knack for comprehensive administrative & customer support, and detailed experience in cybersecurity, I believe I can bring a unique perspective to your team. Being a self-starter, I thrive in fast-paced environments and can swiftly learn new processes. I am well-versed in agile setups and take pride in my in-depth project management skills. Motivated and hardworking, I ensure my work is detailed and thorough. Please see my experience below for a detailed breakdown of my past experience, but to recap, in my recent position at Pattern Inc. as an IT Support Specialist (Tier 2) I managed all technical help requests for the factory and all 50+ employees, ensuring production stayed on schedule and proactively maintained an efficient work environment. At Digital Factory as a Network Analyst, I excelled in analyzing cyber threats and implementing effective solutions, showcasing my ability to navigate complex technical landscapes. My time as a IT Support Specialist at Everise equipped me with the skills to manage technical support for a variety of clients through Salesforce while delivering top-notch customer service. Additionally, my role as a Help Desk Support at Best Buy emphasized collaborative team environments and providing technical assistance. As a freelance Virtual Administrative Assistant, I've been the go-to person for project management, IT support, and even social media management. In addition to my administrative prowess, I have delved into the realm of cybersecurity through formal education, acquiring a well-rounded skill set. This unique combination of skills makes me an ideal fit for projects with multifaceted responsibilities. My ability to tailor my expertise to meet the specific needs of each client ensures that I can adeptly navigate and contribute to a wide range of projects. Furthermore, my background in IT support has honed my skills in client communication and support. I am exceptionally skilled in fostering positive client relations, drawing on my experience to address concerns and provide solutions effectively. This expertise positions me to seamlessly contribute to projects that require a strong client-focused approach, complementing my versatile skill set.

Penetration Testing
Cybersecurity Management
Information Security
Network Engineering
Tech & IT
Computing & Networking
Technical Project Management
Python
System Security
CSS
Microsoft Windows
Kali Linux
Problem Solving
Linux System Administration
Network Security
$25 hourly
Patrick R.
- 5.0/5
- (2 jobs)
Hi, I’m a professional web developer and IT specialist with over 3 years of experience in creating and deploying websites. I can design and build responsive, user-friendly, and secure websites that meet your business needs and goals. I’m also proficient in coding and open AI, the artificial intelligence research company that aims to create and promote friendly AI. I have worked on various projects involving natural language processing, computer vision, generative models, and reinforcement learning. I can help you leverage the power of open AI to create innovative and intelligent solutions for your problems. Additionally, I have a strong background in information technology and cyber security. I have knowledge and skills in network administration, system administration, data analysis, cloud computing, and ethical hacking. I can help you protect your data and systems from cyber threats and ensure compliance with security standards and best practices. I’m passionate about learning new technologies and staying updated with the latest trends and developments in the web and IT industry. I’m always eager to take on new challenges and deliver high-quality results within deadlines and budgets. I have excellent communication and collaboration skills and can work effectively with clients and teams across different time zones and cultures. If you are looking for a reliable, skilled, and creative web developer and IT specialist who can handle your projects with professionalism and excellence, then look no further. I’m the right person for the job. Contact me today and let’s discuss how I can help you achieve your goals. Thank you for your consideration.

Penetration Testing
Website
SEO Setup & Configuration
Firewall
Firebase
SQL
C++
Azure OpenAI Service
Network Penetration Testing
Information Technology
DevOps
Linux
Java
Python
Microsoft Azure
$30 hourly
Daniel R.
- 4.7/5
- (15 jobs)
What would happen if your business' website was taken down? How much business would you lose? How about if it was defaced, or if your customer's information was leaked? How would your business' reputation fair? Let me help you find the security flaws in your site before the bad guys do! Whether you're wanting a full workup on your company's website, a small portion of an application you want to release, or an API you want to ensure won't be misused, I can help! My assessments come with a full report detailing the security flaws discovered, risk of each issue, my recommendations, & technical details which outline how to replicate the steps taken to discover each issue. I'll provide a free consultation so that you can understand exactly what I will/won't due, ensure that the testing boundaries are set, and have an estimated timeline for when the assessment will be completed. I will also do a follow up test, free of charge after the initial assessment is complete to ensure your remediation efforts are successful.

Penetration Testing
JavaScript
Web Design
C++
Java
Python
Report Writing
Risk Assessment
AI Security
Application Security
$125 hourly
Luciano F.
- 5.0/5
- (20 jobs)
Welcome to my profile! I'm Luciano Ferrari, a seasoned cybersecurity specialist with a profound 20-year journey in safeguarding digital landscapes. My expertise spans across network security, ethical hacking, penetration testing, and comprehensive vulnerability and risk management. Why Choose Me? Diverse Experience: I've fortified the cybersecurity frameworks of Fortune 500 giants and agile tech startups, tailoring strategies that fortify their defenses without compromising innovation. Certified Expertise: My credentials include prestigious certifications such as CISSP, CISM, PCIP, C|CISO, and CRISC. These attest to my commitment to excellence and continuous learning in the ever-evolving realm of cybersecurity. Academic Foundation: I hold a master's degree in Computer Networks and Business Administration, blending technical prowess with strategic business insights. Trusted Educator: Beyond consultancy, I empower others by sharing knowledge. Discover my courses on LinkedIn Learning and EC-Council, or delve into exclusive content on my website. Engage with Confidence: Choosing me means partnering with a cybersecurity advisor who's not just invested in protecting your assets but is also dedicated to empowering your team with knowledge and strategies that stand the test of time. Let's Connect: I'm eager to explore how we can fortify your cybersecurity posture. Whether you're a tech startup on the rise or an established enterprise, I'm here to tailor solutions that align with your unique challenges and goals. Warm regards, Luciano Ferrari Founder & CEO, LufSec LLC

Penetration Testing
Network Penetration Testing
JavaScript
Risk Assessment
Python
PHP
Web App Penetration Testing
Vulnerability Assessment
Project Risk Management
Cybersecurity Management
$40 hourly
Bikash Kumar R.
- 5.0/5
- (2 jobs)
I am here to deliver quality services to my clients to satisfy their security needs. I believe client appreciation is more than dollars, so please don't hesitate to contact me. Details: I am an experienced Consultant, having an experience of over More than 7 years on Manual as well as automated penetration testing. I am OSCP, CEH Certified, which are internationally recognized certification. Methodology/Standard that we follow: 1. OWASP 2. PCI DSS 3. NIST 4. Cert-In Area of Expertise: . Web, Thick-Client and Mobile application vulnerability assessment and penetration testing. . Vulnerability Assessment and Penetration testing for IT Networks. . Understanding of Application Security Guidelines/requirements from OWASP TOP 10 models. . Have successfully completed Web Application Penetration Testing for 40+ Cert-in projects. . Have successfully completed Web Application Penetration Testing for 100+ PCI-DSS Projects. . PCI ASV scan. . Mobile Application Security Testing. . Sound Knowledge in Bash, JavaScript. . Programming languages: HTML, CSS, C, C++, JavaScript. Identified and exploited multiple High/Critical severity Vulnerabilities like: . SQL Injection . Remote Code Execution . Insecure Direct Object Reference . Cross-Site Scripting. . Parameter Tampering . Cross-Site Request Forgery . Bypassing File Upload Restrictions . Account take over . Multiple Privilege Escalation . Business Logic Flaw etc. Thanks

Penetration Testing
Industrial Internet of Things
Security Analysis
Web Application Security
Metasploit
Application Security
Network Security
Vulnerability Assessment
$150 hourly
Luciana O.
- 5.0/5
- (198 jobs)
I am the founder of BetterCyber Consulting, a cybersecurity consulting and managed services firm specializing in startups, small businesses, and mid-sized companies. As an Upwork Expert-Vetted Cybersecurity Consultant, I help businesses identify risks, implement security controls, and meet compliance requirements without unnecessary costs or complexity. My experience in cybersecurity includes positions at Fortune 100 companies like PayPal and Marathon Petroleum. I hold several security certifications and earned a master’s degree in Information Security Engineering from The SANS Technology Institute. I offer the following cybersecurity services: ● Technical Security Assessments – Security reviews for AWS, Azure, Google Cloud, Microsoft 365, Google Workspace, Slack, and more. ● Penetration Testing – Web, cloud, mobile, and on-premises security testing. ● Compliance Assessments – NIST 800-171 & 800-53, FedRAMP, ISO 27001, CIS Controls, CMMC, HIPAA, and SOC 2. ● Security Strategy & Architecture – Build scalable security programs. ● Incident Response & Threat Mitigation – Detect and respond to threats. ● Managed Security Services – Ongoing security monitoring and advisory. ● Virtual CISO (vCISO) Services – Security leadership for businesses without a full-time CISO.

Penetration Testing
PCI DSS
NIST SP 800-53
CMMC
Risk Assessment
Cloud Security
Internet Security
Information Security Audit
Information Security Awareness
Security Engineering
Security Analysis
Email Security
Information Security
Security Policies & Procedures Documentation
Cybersecurity Management
$50 hourly
Bohdan S.
- 4.9/5
- (21 jobs)
- Certified Manual Quality Assurance Engineer with 9+ years’ experience; - Professional competencies in creating Test Strategies, Test Plans, Test Cases, and Test Reports as well as an understanding of all testing methodologies; - Strong background in setting up QA process from the scratch; - Experienced in using various levels of testing, requirements analysis and test design techniques; - Thorough understanding of the Test Life Cycle and Defect Life Cycle; - Excellent in analyzing test data, preparing software testing scenarios, and executing them in accordance with developing software-testing models for various projects. - Experienced in planning and executing performance and security tests; - Leading technical interviews with new candidates; - Performing knowledge sharing sessions; - Successful experience in managing a group of 15+ members team including manual, automation, and performance QA engineers; - Conducting performance reviews and goals settings processes; - Strong interpersonal and communication skills.

Penetration Testing
Security Testing
Cybersecurity Monitoring
Cypress
Software Testing
Test Case Design
iOS
Test Automation Framework
Postman
Automated Testing
Mobile App Testing
Selenium WebDriver
API Testing
Manual Testing
Regression Testing
$125 hourly
William P.
- 5.0/5
- (34 jobs)
UpWork Recognition: Expert-Vetted | Top-Rated Plus | 100% Job Success Score I provide affordable cyber security solutions to startups, small and medium-sized businesses, non-profits, and other organizations. I organizations that need improved security but don't have the budget to support an enterprise level. I work with these companies to create a security solution that is both affordable and effective. In today's world of ever-increasing cyber threats where small businesses are targeted more frequently, it is vital that these companies have IT Security systems in place. Statistics show that nearly half of small companies that suffer a cyber breach never recover. SPECIALITES: • Vulnerability Analysis • Penetration Testing • Compliance Assessment • Network Security Planning • Consultation • Managed Security Services • Risk Assessment & Management CMMC, HIPAA, SOC2, GDPR,

Penetration Testing
Data Privacy
Vendor Management
Information Security
Security Analysis
Risk Assessment
Regulatory Compliance
Cybersecurity Management
Ethical Hacking
$65 hourly
Thomas H.
- 4.9/5
- (13 jobs)
Dear Potential Client, I am Thomas Hinson, an experienced Agile Project Manager with a solid educational background, an MBA in Information Technology Management, and a Bachelor's in Cybersecurity and Information Assurance. With over 15 years of dedicated experience in the field, I bring a wealth of knowledge and expertise to help you successfully navigate your projects. My proficiency extends to various Agile methodologies, including Scrum and Kanban, and I am well-versed in utilizing tools such as Jira, Asana, and GitLab to streamline project management processes. I excel in translating high-level objectives into actionable Themes, Initiatives, Epics, and User Stories, facilitating a structured and efficient workflow. What sets me apart is my skill in coaching and collaborating with cross-functional teams, ensuring that everyone is aligned and working towards common goals. I have a proven track record of creating comprehensive project reports, plans, and strategies that drive success and deliver value to stakeholders. Furthermore, I understand the importance of effective communication with stakeholders and gathering their requirements to ensure project outcomes meet their expectations. If you're seeking a dedicated Agile Project Manager who can manage projects and elevate them to their fullest potential, I am here to help you achieve your goals. Let's collaborate to bring your projects to new heights. Sincerely, Thomas Hinson, MBA

Penetration Testing
Risk Analysis
Wireshark
Cybersecurity Monitoring
Metasploit
Ethical Hacking
Network Mapper
Project Management
Security Assessment & Testing
Information Security
$60 hourly
Adam T.
- 5.0/5
- (9 jobs)
Solutions-orientated IT Manager with exemplary academic and professional qualifications in the development and deployment of technical solutions for large organizations. Known for strong understanding and experience in technology innovation, solution implementation, project management, and cyber security initiatives. Skilled in providing effective leadership in fast-paced, deadline driven environments. Proven ability to design and regulate critical security programs and campaigns with in-depth operational supervision of incidents and emergency disaster recovery. Ability to collate and distribute reports that enable peers and executives to manage work seamlessly across the company and ensure targets are achieved. Outstanding presentation and communication skills, understanding business requirements to cross-collaborate and increase profits. Results-driven digital marketer providing content for social media platforms and delivering quality leads to clients for analytical purposes and business growth. Able to grow your brand on the Facebook and Instagram platforms while delivering campaigns that provide website visits, page likes, product and service sales, and quality interested leads while automating processes and integrating with email and CRM solutions.

Penetration Testing
Windows Administration
Technical Support
Amazon Web Services
Information Security
Microsoft Azure
System Administration
Vulnerability Assessment
Disaster Recovery
Microsoft IIS
Windows Server
Microsoft Active Directory
Virtualization
Kali Linux
Systems Engineering
Python
$75 hourly
Walt C.
- 5.0/5
- (6 jobs)
I graduated with a degree in computer science with a concentration in cyber security. I currently work as an Application Security Engineer where I help software engineers build secure applications and write vulnerability free code.

Penetration Testing
Web Testing
Vulnerability Assessment
Web Application Security
Security Analysis
Application Security
Website Security
Node.js
Python
Golang
$150 hourly
Lewa O.
- 5.0/5
- (2 jobs)
Tailored Security Solutions for Startups & Mid-Sized Businesses 🔐 About Me: Hi, I’m Lewa Owolabi, the founder of Arise Security, a boutique cybersecurity firm in Austin TX (serves clients globally) dedicated to providing security and compliance as a service. With over 15 years of experience in cybersecurity, I’ve worked with Fortune 5 companies to stand up well architected and secure cloud infrastructures, and now I specialize in offering tailored cybersecurity programs designed specifically for startups and mid-sized businesses. As cyber threats grow more sophisticated, I understand that securing your digital assets is not just about technology — it’s about building a proactive, risk-managed strategy that aligns with your business goals. Whether you’re launching a new startup or scaling your existing business, I bring deep expertise in building secure, compliant environments that not only protect your company but also support growth and innovation. At Arise Security, we provide end-to-end cybersecurity solutions, from risk assessments and threat prevention to incident response and compliance, ensuring your business stays secure and meets regulatory requirements at every stage of its journey. 💼 What I Can Do for You: - Tailored Security Programs for Startups & SMBs: Custom-designed cybersecurity frameworks that scale with your business while protecting you from evolving threats. - Cloud Security Architecture: Build and secure your cloud infrastructure across AWS, Azure, and Google Cloud, implementing best practices for data protection, redundancy, and scalability. - Compliance & Risk Management: Achieve and maintain compliance with local and global industry standards such as GDPR, CCPA, ISO Security and Privacy Standards, HIPAA and HITRUST, SOC 1,2, PCI-DSS, and more, while managing risk in a way that supports your business goals. - Managed Security Services: Ongoing monitoring, threat detection, incident response, and patch management to ensure that your systems remain secure and resilient. - Penetration Testing & Vulnerability Assessments: Identify and fix vulnerabilities before hackers can exploit them, with comprehensive security audits and penetration tests. - Security Training & Awareness: Educate your team on the latest security threats and best practices to ensure everyone is a part of your defense strategy. 🔧 Key Technologies & Tools: - Cloud Security: AWS, Microsoft Azure, Google Cloud Platform (GCP) - Compliance & Standards: SOC 2, HIPAA, PCI-DSS, GDPR, NIST, ISO 27001 etc. - Security Tools: Palo Alto, Cisco, Fortinet, Splunk, Nessus, Metasploit, Wireshark - Identity & Access Management (IAM)**: Okta, AWS IAM, Azure AD, SSO - Vulnerability & Pen Testing: Burp Suite, OpenVAS, Kali Linux, Nmap, Nessus - Incident Response & Forensics: SIEM, Splunk, ELK Stack, CloudWatch, CloudTrail - Security Automation & DevSecOps: Terraform, Jenkins, Ansible, GitLab CI/CD 🚀 Why Choose Arise Security & Me? 1. Expertise from the Top: After spending over a decade and half securing infrastructures for Fortune 5 companies, I bring enterprise-level security practices to startups and mid-sized businesses. As a VC fund manager we understand the business side of an organization, speak executive language and empower founders to leverage security as a revenue protection strategy. 2. Tailored Approach: We don’t offer one-size-fits-all solutions. At Arise Security, our services are customized to meet the unique needs and challenges of your business, ensuring that your security program grows and scales with you. 3. Comprehensive Service: We are your one-stop-shop for cybersecurity and compliance. From securing your cloud infrastructure to helping you achieve compliance, we cover all aspects of digital security. 4. Proactive, Not Reactive: My philosophy is simple — we prevent security breaches before they happen. By conducting regular audits, penetration tests, and security assessments, we stay one step ahead of hackers. We offer this one time or at a SLA level. 5. Scalable Solutions: As your business grows, so does our support. We provide scalable, flexible security solutions that adapt to your evolving needs and keep you protected as you scale. 🔒 Secure Your Business for the Future The digital landscape is full of risks, but with Arise Security, you don’t have to face them alone. We help startups and mid-sized companies design and implement robust security programs that not only protect your digital assets but also give you peace of mind to focus on growth. Let’s build a secure, compliant foundation that's tailored for your business and scales with your growth so you can stay focused on innovation while we handle your cybersecurity. 🔗 **Let’s Connect** schedule a consultation with me to discuss how we can build a custom cybersecurity program for your business — tailored to protect your future, today.

Penetration Testing
Information Security Governance
ISO 27001
Risk Assessment
HIPAA
GDPR
Data Privacy
PCI
Policy Development
Network Security
$80 hourly
Alexander B.
- 5.0/5
- (3 jobs)
Hello, I am Alex Brown. I am a Certified Information System Security Professional (CISSP) and Offensive Security Certified Professional (OSCP) with 13 years of industry experience and a masters degree in Cybersecurity. The majority of my career I have spent working with NIST 800-37 Risk Management Framework (RMF), performing security assessments, architecting security solutions, and applying security remediations. I have worked through all 6 stages of the RMF process from system categorization to system maintenance. I have developed cyber documentation to support security controls, developed polices and procedures to enforce system security practices and document system configuration. In addition, I have implemented technical security controls such as Windows and Linux patches, Windows and Linux OS configuration settings, and network device firmware and configuration settings. I have extensive experience in vulnerability assessment, security analysis, and applying security controls. I am extremely familiar with industry scanning tools such as Nessus and DISA Security Technical Implementation Guides (STIGs). I have worked with other security tools including Kali Linux and Metasploit. I have worked with application firewalls including Windows Firewall, iptables, and Symantec Enterprise Protection. I have extensive experience analyzing results from security scans, assessing risk, and applying measures to mitigate or remediate the security issue. I have developed Vulnerability Assessment Reports identifying the open vulnerabilities impacting the organizations system. I have developed Risk Assessment Reports where open vulnerabilities are assessed for overall risk by looking at likelihood of a vulnerability being exploited and the impact it would have on the organization. I have maintained Plan of Actions and Milestones (POA&M) where ongoing non-compliant security controls are tracked and assigned completion expectations and criteria. In addition to my technical knowledge and experience in the cyber field, I have also performed project management activities on cyber efforts. I have managed control accounts, maintained schedules, managed sub-contractors, and worked directly with customer clients on cyber deliverables. I have a strong background in understanding expectations to meet customer demands with strict schedule and cost demands.

Penetration Testing
Nessus
Microsoft Windows PowerShell
Windows 10 Administration
Certified Information Systems Security Professional
Security Analysis
Information Security Audit
Cybersecurity Management
Red Hat Enterprise Linux
Vulnerability Assessment
Bash Programming
$80 hourly
Christopher W.
- 4.7/5
- (2 jobs)
A resolute and motivated initiative-taker with 10+ years experience in software quality assurance/automation, web services, APIs, front-end, SQL and back-end in waterfall and Agile environments. Cybersecurity with OSINT, Penetration testing and Vulnerability Assessment. Ability to take on new assignments and follow through to completion.

Penetration Testing
Manual Testing
Vulnerability Assessment
Usability Testing
Selenium
Automated Testing
Software QA
Desktop Application Testing
Compatibility Testing
Web Testing
Functional Testing
Regression Testing
Performance Testing
SQL
$125 hourly
Ken R.
- 5.0/5
- (19 jobs)
Unconventional Solutions, Uncommon Results. A study from the National Cybersecurity Alliance shows that 20% of businesses with less than 100 employees will experience a cyber attack each year and that 60% of those businesses fail within 6 months of the attack. Preparation is key, identify your critical assets, secure those assets, monitor/alert/and respond to incidents when they occur, including having a response plan. Chances are if it hasn't happened to you, it will or it already has happened and you just don't know. My goal is to bring the experience and skills acquired over 23 years working for large organizations to the entrepreneur community in an attempt to reduce the statistics above at a price point that is approachable to those impacted businesses. Common Services: Malicious Email/File/URL analysis - Did you get a phishing email with a link or attachment and not sure if it is legitimate, then this service is what you want. Surprisingly, this is my most often requested service. This service includes analyzing files(exe, office files, zip files, or pdf), email, or URLs to determine if it is malicious and what happens if the file is run or the url is visited. The service includes executing the file/url in a sandbox, review OSINT on the file using tools like virustotal, as well as use reversing techniques on the file. Email headers will be reviewed to determine origin and intent. If you clicked the link or opened the attachment, then you might need the next level of service, Incident Response. Website Malicious Content Removal - Once an attacker finds a vulnerability and exploits that to gain access to your website they sometimes deface your website, sometimes gain access to the data, put malicious code in your pages to impact your users, but always give themselves a way back in. Our job is to not only find and remove the malicious content but determine how it got there and how to prevent it from reoccurring. Security Consulting - Make sure you have the proper controls in place, including logging, to reduce the risk but also make sure you can detect and recover from an incident in a timely manner. Get some peace of mind on questions like are my backups safe in the event of a ransomware attack. Has my system already been breached? How would I know if my system is breached? A vulnerability assessment is a rather quick process to identify known security issues like missing patches or common misconfigurations. These are identified through an automated scan, but the most notable point of a vulnerability assessment is that the vulnerabilities are not verified, it is assumed that if the system is missing the patch, it is at risk. This type of test is usually quicker and cheaper and gets 75% of the “low hanging fruit”. A penetration test takes this a bit further beyond just identification but actually tries to exploit the vulnerability to validate risk. A penetration test also goes a bit further as it might also test weaknesses in good configurations, processes, and implementations, items that can not be scanned automatically. A pentest usually also contains a vulnerability scan as part of the process, usually takes longer, and costs a bit more. Application Testing/Fuzzing and 0 day exploit development - The purpose of testing an application using techniques like fuzzing, is to ensure that the application can handle different types and lengths of unexpected input without crashing as well as testing to see if application handles the exceptions properly. If the fuzzing process has identified a crash based on unexpected input, it might be possible to develop an exploit that allows an attacker access to the system or perform some other nefarious activity. An exploit that has not been disclosed publicly but is actively being exploited in the world is known as a 0 day exploit. Having this type of test performed on your applications before release, can go a long way to reducing the risk of an attacker finding it and using it to attack your clients. Web application testing is the process of not just testing the application itself against vulnerabilities like cross site scripting, cross site request forgery, or sql injection among others, but the entire web application infrastructure including the framework used like Rails or Spring MVC, the server OS (Linux/Windows), the web server software (IIS, Apache, Web Logic), the language used (PHP, ASP.Net), any middle tier applications, and the databases on the back end. A vulnerability scan is generally also part of this type of test.

Penetration Testing
Security Engineering
WordPress
Security Analysis
DNS
Malware Removal
Metasploit
Application Security
Information Security Consultation
Digital Forensics
Vulnerability Assessment
$50 hourly
Stacey C.
- 5.0/5
- (14 jobs)
Hello! I can make your complex technical information short and sweet, providing effective content in cases where traditional technical writers lack practical depth. My specializations are information security and cryptocurrency. My services include writing, ghost writing, and editing. The content could be nearly anything: research and analysis, internal or customer-facing documentation, policy and compliance documents, or articles for your corporate social media presence. I get genAI and sometimes leverage it as a tool, but I don't depend on it nor do I recommend that anyone use it as a prose "baseline." Most of my professional background has been in testing and securing software. My professional certifications in information security include ISC2's CSSLP, GIAC's GPEN and GXPN, and the Cloud Security Alliance's CCSK. I am also a Certified Blockchain Security Professional, Certified Smart Contract Developer, and a Certified Cryptocurrency Auditor (Blockchain Council). I held ISC2's CISSP certification for 18 years, but allowed that to expire in 2023. I keep up with security trends, but I am no longer in those trenches every day. I work with APIs, but I am not a master of every language nor a graceful developer. I am a U.S. citizen, live in the Central Standard time zone, and I perform services from the U.S. and Mexico. Let's discuss the possibilities.

Penetration Testing
Blog Writing
Writing
Technical Writing
Content Writing
Article Writing
Information Security
Security Testing
Security Policies & Procedures Documentation
$86 hourly
Jacob S.
- 5.0/5
- (1 job)
Hi, I'm a skilled cyber security engineer with a passion for protecting information and assets. I'm continuously developing my skills and techniques to remain effective in the growing and rapidly change cyber security landscape. Experience and Skills include, but not limited to: • Nearly a decade of IT security operations, system design and architecture, network administration, and defensive/offensive cyber operations. • Tool Experience: Splunk, QRadar, FortiEDR, FortiWeb, Mimecast, DUO, Cisco ASA, Microsoft 365 Defender, Tenable, Rapid7, Palo Alto Panorama • Operational Experience: cyber threat defense, web/network penetration testing, email security, network intrusion and detection response, traffic analysis, firewall configuration, threat mitigation and detection; Windows/Linux OS. Certifications: • Security+ • Splunk Core User •. Blue Team Expert o Active DoD Top Secret/SCI I've received various awards and recognitions for my detailed work throughout my career. I love what I do and it shows in my work; something I take extreme pride in. How can I help you defend what's most important to you?

Penetration Testing
Cybersecurity Management
Risk Management
Computer Science
Ethical Hacking
NIST Cybersecurity Framework
Firewall
Information Security
Network Penetration Testing
Project Management
Cloud Security
Microsoft Windows
Linux
Network Monitoring
$100 hourly
Michael M.
- 4.8/5
- (2 jobs)
With an insight into technology and its unique challenges, my wide berthed set of skills makes me a highly prized asset to any company. By selecting me, you are assured to receive the highest caliber professional, with an eye always geared towards balancing the needs of Business and those of Security and Stability. Well versed in networking and network security, as well as MS and Linux technologies.

Penetration Testing
Chief Architect
Financial Audit
GDPR
Linux
Governance, Risk Management & Compliance
Network Engineering
Certified Information Systems Security Professional
Leadership Skills
HITRUST Common Security Framework
Check Point
Amazon Web Services
Information Security
Firewall
Want to browse more freelancers?
Sign up