Hire the best Risk Assessment professionals
Check out Risk Assessment professionals with the skills you need for your next job.
- $90 hourly
- 5.0/5
- (45 jobs)
I am a Certified Information Security Auditor (CISA) . I am an expert leading SOC 1/SOC 2 engagements and it's variations (Type I/Type II), ISO27001, HIPAA and HiTrust. I have extensive experience leading compliance design and implementations in preparation for audit engagements including both evidence gathering and report reviews. I have worked both in the internal audit and external audit sectors for one of the largest public accounting firms in the US. I work with businesses of varying sizes from start-up to Cloud 100. I am passionate about "right sizing" business process to narrow down the focus areas to drive efficient implementation of controls on an ongoing business. If you have any technology compliance needs or require answers to general compliance questions or guidance feel free to reach out to me.
Risk Assessment
Business Continuity PlanInformation Security AuditSecurity InfrastructureRegulatory ComplianceInformation Security GovernancePolicy WritingComplianceGDPR Compliance ReviewSaaSSOC 1 ReportHIPAACompliance ConsultationIT Compliance AuditSarbanes-Oxley Act - $80 hourly
- 5.0/5
- (68 jobs)
Transforming Information Security into a Competitive Advantage! I have the ability to translate complex compliance requirements into clear and concise language that resonates with the business. I'm a certified senior professional specializing in implementing and managing diverse security frameworks, including ISO 27000 family, SOC 2, PCI, GDPR, HIPAA, FedRAMP and CMMC. With a proven track record of guiding businesses to successful certification, I can help you achieve compliance while mitigating risks. Don't wait until it's too late! Contact me now and avoid drowning in compliance requirements. I'm well-versed in compliance platforms like Thoropass, Drata, StrikeGraph, and TrustCloud. Explore how I can assist you and inquire about my 10% referral discount.
Risk Assessment
CMMCRisk ManagementMicrosoft SQL ServerSecurity FrameworkNIST Cybersecurity FrameworkHIPAAGDPRNIST SP 800-53Data PrivacyInformation Security AuditComplianceGovernance, Risk Management & ComplianceISO 27001SOC 2 ReportInformation Security - $75 hourly
- 5.0/5
- (213 jobs)
☑️ Upwork Expert-Vetted 🌟 | 100% Job Success Rate ✅ | 10,000+ hours 💻 across 200+ projects 🚀 Currently collaborating with Microsoft’s dev and engineering teams 🛠️ as a freelance Technical Lead on Copilot, Intune, and Defender for Endpoint. I get early access to features 📅 and bug fixes 🐛, working 3-4 cycles ahead of public release. This insider view flows directly into my client projects. With 16+ years in the industry 📈 and $4M+ in projects delivered 🌐, I’m focused on solutions that are secure 🔒, compliant 📜, and effective. My hands-on role with Microsoft keeps me at the forefront, ready to deliver enterprise-grade results. 📞 Let’s set up a free 30-minute consultation 💬 to discuss📅 You could hire someone else for a lower rate who takes 5x as long to do the job right. You could also hire me, sit back relax and let an expert implement your solution exactly as needed. Think of me as your cloud solutions Advil. I reliably relieve headaches instead of causing them. 🗣️❝𝙍𝙞𝙙𝙞𝙘𝙪𝙡𝙤𝙪𝙨𝙡𝙮 𝙚𝙛𝙛𝙞𝙘𝙞𝙚𝙣𝙩 𝙞𝙨 𝙩𝙝𝙚 𝙥𝙝𝙧𝙖𝙨𝙚 𝙩𝙝𝙖𝙩 𝙘𝙤𝙢𝙚𝙨 𝙩𝙤 𝙢𝙞𝙣𝙙 𝙬𝙝𝙚𝙣 𝙄 𝙩𝙝𝙞𝙣𝙠 𝙖𝙗𝙤𝙪𝙩 𝙉𝙖𝙣𝙙𝙮. 𝙄 𝙝𝙖𝙙 𝙩𝙝𝙚 𝙥𝙡𝙚𝙖𝙨𝙪𝙧𝙚 𝙤𝙛 𝙬𝙤𝙧𝙠𝙞𝙣𝙜 𝙬𝙞𝙩𝙝 𝙝𝙞𝙢 𝙛𝙤𝙧 𝙩𝙬𝙤 𝙮𝙚𝙖𝙧𝙨, 𝙘𝙤𝙡𝙡𝙖𝙗𝙤𝙧𝙖𝙩𝙞𝙣𝙜 𝙤𝙣 𝙨𝙚𝙫𝙚𝙧𝙖𝙡 𝙥𝙧𝙤𝙟𝙚𝙘𝙩𝙨. 𝙄 𝙬𝙖𝙨 𝙥𝙖𝙧𝙩𝙞𝙘𝙪𝙡𝙖𝙧𝙡𝙮 𝙞𝙢𝙥𝙧𝙚𝙨𝙨𝙚𝙙 𝙗𝙮 𝙉𝙖𝙣𝙙𝙮’𝙨 𝙖𝙗𝙞𝙡𝙞𝙩𝙮 𝙩𝙤 𝙝𝙖𝙣𝙙𝙡𝙚 𝙚𝙫𝙚𝙣 𝙩𝙝𝙚 𝙩𝙤𝙪𝙜𝙝𝙚𝙨𝙩 𝙨𝙞𝙩𝙪𝙖𝙩𝙞𝙤𝙣 𝙚𝙛𝙛𝙤𝙧𝙩𝙡𝙚𝙨𝙨𝙡𝙮. 𝙏𝙝𝙖𝙩 𝙨𝙠𝙞𝙡𝙡 𝙤𝙛𝙩𝙚𝙣 𝙩𝙖𝙠𝙚𝙨 𝙮𝙚𝙖𝙧𝙨 𝙩𝙤 𝙙𝙚𝙫𝙚𝙡𝙤𝙥 𝙖𝙢𝙤𝙣𝙜 𝙖𝙣𝙮 𝙥𝙧𝙤𝙛𝙚𝙨𝙨𝙞𝙤𝙣𝙖𝙡𝙨, 𝙗𝙪𝙩 𝙞𝙩 𝙨𝙚𝙚𝙢𝙚𝙙 𝙩𝙤 𝙘𝙤𝙢𝙚 𝙥𝙚𝙧𝙛𝙚𝙘𝙩𝙡𝙮 𝙣𝙖𝙩𝙪𝙧𝙖𝙡𝙡𝙮 𝙩𝙤 𝙝𝙞𝙢. 𝙉𝙤 𝙢𝙖𝙩𝙩𝙚𝙧 𝙝𝙤𝙬 𝙩𝙚𝙣𝙨𝙚 𝙖 𝙢𝙚𝙚𝙩𝙞𝙣𝙜, 𝙉𝙖𝙣𝙙𝙮 𝙢𝙖𝙙𝙚 𝙨𝙪𝙧𝙚 𝙞𝙩 𝙚𝙣𝙙𝙚𝙙 𝙬𝙞𝙩𝙝 𝙖 𝙨𝙢𝙞𝙡𝙚. 𝘼𝙨 𝙖 𝙩𝙚𝙖𝙢 𝙢𝙚𝙢𝙗𝙚𝙧 𝙤𝙧 𝙖 𝙡𝙚𝙖𝙙𝙚𝙧, 𝙉𝙖𝙣𝙙𝙮 𝙚𝙖𝙧𝙣𝙨 𝙢𝙮 𝙝𝙞𝙜𝙝𝙚𝙨𝙩 𝙧𝙚𝙘𝙤𝙢𝙢𝙚𝙣𝙙𝙖𝙩𝙞𝙤𝙣.❞ — 𝙅𝙖𝙞𝙧𝙤 𝙎𝙚𝙦𝙪𝙚𝙞𝙧𝙖 - 𝙈𝙚𝙙𝙞𝙖𝙩𝙤𝙧 & 𝙄𝙣𝙩𝙚𝙧𝙣𝙖𝙩𝙞𝙤𝙣𝙖𝙡 𝘾𝙞𝙫𝙞𝙡 𝙇𝙖𝙬 𝘼𝙩𝙩𝙤𝙧𝙣𝙚𝙮 - 𝙅𝙖𝙞𝙧𝙤 𝙎𝙚𝙦𝙪𝙚𝙞𝙧𝙖 & 𝘼𝙨𝙨𝙤𝙘𝙞𝙖𝙩𝙚𝙨 🌟Career highlights of mine include: 🔶 Defense Cybersecurity: Worked with Dell and the Department of Defense on key cybersecurity programs for Fortune 500 companies. 🔶 Australian Gov Project: Leading a complex security initiative for a defense contractor, ensuring top-tier protection and compliance. 🔶 Microsoft Collaboration: Enhancing AI integration within Intune and Defender products with Microsoft’s product teams. 🔶 High-Security Contracts: Implementing remote work solutions with Microsoft AVD, ensuring data protection and compliance. 💼Here’s a highlight of the solutions, skills and services I commonly help my clients with: 🔒 Cloud Security & Zero Trust: Secure cloud architectures with a focus on zero trust, including On-prem to Cloud and Azure migrations. 📊 Azure Sentinel: Design and management of Azure Sentinel, including KQL for security analytics. ✅ Compliance & Audits: Conducting NIST, CIS audits, and ensuring compliance with ISO-27001, SOC2, GDPR, HIPAA, and more. 🔐 Identity Management: Implementing strategies like Active Directory Health Checks, Azure AD B2C Custom Policy, and GoDaddy 365 Defederation. 🌐 Global Security Projects: Managing security projects and regulatory compliance, including VMware to Azure migrations. 📉 Risk & Audits: IT security assessments, including GPO Clean-up and adherence to industry standards. ✉️ Email Security: Managing secure email migrations, including Google-to-Microsoft and O365 security with Mimecast. 🕵️ Investigations: Enhancing security posture through investigations like Phishing, Malware, and OWASP compliance. 💼 Retainer Services: Ongoing consultation and support for Security Advisor, Architect, and SOC Analyst roles. 🔧Here’s a highlight of the platforms I have extensive experience working with: 🖥️ Microsoft Azure, Azure Sentinel and Office 365 (O365) 🛡️ Microsoft Defender (Cloud Apps (MCAS), Identity, Endpoints, Azure) 📱 Microsoft Intune 📧 Microsoft Exchange 🗂️ Microsoft DLP 💼 Microsoft AVD 💻 Microsoft W365 Thanks for learning about me! If you’re interested in working together, please invite me to your job on Upwork to book a 🆓 free consultation call with me. Talk soon! 😊 Nandy Bo 🗣️❝ 𝙄𝙩 𝙝𝙖𝙨 𝙗𝙚𝙚𝙣 𝙖 𝙥𝙡𝙚𝙖𝙨𝙪𝙧𝙚 𝙩𝙤 𝙬𝙤𝙧𝙠 𝙬𝙞𝙩𝙝 𝙉𝙖𝙣𝙙𝙮 𝙙𝙪𝙧𝙞𝙣𝙜 𝙩𝙝𝙚 𝙩𝙧𝙖𝙣𝙨𝙞𝙩𝙞𝙤𝙣 𝙤𝙛 𝘾𝙖𝙡𝙡𝙘𝙤𝙢. 𝙉𝙖𝙣𝙙𝙮 𝙞𝙨 𝙫𝙚𝙧𝙮 𝙜𝙚𝙣𝙪𝙞𝙣𝙚, 𝙝𝙤𝙣𝙚𝙨𝙩 𝙖𝙣𝙙 𝙝𝙚𝙡𝙥𝙛𝙪𝙡 𝙞𝙣 𝙣𝙖𝙩𝙪𝙧𝙚. 𝙃𝙚 𝙖𝙡𝙨𝙤 𝙝𝙖𝙨 𝙖 𝙫𝙚𝙧𝙮 𝙞𝙣-𝙙𝙚𝙥𝙩𝙝 𝙠𝙣𝙤𝙬𝙡𝙚𝙙𝙜𝙚 𝙤𝙛 𝙄𝙏 𝙬𝙝𝙞𝙡𝙚 𝙢𝙖𝙞𝙣𝙩𝙖𝙞𝙣𝙞𝙣𝙜 𝙖 𝙫𝙚𝙧𝙮 𝙗𝙧𝙤𝙖𝙙 𝙥𝙧𝙤𝙗𝙡𝙚𝙢-𝙨𝙤𝙡𝙫𝙞𝙣𝙜 𝙤𝙪𝙩𝙡𝙤𝙤𝙠. 𝙏𝙝𝙚𝙨𝙚 𝙛𝙚𝙖𝙩𝙪𝙧𝙚𝙨 𝙢𝙖𝙠𝙚 𝙝𝙞𝙢 𝙣𝙤𝙩 𝙤𝙣𝙡𝙮 𝙖 𝙥𝙡𝙚𝙖𝙨𝙪𝙧𝙚 𝙩𝙤 𝙬𝙤𝙧𝙠 𝙬𝙞𝙩𝙝 𝙗𝙪𝙩 𝙖𝙡𝙨𝙤 𝙫𝙚𝙧𝙮 𝙞𝙣𝙨𝙥𝙞𝙧𝙖𝙩𝙞𝙤𝙣𝙖𝙡. ❞ — 𝙅𝙤𝙧𝙙𝙤𝙣 𝘽𝙞𝙡𝙡 - 𝙈𝙖𝙣𝙖𝙜𝙞𝙣𝙜 𝘿𝙞𝙧𝙚𝙘𝙩𝙤𝙧 - 𝘾𝙖𝙡𝙡𝙘𝙤𝙢 𝙄𝙣𝙩𝙚𝙧𝙣𝙖𝙩𝙞𝙤𝙣𝙖𝙡
Risk Assessment
Spam FilterMicrosoft Exchange OnlineEmail SecurityOffice 365Microsoft AzureCloud Engineering ConsultationSecurity AnalysisMobile Device ManagementMicrosoft Endpoint ManagerCloud SecurityInformation SecurityCloud ImplementationSolution Architecture Consultation - $250 hourly
- 5.0/5
- (37 jobs)
I have provided HIPAA consulting services for the last 20 years and over that time served over 1,000 clients. Client experience includes work with covered entities including hospitals, physicians, other health providers, insurers, union health plans and county government agencies. Experience with business associates include software vendors, IT managed services providers, cloud computing vendors, mobile app developers, medical billing services, value-added resellers, third-party administrators and pharmaceutical marketing companies. Services include virtual Privacy/Security Officer, policy and procedure development, policy gap analysis, computer security risk analysis, technical vulnerability analysis, vendor audits, HIPAA training, business associate contracting and other HIPAA related services. Other related experience includes use of security frameworks including ISO 27001/27002, NIST and HITRUST as well as the PCI DSS. I have worked with other government regulations including 42 CFR Part 2, GxP, FERPA, IDEA, DEA Regulations for E-prescribing of controlled substances and state laws relating to medical privacy and data breach in over 20 states.
Risk Assessment
Company PolicySecurity AnalysisPCIInformation Security GovernanceProject Risk ManagementInformation SecurityVulnerability AssessmentData PrivacyISO 27001HIPAAGDPR - $50 hourly
- 4.7/5
- (168 jobs)
Top Rated+ Legal Counsel with significant international experience in Data Privacy (GDPR and KSA PDPL / NDMO), Anti-Money Laundering, Corporate & Contracts Law, ISO certification. My services include: Review or preparation of all internal and external GDPR / KSA PDPL and NDMO / CCPA Documentation such as Data Management and Data Governance Controls, Privacy Policies, Cookie Policies, Vendor Evaluation, Standard Contractual Clauses (SCCs), Data Sharing Agreements, DPIAs, Legitimate Interest Assessments, Security & Access Policies, etc. ISO 27001 & ISO 27701 review and preparation. Virtual Data Protection Officer (DPO), Virtual AML Officer/ MLRO, Drafting of Contracts, Terms and Conditions, Non-Disclosure Agreements (NDAs), Corporate Partnership Agreements, Company By-laws, Internal Corporate Documentation (policies, procedures, decisions), etc. Review or preparation of all internal AML/CFT Documentation such as Know Your Customer (KYC) and Risk Assessment policies and procedures. (experienced in using specialized AML compliance tools) AI - risk assessments and implementation of transparency requirements ensuring compliant development and training of AI models Territorial experience: European Union Kingdom of Saudi Arabia and Singapore USA and Canada
Risk Assessment
LegalData PrivacyContract LawGDPRContract DraftingCorporate LawPrivacy PolicyData ProtectionLegal ResearchTerms & ConditionsEnglishDue DiligenceComplianceAnti-Money Laundering - $20 hourly
- 4.9/5
- (406 jobs)
I offer professional ISO & HSE Management System Consultancy, ISO Standards, Manuals, Policies, Procedures, SOPs, Work Instructions, Process flowcharts, formats & related documentations and Internal Compliance Audits and Risk Management. I also prepare bidding documents as per project requirements. Also, I am offering consultancy in Health, Safety & Environment (HSE), WHS documentation, Risk Assessments, JSA, SWMS, RAMS, Method Statements, Work Instructions WI, SDS, HSE Statistics and technical HSE training modules. ➤ My Areas of Expertise: ✅ ISO 9001:2015 Quality Management System (QMS) ✅ ISO 27001:2022 Information Security & Cyber Security (ISMS) ✅ ISO 14001:2015 Environmental Management System (EMS) ✅ ISO 45001:2018 Occupational Health & Safety (OHS) ✅ ISO 13485:2016 Medical Devices QMS ✅ ISO 22301:2019 Business Continuity Management System (BCMS) ✅ ISO 17025:2017 Laboratory Management System (LMS) ✅ ISO 22000:2018 Food Safety Management System (FSMS) & HACCP Plans ✅ ISO 50001:2018 Energy Management System (EnMS) ✅ NVQ Level 6 GradIOSH Occupational Health & Safety ✅ NEBOSH International General Certificate (IGC) ✅ Occupational Safety & Health (OSHA) ✅ cGMP & FDA 21 CFR Part 820 & 111 ✅ SOC 2 & HIPAA ✅ Lean Six Sigma Also, I am an experienced professional Chemical Engineer and Project Management expert with a proven track record of delivering profitability, sustainable business growth, operational optimization, and driving innovation. I also have been writing research papers, reports, thesis. I can take up any research, technical & content writing work. I can perform quality projects. Feel free to contact me for more details. SAIF UR REHMAN
Risk Assessment
Process SafetySafety EngineeringReport WritingISO 27001ISO 9001ISO 14001Quality AssuranceSix SigmaChemical EngineeringQuality Management SystemQuality, Health, Safety & Environment ManagementWorkplace Safety & HealthInternal AuditingInformation Security - $150 hourly
- 5.0/5
- (49 jobs)
Hello! I help funded startups, midsize, and fortune 500 companies in the healthcare, technology, and government contracting industries. I do this by implementing cybersecurity frameworks that address compliance and protect data, thereby enhancing your marketability and trustworthiness. My expertise includes 20 years of experience, knowledge from real world experience, and industry certifications (i.e. CISSP, CISM, ISO 27001.) My clients have included healthcare EHR, telemedicine, mobile, medical device, and behavioral health organizations. Other clients have been within the fintech, retail, and non-profit industries. These dynamic ecosystems have equipped me with the ability to provide tailored solutions for your unique needs. Compliance Expertise: HIPAA: I am a healthcare information security and privacy practitioner. I have successfully guided several healthcare organizations in effectively handling sensitive patient data. Notably, I orchestrated a full-scale HIPAA compliance overhaul for a 500+ employee healthcare Non-Profit, mitigating potential risks and ensuring continuous adherence to standards. SOC 2: I have been instrumental in developing and executing successful SOC 2 compliance strategies for SaaS, technology, and healthcare companies. My comprehensive understanding of the Trust Service Criteria has allowed SaaS providers obtain favorable SOC 2 Type II reports. ISO 27001: Specializing in risk management, I led the ISO 27001 certification process for multiple organizations. My systematic approach to implementing the ISMS framework has ensured ongoing conformity to this international standard, reducing information security risks and promoting a security-aware organizational culture. CMMC: With a thorough grasp of the Cybersecurity Maturity Model Certification (CMMC), I have assisted defense contractors in preparation to maintain their contracts by helping them achieve and maintain the required CMMC levels. I spearheaded a project to bring a mid-sized defense contractor up to CMMC Level 2, a significant undertaking that involved both technical and policy modifications. PCI-DSS: I conducted PCI assessments and collaborated with IT Teams for technology companies and payment gateway service providers to ensure a PCI Compliance environment. Additional services included writing policies, conducting risk assessments, managed penetration tests, collect AOCs from vendors, and filled out SAQ forms annually. Certifications: CISSP, CISM, ISO 27001 LEAD IMPLEMENTER, GCIA, ECSA, CEHv7 My Services: - vCISO Management - Policies & Procedures Development - Privacy Management - Compliance Implementation - Security Assessments - Risk Assessments - Third-party Security Questionnaires - SSP Development - Cybersecurity Strategy Testimonials: Imagined Cloud | CEO: "Larry exceeded our expectations with their comprehensive SOC 2 services. They not only helped us navigate complex compliance requirements but also provided valuable insights that improved our overall security posture. Highly recommended!" Johnson & Johnson | MedTech Product Security Manager: "Larry was instrumental in guiding our medical device company through our HIPAA assessments with his digital health expertise, significantly easing our compliance process. I highly recommend him for his cybersecurity expertise in the medical device sector." Keywords: cybersecurity expert, compliance, HIPAA, NIST, SOC 2, ISO 27001, CMMC, ISO 27001, policies and procedures , vCISO, risk assessment, compliance software, security assessments, healthcare
Risk Assessment
Medical DeviceNIST Cybersecurity FrameworkCybersecurity ManagementHealth & FitnessHealthcare SoftwareComplianceHealthcareTelemedicineHealthcare ITSOC 2ISO 27001Governance, Risk Management & ComplianceHIPAAIT Compliance AuditSecurity Policies & Procedures Documentation - $120 hourly
- 5.0/5
- (48 jobs)
I will help you reach your security compliance goals. Whether SOC 2, ISO 27001, or maintaining your security as a fractional CISO, you are dealing with an Expert-Vetted consultant (less than 1% of Upwork talents). Ex-Big 4 senior consultant with 10+ years of experience in assisting clients in cybersecurity, IT compliance, AI security management and security risk assessment projects. ❗You have lost contracts because you were not certified? ❗Your clients pressure you to provide them with an information security certification (PCI-DSS, SOC 2, ISO 27001, HIPAA, FedRAMP, CMMC, ISO 42001) ? ❗You don't know what to answer to the security assessment questionnaire you recently received from your biggest client & it's taking too much time ? ❗You don't have time and resources to be consumed by compliance efforts and endless meetings? ❗You are struggling to understand the certification process, the related cost, and the timelines? ❗You just purchased a compliance tool (Drata, Vanta, Thoropass, Sprinto, OneTrust/Tugboat, SecureFrame, Strike Graph, Audit Board, TrustCloud) but don't know the next step or don't have time for it? Services provided: 📝 Policies & Procedure writing & review 📝 Security gap analysis (based on frameworks on your choice, ISO 27001, NIST, SOC 2, etc.) 📝 IT and Compliance Audits 📝 Performing Risk Assessments, risk treatments, and establishing actions plans & roadmaps. 📝 Evaluation of the existing IT security state of maturity against established standards & regulatory requirements. 📝 Organization-wide security strategy 📝 Support in Governance, Risk & Compliance (GRC) projects 📝 Cloud security governance, management and strategy 📝 Security Operations 📝 DPO service: I can provide you with assistance with regards to GDPR/CCPA compliance, policy writing/reviewing, GDPR gap assessment analysis, and accompanying you in your GDPR compliance journey and Data Privacy requirements. 📝 CISO service: I can provide you with assistance and support in defining your security strategy, putting in place action plans and following up implementation over the long run. 💥WHY ME AND NOT ANOTHER FREELANCER?💥 ✅ Big 4 consultant expertise. End-to-end managed security services. ✅ All work is completed by myself, with constant communication with you and taking into account your every remark & need. ✅ Excellent Client Reviews: I focus on providing you with VALUE and earning your TRUST. ✅ Over-Delivering: I focus on GIVING you more than what I expect to RECEIVE. I am happy when my client's expectations are exceeded. ✅ Responsiveness: All lines of communications are open, and I can be reached very easily. ✅ Kindness & Ethics: As security and compliance professional, we hold ourselves to high ethical values, treating everyone with respect, understanding and genuinely IMPROVING my client's situation. Let's get in touch. (The hourly rate shown is indicative only, as I adapt depending on the project and client's budget) Security questionnaire and vendor assessment tools: CyberGRX, Panorays, KY3P (S&P, PWC), RSM, CyberVadis, SIG, CAIQ, VAS, HECVAT, OneTrust, Graphite Connect, Centrl, Whistic, Compliance management tools: Drata, Vanta, Onetrust Compliance Automatization - Tugboat Logic, Sprinto, SecureFrame, Thoropass (HeyLaika), Trust Cloud, Strike Graph, Audit Board, ISMS.online, Instant27001 Security/Compliance frameworks: ISO 27001, SOC 2, FedRAMP, NIST 800-53, NIST 800-171, NIST CSF, TISAX, HIPAA, HITRUST CSF, GDPR, NERC, ISO 27017, ISO 27018, CMMC, CMMI, TX-RAMP, StateRAMP, AZ-RAMP, NY DFS 23 / NYCRR Part 500, PCI-DSS, FFIEC, C5, ENISA, Center of Information Security (CIS), IRAP, ISO 42001
Risk Assessment
Certified Information Systems Security ProfessionalInformation Security AuditCloud SecurityGovernance, Risk & Compliance SoftwareSecurity ManagementData PrivacySOC 2 ReportGDPRIT Compliance AuditISO 27001Information SecuritySecurity Policies & Procedures DocumentationVulnerability AssessmentInformation Security Consultation - $175 hourly
- 5.0/5
- (33 jobs)
As a Top Rated vCISO with a 100% job success rate, rest assured that I execute at a high level of expertise, integrity, and professionalism. I am the President & Founder of Aspire Cyber, a full-service consulting firm that rapidly delivers privacy and cybersecurity compliance solutions to help small and medium-sized businesses satisfy their legal, regulatory, and contractual requirements. Aspire Cyber was founded on the core belief that every business should have access to world-class cybersecurity talent, regardless of budget or security needs. I have over 20 years of experience managing information security projects and implementing strategic cybersecurity controls for the United States Army, Bank of America, and numerous Fortune 100 companies. We offer entirely “Done For You” solutions that help your business rapidly achieve compliance while we manage everything. Don’t waste 6-18 months trying to figure this out yourself. Regulatory and industry cybersecurity frameworks have hundreds of different controls you must comply with and require knowledge of IT, Cybersecurity, HR, Legal, and more. Aspire Cyber is a leading provider of comprehensive cybersecurity compliance solutions. Our team of experts has a proven track record of implementing NIST SP 800-171 practices to help defense contractors achieve Cybersecurity Maturity Model Certification (CMMC). We make it easy for your business to prove it's a safe choice for handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). Schedule a free call with me to learn how our team of dedicated cybersecurity experts can help save you months of time and, in many cases, five or even six figures in excessive spending trying to become compliant without expert guidance. ★High Profile Clients ✔ I worked for the United States Army, Lockheed Martin, Bank of America, Hewlett-Packard Enterprise, and many others. Aspire Cyber specializes in the following areas: ★ Risk Assessment and Auditing - We have conducted over 200 Information Security, Business Continuity, and Cloud assessments. -Compliance (NIST, PCI, HIPAA, ISO 27001, GDPR, CCPA, COPPA, FedRAMP) - Cybersecurity Advisor -Cloud Secure Design -Data Privacy Officer (DPO) -Cloud Security -Policy Writing -Penetration Testing -Application Security -Incident Response -Vulnerability Management -Third-Party Risk Management -Security Awareness Training ★ I hold the following degrees and certifications: ✅ Certified CMMC Assessor (CCA) ✅ Certified CMMC Professional (CCP) ✅ CMMC Provisional Instructor ✅ Certified Information Systems Security Professional (CISSP) ✅ Certified Cloud Security Professional (CCSP) ✅ Certified Information Security Manager (CISM) ✅ Certified Risk and Information Systems Control (CRISC) ✅ CMMC Registered Practitioner ✅ CompTIA Security+ ✅ CompTIA A+ ✅ Master of Business Administration (MBA) ✅ Graduate Certificate Cybersecurity Technology WHY CHOOSE ASPIRE CYBER? -Professionalism: We treat all clients respectfully and adhere to the highest ethical standards. -Fast: We always aim to deliver your project ahead of schedule. -Expertise: We have vast experience across various cybersecurity and compliance areas. -Responsiveness: Constant and effective communication is the key to a successful engagement. 🙋🏼♂️Our team is eager to partner with your organization to deliver cybersecurity compliance solutions rapidly. Contact Aspire Cyber today to learn how we can fulfill your cybersecurity needs.
Risk Assessment
Cloud Security FrameworkNIST SP 800-53Policy WritingInformation Security GovernanceFedRAMPInformation Security AwarenessNIST Cybersecurity FrameworkBusiness Continuity PlanInformation Security AuditInformation SecurityIncident Response PlanSecurity TestingVulnerability Assessment - $125 hourly
- 4.9/5
- (366 jobs)
𝗬𝗼𝘂 𝗳𝗼𝗰𝘂𝘀 𝗼𝗻 𝘆𝗼𝘂𝗿 𝗕𝗨𝗦𝗜𝗡𝗘𝗦𝗦, and leave security, privacy, and compliance to me! As the founder of 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆-𝗰𝗼𝗻𝘀𝘂𝗹𝘁𝗮𝗻𝘁.𝗰𝗼𝗺 I know that in the B2B space, you need Security, Privacy, and Compliance to sell to Enterprises! Let me help you unlock business opportunities and growth (💲millions) and sell to the likes of Disney, Pfizer, Uber, Siemens, Google, PWC, and so on. Sleep well overnight because you know you are in good hands with the 🥇 Upwork virtual CISO, Security, Privacy, and Compliance consultant (1M+ earnings, 20+ years of enterprise experience)! CEO selling to Morgan Stanley: 🥂"The certification is enabling us to strike a deal with a Fortune 100 client." CEO selling to Philips: 🍾 "We have achieved the ISO 27001:2022 certification in record time." CEO selling to Pepsi:🎉 "Attila supported the growth of our business into Fortune 100 accounts." COO selling to Fannie Mae:👏 "We achieved a successful SOC 2 Type II attestation with no exception." 💭Securing your business, passing security assessments by clients or prospects, and achieving a security certification 𝙨𝙝𝙤𝙪𝙡𝙙 𝙣𝙤𝙩 𝙗𝙚 𝙖 𝙘𝙪𝙢𝙗𝙚𝙧𝙨𝙤𝙢𝙚 𝙖𝙣𝙙 𝙥𝙖𝙞𝙣𝙛𝙪𝙡 𝙚𝙭𝙚𝙧𝙘𝙞𝙨𝙚. 👌 All you need to do is ping me on Upwork, bring your problem, and after a 15-minute scoping call, I will provide you with a detailed Scope of Work, including pricing! Specialized in business-to-business clients, providing 💸money-back guaranteed💸 ISO 27001, SOC 2, GDPR, HIPAA, PCI-DSS, CMMC, and FedRAMP projects and affordable virtual CISO (vCISO) services. ----> If you don’t get certified, all my fees will be refunded! <---- 𝙒𝙚 𝙖𝙧𝙚 𝙖 𝙜𝙤𝙤𝙙 𝙢𝙖𝙩𝙘𝙝 𝙞𝙛 𝙮𝙤𝙪 𝙖𝙧𝙚: 🤔 Want to understand the 𝙖𝙘𝙩𝙪𝙖𝙡 𝙘𝙤𝙨𝙩 for implementation and maintenance of the security controls? 😢Busy developing your product or business and don’t have time and resources to be consumed by compliance efforts and endless meetings, halting your production for months. 🤔Already purchased a DIY compliance tool (Drata, Vanta, Thoropass/HeyLaika, Sprinto, Tugboat Logic, SecureFrame, Strike Graph, Audit Board, Trust Cloud, and so on) but 𝙙𝙤𝙣’𝙩 𝙠𝙣𝙤𝙬 𝙩𝙝𝙚 𝙣𝙚𝙭𝙩 𝙨𝙩𝙚𝙥 𝙤𝙧 𝙙𝙤𝙣’𝙩 𝙝𝙖𝙫𝙚 𝙩𝙞𝙢𝙚. 😢You quickly need quick security or privacy awareness training, cloud security posture assessment (AWS, GCP, Azure), endpoint security (MS 365 - Intune, Jumpcloud, Google Workspace), or penetration testing? 💪Facing challenges with the security and privacy implications of AI products? 💪Want continuous access to a certified, creditable security, compliance, and privacy professional to manage your security framework? -> Continous virtual CISO (vCISO / fractional CISO) service with affordable weekly payments! 😟Need world-class, battle-proof security and privacy policies and you need it quickly? These are the ones that have passed audits by KMPG, Deloitte, E&Y, Pepsi, Uber, Verizon, Philips, Facebook, and many others. Working with me, you will: ● Stop struggling with compliance requirements, security questionnaires, or useless document templates. ● Make the first steps on the journey to selling Enterprises ● Receive turnkey, Enterprise-grade security operation framework ensuring long-term effectiveness ● Work with an experienced senior team (architects, pen testers, endpoint engineers, developers, auditors, consultants) that regularly helps clients score Enterprise accounts. My stats are: ✅Saved tens of thousands $$$$$ for clients, advising them on the right security tools, solutions, and approach ✅#1 in Information Security and IT compliance categories (1M+ earned) ✅Supporting all time zones ✅Long-term engagements ✅Professional certifications (CISA, CISSP, ISO 27001 IA) About the Security Consultants team: QUALITY over QUANTITY is our ethos. Excellent quality, on time, always. We only take on projects when we can deliver outstanding results. The team consists of (only) senior experts in AWS, Azure, GCP DevOps, SecOps, Penetration testing, Google Workspace, MS 365 Intune, AppSec, auditing, and compliance. Professional Integrity: We are strongly committed to moral and ethical principles and values, such as honesty, honor, responsibility, trustworthiness, and objectivity. What we look for in a new client: ● Open-minded, relaxed attitude ● Values integrity & long-term relationships ● Willing to accept advice and guidance (security is a complex niche) Security questionnaire and vendor assessment tools: CyberGRX, Panorays, KY3P (S&P, PWC), RSM, CyberVadis, SIG, SIG Lite, CAIQ, VAS, HECVAT, OneTrust, Graphite Connect, Centrl, Whistic, Process Unity Security/Compliance frameworks: ISO 27001, SOC 2, FedRAMP, NIST 800-53, NIST 800-171, NIST CSF, TISAX, HIPAA, HITRUST CSF, GDPR, NERC, ISO 27017, ISO 27018, CMMC, CMMI, TX-RAMP, StateRAMP, AZ-RAMP, NY DFS 23 / NYCRR Part 500, PCI-DSS, FFIEC, C5, ENISA, Center of Information Security (CIS) CSAT, IRAP, PIPEDA, ISO 42001
Risk Assessment
AI CompliancePenetration TestingIT Compliance AuditGovernance, Risk & Compliance SoftwareNIST Cybersecurity FrameworkInformation Security ConsultationGDPRISO 27001SOC 2AI SecuritySOC 2 ReportInformation Security AuditCertified Information Systems Security ProfessionalInformation SecurityCybersecurity Management - $55 hourly
- 4.9/5
- (318 jobs)
IT Professional with over 30 years experience. 15+ years experience in web development. 8+ Years experience in PCI-DSS Consultation, including level 1 companies, working with QSA's to swiftly obtain compliance. For the past five years, I have been providing GDPR consultation to many small to medium-sized companies. Three years experience with ISO 27001 helping clients get and maintain ISO 27001 accredited certification. I spent 20 years working in various IT roles, mainly support, engineering, and web development, within one of the largest companies in the world. I was awarded Charted IT Professional status from the British Computer Society in July 2008. Since then, I have run my own company with a small team producing web-based platforms and services and offering freelance compliance consultation to small businesses. I have also worked as a CTO on several start-up projects managing their entire IT infrastructure and gaining valuable PCI compliance experience, essential to all e-commerce projects. Due to my experience and varied IT roles, I have a good knowledge of web design, programming, databases, security, SEO, troubleshooting, technical writing & more. I am a highly organised and reliable individual, utilising existing knowledge and experiences to find practical solutions to even the most complex project.
Risk Assessment
Compliance ConsultationData PrivacyVulnerability AssessmentInformation SecurityPCI DSSData ProtectionWebsite SecurityPCIComplianceISO 27001Information Security AuditGDPRWeb Content Accessibility GuidelinesSecurity Analysis - $30 hourly
- 4.6/5
- (91 jobs)
I have executed some 44 projects in upwork in information security, governance, IT service management, SIEM, and others and earned customer accolades. I continue to nurture my skills that will benefit my customers. I am all for value creation in IT because every penny spent must return value and do the business and IT a secure and safer workplace. Govind has spent 25 years in the IT and he is - ISO 27001 Lead Implementer from PECB Canada - ITIL Expert V3 , ITIL4 FL, ITIL4 MPT Certified - Certified ISO 27001 Lead Auditor, ISO 22301 Lead Auditor, ISO 20000 Lead Auditor - COBIT5 certified in the IT Governance - PMP, PRINCE2, - CSQA, - ISO 20000 Implementer - DevOps Master Currently pursuing education in CISSP and Data Privacy Skills :- Over last decades he has extensively worked and provided solutions in below areas. He brings multiple skills. - Implementing GRC - HIPAA, SOX, PCI/DSS, HITRUST 9.3, FedRamp, SOC2 (T1/T2) - Implementing Unified Controls for Security (UCF) - Implementing Information Security framework using ISO 27001/SOC2/ISO 22301 - Cybersecurity incident response management using NIST, SANS, ISO 27035, COBIT - Risk Assessment, IT Auditing - Jira Implementation both Project and ServiceDesk - Gap Analysis of IT Asset management, Compliance, COBIT Processes - Implementing Best Practices using ITIL/COBIT5 Processes - Implementing BPM Solutions using Appian, Bonitasoft, AgilePoint - Implementing Monitoring framework for IT Devices using Zabbix - Performance and Capacity solutions - Workflow automation - IT Service management using ServiceNow as a architecture - Implementing DevOps End to end for CI, CT, CD - Gap Analysis for CMDB and road map for improvements - A well groomed developer in scripting and development in various technologies - Attlasian Jira admin activities - Robotic Process Automation using UIPath, BluePrism, AutomationAnywhere Education : He is a post graduate in the Statistics with a specialty in Operations research and SQC. He then did Post graduate diploma in the Reliability. He has worked in niche technologies and fortune 500 clients since 2 decades across the globe. Extras :- He is editor of a book called "How to reduce cost of software testing" published by CRC Press and has spoken in conferences and written articles. Passion for Excellence:- He is passionate on creating value in the information technology space and is doing research in various areas such as IT Asset management, IT Cost management, Performance and scalability management. He is eager to help clients in below skills a.Implementing IT Governance, Risk and Compliance using COBIT5 framework b.Implementing ITIL best practices c.Implementing Test Automation using Selenium and other tools d.Implementing DevOps solutions in cloud and non cloud e.Implementing Security solutions using ISO 27001 and COBIT5 framework f.Implementing Business Process Automation using Bonitasoft, Agilepoint NX, Appian, BPM Online and others g.Implementing SIEM using Zabbix and other tools h.Implementing ServiceNow ITSM Tool as an architect i.Implementing a monitoring framework using Zabbix for capacity management j.Compliance like HIPPA, PCI DSS j.IT Audits Availability : I am available for assignments immediately on request. Major clients Worked : British Telecom, MetLife, Liberty Life, Euromax, Covad, UHI and many more. Visas : I had H1 Visa US, WP for UK, Netherlands, South Africa. Currently have B1 visa for US and can travel if there is a need Will be glad to associate to create value in IT
Risk Assessment
Project Risk ManagementUnified Threat ManagementISO/IEC 20000Business Continuity PlanHITRUST Common Security FrameworkPCISOC 2 ReportGovernance, Risk Management & ComplianceITILInformation SecurityISO 27001HIPAAComplianceCOBIT - $60 hourly
- 4.9/5
- (56 jobs)
About me: - Expert in product compliance. - I have worked extensively with Consulting, test labs and Certification bodies during my 15 years of experience in this field. Professional Services include (but not limited to) the following: ✅ CE marking ✅ UKCA marking ✅ FCC certification ✅ ISED certification ✅ Japan Radio & Terminal certification ✅ Global type approvals management ✅ Online training on regulations ✅ Regulatory research and consultation ✅ User information review (what regulatory information needs to be on the manual | label | packaging) ✅ Find test labs and inform you about where its best to have your product tested ✅ Prepare a test plan or compile a technical file ✅ Consultation on cyber security design | testing | certification of your product ✅ Risk assessments ✅ Outlining Directives/legislations ✅ RoHS and REACH Strategies ✅ WEEE Compliance ✅ Global Standards and Harmonized Standards ✅ Product and Packaging Labeling ✅ Defining Safety design requirements ✅ Product Market access strategies REGIONS & REGULATORY MARKING: ❗ EU (CE marking) ❗ UK (UKCA marking) ❗ US (UL, FCC) ❗ CANADA (ISED) ❗ JAPAN (MIC, TELEC) ❗ International approvals management, for example: ❗Brazil (Anatel), ❗South-Africa (ICASA), ❗India (BIS, WPC, TEC), ❗Indonesia (SNI, SDPPI) INDUSTRIES AND PRODUCT CATEGORIES: 🟡 Wireless products for consumer market (Radio Equipment) 🟡 IOT devices 🟡 Electronics 🟡 Robotics 🟡 SEMI-Conductor FAB Equipment 🟡 PPE (Personal Protective Equipment) 🟡 Toys 🟡 Medical Equipment (Class I and Class II only) 🟡 All kinds of Machine equipment 🟡 AI Products 🟡 Household Equipment EU DIRECTIVES (also US, Canada and UK Regulations in the same field): ✅ Electromagnetic compatibility directive (EMC) 2014/30/EU ✅ Low Voltage Directive (LVD) 2014/35/EU ✅ Machinery Directive 2006/42/EC ✅ Machinery Regulation 2023/1230 ✅ Radio Equipment Directive (RED) 2014/53/EU ✅ Personal Protective Equipment Regulation (PPE) 2016/425 ✅ Toy Safety Directive ✅ RoHS Directive 2011/65/EU ✅ WEEE Directive 2012/19/EU ✅ Pressure Equipment Directive 2014/65/EU I have extensive experience in the field of Regulatory Compliance for Industrial & Consumer Products. I can guide you in the product compliance process and the compiling of your technical file and documentation. I can provide design review, documentation screening, performance validation, compliance advice, product compliance consultancy or outsourcing and project managing services. I can also be an Authorized Representative for products intended for the EU market or help organize an Authorized representative for any market, feel free to discuss the setup. Consultancy is offered in all stages of your product design phase in order to have your product comply to the standards and regulations. During my career I have supported big companies to achieve product certification and worked with all kind of test labs and certification bodies. Furthermore as a side service, if you have any kind of research project; I am very good in online market research (I can help with research on market size, consumer taste / preferences, data collection). I have had several trainings with an intelligence, foresight & strategy Swiss company on OSINT, advanced search skills, searching the Chinese internet, strategic foresight, corporate research. I can help you search the internet and gather important data and info. Please note that I can't share contact information before a contract starts. As sharing this information before a contract starts violates the Terms of Service of Upwork and could lead to permanent account suspension. So please understand.
Risk Assessment
Test RequirementsRegulatory IntelligenceWireless CommunicationProduct LabelLabel ComplianceRegulatory ComplianceCompliance TestingCompliance Consultation - $150 hourly
- 5.0/5
- (185 jobs)
I am the CEO and founder of BetterCyber Consulting, a cybersecurity consulting and managed services firm specializing in startups, small businesses, and mid-sized companies. As an Upwork Expert-Vetted Cybersecurity Consultant, I help businesses identify risks, implement security controls, and meet compliance requirements without unnecessary costs or complexity. My experience in cybersecurity includes positions at Fortune 100 companies like PayPal and Marathon Petroleum. I hold several security certifications and earned a master’s degree in Information Security Engineering from The SANS Technology Institute. I offer the following cybersecurity services: ● Technical Security Assessments – Security reviews for AWS, Azure, Google Cloud, Microsoft 365, Google Workspace, Slack, and more. ● Penetration Testing – Web, cloud, mobile, and on-premises security testing. ● Compliance Assessments – NIST 800-171 & 800-53, FedRAMP, ISO 27001, CIS Controls, CMMC, HIPAA, and SOC 2. ● Security Strategy & Architecture – Build scalable security programs. ● Incident Response & Threat Mitigation – Detect and respond to threats. ● Managed Security Services – Ongoing security monitoring and advisory. ● Virtual CISO (vCISO) Services – Security leadership for businesses without a full-time CISO.
Risk Assessment
WordPress Malware RemovalMalware RemovalCMMCCloud SecurityInternet SecurityInformation Security AuditInformation Security AwarenessSecurity EngineeringSecurity AnalysisEmail SecurityPenetration TestingInformation SecuritySecurity Policies & Procedures DocumentationCybersecurity Management - $40 hourly
- 4.7/5
- (13 jobs)
Highly motivated and experienced professional, with experience in supervisory positions, seeking opportunities in career fields complimentary to my experience and expertise in project management, IT, customer service support and/or customer training and mentorship. Exceptional understanding of IT concepts, cyber security and/or project management. Expert knowledge of office automation software and hardware tools, to include the MS Office Suite.
Risk Assessment
Gap AnalysisSecurity Policies & Procedures DocumentationIT Compliance AuditContent WritingDisaster Recovery PlanNIST SP 800-53Governance, Risk & Compliance SoftwareCybersecurity ManagementResume WritingCompany PolicyData PrivacyCertified Information Systems Security ProfessionalInformation SecurityISO 27001Tech & IT - $50 hourly
- 5.0/5
- (3 jobs)
I am passionate for excellence and the pursuit of continuous improvement. With over a decade of experience under my belt, I've dedicated myself to guiding organizations towards achieving and maintaining excellence in their operations. My expertise lies in the intricate realms of IS Auditing, Information Security, IT Service Management, Business Continuity, IT Governance, and Risk Management. I thrive on the challenge of helping organizations navigate the complex landscape of compliance and best practices, ensuring they not only meet but exceed industry standards. My certifications, including CISSP, CISA, Cobit 5, MCP, and ISO 27001 and 20000. This reflects my commitment to staying at the forefront of the ever-evolving field of information security and IT governance. But beyond the certificates, what truly drives me is the opportunity to make a tangible difference in the lives of those I work with. Whether it's guiding a team through the intricacies of ISO certification or helping a client fortify their defenses against cyber threats, I approach each endeavor with empathy, dedication, and a genuine desire to foster success. Let's embark on this journey together, where passion meets expertise, and excellence becomes the norm.
Risk Assessment
Information Security AuditISO 27001Cybersecurity MonitoringRisk ManagementIT Compliance AuditBusiness Continuity PlanIT Service ManagementISO/IEC 20000Governance, Risk Management & ComplianceProject ManagementCybersecurity ManagementSecurity Policies & Procedures DocumentationInformation Security Consultation - $45 hourly
- 4.8/5
- (46 jobs)
I am a Product Safety Specialist having extensive experience in the field of Product Certification(CE marking/CE Certification/regulatory compliance). If these are the services that you require, I can promise that you are in safe hands for an end to end solution right from carrying out a Product Analysis, preparing a Conformity Assessment procedure, compiling a Technical File leading to drafting the Declaration of Conformity. About myself, I am a Mechanical Engineer with an MBA (Operations) and a Bachelor in Law. I have worked with several Manufacturing, Consulting and Certification agencies during my 30 years tenure. I am very knowledgeable about the various European Directives, Standards & conformity assessment procedures, Risk Assessment studies etc., I support various clients for products falling under Machinery, Low Voltage, Electromagnetic Compatibility, RED, ROHS, Construction Products Regulation and others. Also familiar with other Directives such as ATEX, PPE, PED, Medical Device etc., I have worked with Certification Bodies such as Bureau Veritas, TUV Rheinland and TUV Nord for a span of 17 years. I am therefore confident of supporting my clients for their various requirements. I have supported companies for Certification of : CNC Machines, IoT products, Consumer & Electronic products, Beverage Dispensers, Control Panels, , Material Handling Equipment, Data Loggers, 3D Metal Printers, Gear hobbing and grinding machines, Card sorters, Sheet Metal Press, Motors, Pumps, Alternators, Transformers, Test Rigs, Hydraulic Power Packs, Glass Lifting Machines, Automatic Voltage Regulator, Valves and many more. I am very active on Upwork and have rendered services for my Clients located in USA, Australia and various parts of Europe. During my career, I have rendered services to Globally renowned companies such as ABB, Bosch, Liebherr, Millipore, Biozeen, Atlas Copco, Sandvik, Weir Group, Nagel Special Machines, Yuken, Schenck Group, Mann & Hummel, Murugappa Group, Micromatic Grinding Group, Triveni Engineering and many more.
Risk Assessment
Risk AnalysisTechnical DocumentationRegulatory IntelligenceProduct DocumentationComplianceRegulatory ComplianceLegal ConsultingCompliance ConsultationProduct LabelSafety AssessmentMedical DeviceLabel ComplianceProduct Listings - $220 hourly
- 5.0/5
- (29 jobs)
Former private sector and government executive with leadership, consulting, advising, strategic and business development at the forefront of my professional skills. Compliance expertise in: FISMA, NIST CSF, NIST SPs 800 Series, HIPAA, FedRAMP, PCI DSS, Sarbanes Oxley, GLBA, GDPR, ISO 27001. CISSP with more than 20 years in cybersecurity and IT. Cybersecurity professor and skilled trainer in risk management and compliance, with expertise in developing professionals into the cyber managers and leaders they want to become. I teach fundamentals and advanced coursework in risk assessments, security testing, business continuity, secure application development, and securing emerging technologies. Business expertise in grant and proposal writing, as well as policy and procedure development. Technical writing to include strategic plans, white papers, briefing papers, and presentations. I have been writing, convincing, persuading, and communicating effectively through writing my entire career. I am also effective in providing business capture and business development support.
Risk Assessment
Nonprofit OrganizationCertified Information Systems Security ProfessionalData ProtectionPolicy WritingInformation Security AuditComplianceTech & ITRisk AnalysisBusiness Continuity PlanBusiness ConsultingEnterprise Risk ManagementProject Risk ManagementTechnical WritingTechnical Documentation - $50 hourly
- 4.7/5
- (15 jobs)
🚀 Unlock Seamless Compliance & Propel Your Growth with Expert Guidance! 🚀 Are you seeking a seasoned Compliance Professional to guide you as you embark on a journey through the complex world of global AML/CFT and crypto compliance? I’m Timothy, your dedicated ally and partner, weaving through the intricate compliance mazes with a passion for safeguarding and catalyzing your business growth. 🔍 Why Partner with Timothy? 🔍 About a decade of Tailored Compliance Mastery across FinTech, Financial Services, and Crypto/Web3. Global Compliance Maestro: Navigating through GDPR, AML, KYC, and crypto regulations across various jurisdictions. Proven Impact: ✅Successfully reduced risk exposure and compliance errors by up to 50% for businesses in the FinTech and Crypto sectors. ✅Successfully led the EMI and 5MLD licensing project for a UK Crypto Fintech, by creating the required compliance program, policies, and procedures documentation. ✅Successfully built and scaled a robust Risk and Compliance function from scratch for 3 startups. 🗣️ Client Testimonial 🗣️ "Timothy showcased exceptional expertise in compliance management throughout our collaboration. His in-depth knowledge of regulatory requirements and industry standards was evident from day one. He demonstrated a strong ability to dissect complex regulations and translate them into actionable strategies for our project. His expertise proved invaluable in navigating the intricacies of our compliance challenges. Timothy consistently delivered high-quality work, ensuring that all compliance aspects of our project were meticulously addressed. His attention to detail and commitment to excellence were evident in every deliverable." - Joshua O. | Product Manager "I had the pleasure of working with Timothy for several years. Timothy has a wealth of knowledge as a Chief Compliance Officer, a Crypto Investigator, and a Risk Manager. Timothy is a team player and very professional. He led the team in collaboration efforts with engineers and product developers in incorporating transaction monitoring platforms to conduct crypto KYC/KYB and investigations. Timothy is a natural leader. He is a strategic thinker and very analytical. I am very confident that any team would be lucky to have Timothy as part of their team. If my division had the resources, I would hire Tim today!!!!!" - Lourdes M. 🛠 Expertise That Speaks: 🛠 AML/KYC/Transaction Monitoring Frameworks GDPR & Data Privacy Compliance Blockchain Forensics & Investigations Policy & Procedures Writing Risk Assessments & Management Internal Audit & Designing Compliance Programs 🚀 Your Journey to Bulletproof Compliance: 🚀 Consultation: A complimentary deep dive into your needs. Proposal: A transparent roadmap, detailing timelines and costs. Execution: Regular, insightful updates ensuring absolute transparency. Delivery: Precision-driven work, with scope for revisions. Support: Continued post-project assistance. 🔐 Confidentiality at Its Best: Your business details and regulatory concerns are handled with the utmost confidentiality and integrity. 🌐 Navigating Global & Crypto Compliance? 🌐 Navigate through diverse jurisdictions and regulatory landscapes with confidence as my meticulously crafted strategies, from AML/CFT Compliance to the latest in crypto regulations, are designed to keep your business always a step ahead. 🤝 Forge Strategic Partnerships 🤝 Fortify your compliance strategy by tapping into my network, connecting you with Trust Providers, Bank Partners, AML/KYC Tools, and more. 🔄 Always Ahead in Compliance 🔄 Your compliance strategy will always stay ahead of the curve, especially in the rapidly evolving crypto/web3 sector, thanks to my ongoing learning and active engagement in industry seminars and workshops. Ready to Fortify Your Compliance Strategy and Propel Your Business Growth? 🚀 Let’s elevate your business to global standards, ensuring it’s not just compliant but also primed for seamless, risk-mitigated growth. Connect with me now by clicking on the green button at the top right of your screen, and let’s get started on safeguarding your business against compliance pitfalls and unlocking new horizons of growth!
Risk Assessment
PCIProject Risk ManagementIT Compliance AuditCompliance TestingEnterprise Risk ManagementRegulatory ComplianceCybersecurity ManagementGovernance, Risk Management & ComplianceRisk AnalysisGDPRPolicy WritingComplianceAnti-Money Laundering - $30 hourly
- 5.0/5
- (114 jobs)
Currently based in east coast USA, I am a seasoned IT professional with over 15 years of experience in multiple domains in IT such as Information Security and auditing, IT Project Management, IT Infrastructure Management, IT Operations, Business Analysis, Business Continuity and DR planning etc. Last worked as the Head of IT for five years in the Sri Lankan business of AIA Group, which is the largest insurance company in the world. I am now working as a freelance Consultant and accolade with the status 'TOP RATED' in Upwork. My skills are supported by industry leading professional and academic qualifications:- - Master of Science in Project Management from AeU - Malaysia - Certified Information Security Manager (CISM) from ISACA - USA - Certified Information Systems Auditor (CISA) from ISACA - USA - Certified in Risk & Information Systems Controls (CRISC) from ISACA - USA - Certified Data Privacy Solutions Engineer(CDPSE) from ISACA - USA - Certified Information Systems Security Professional (CISSP) from ISC2 - USA - HealthCare Information Security and Privacy Practitioner (HCISPP) from ISC2 - USA - GIAC Certified Intrusion Analyst (GCIA) from SANs USA - GIAC Continuous Monitoring Certification (GMON} from SANs USA - Project Management Professional (PMP) from PMI - USA - Working knowledge in ITIL V3 I have expert knowledge in multiple disciplines: **Information Security** - Development of Information Security Policies/ Procedures and Standards aligned to ISO27001/2 or NIST standards. - Development of Security Baseline Documents - Vulnerability Assessments and Penetration Testing (VAPT) - Assist in responding to Security Questionnaires - Risk Management Documentation - Business Continuity and Disaster Recovery Plans (DRP) - Cloud Security Enhancements - Good working knowledge on HIPAA, PCI DSS, ISO, GDPR, NY CRR500, FERPA etc. - Any other Information Security Related Tasks **Project Management** - Development of Business cases, Project Plans, Project Initiation Documents, Project Risk Logs and any other projects related documents and templates. - Developing Project Management Frameworks - Implementation assistance on Project Management tools such as Wrike or Asana - Project Management Support **Information Systems (IS) Auditing** - Develop Audit Programs - Conduct IS Audits (General Controls) - Conduct Specialized Audits (Cloud computing/Active Directory/ MS SQL etc) - Regulatory Compliance Reviews **IT Technical & Academic Writing** - User manuals both graphical/ text based and animated (simulations) - Undertake IT technical and academic writing on Information Security, Project Management or any other suitable topic. Passion and commitment keeps me fully engaged with clients to always deliver more value. Please get in touch and looking forward to work with you. Fluent in English and contactable through Upwork, Skype or WhatsApp Thank you
Risk Assessment
Information Security AuditSplunkAcademic WritingProject Management ProfessionalInformation Technology OperationsTechnical WritingSystem AdministrationIT ManagementInformation SecurityNetwork SecuritySecurity Policies & Procedures DocumentationSecurity Assessment & Testing - $75 hourly
- 4.9/5
- (205 jobs)
Various Contract Review: Analysis; Risk; Escape; Advice. I will find the key wording in Contracts that will minimize your liability or develop a strategy if you have possible liability. Construction Contracts: Multiple years of experience with private-commercial and public construction contracts. I have been in the General Contractor and Subcontractor roles for the construction industry. Tax Liability: I have experience in responding to possible tax liability and strategies to minimize potential damages. Estate Planning-Last Will & Testament: Experienced in producing Iron-Clad estate planning documents for you and your family to ensure you're protected now and in the future. Polished Professional: Contracts; Construction; Mediation; Appeals; Estimating; Business Decisions & Common Sense.
Risk Assessment
ConstructionConstruction Document PreparationLegal ResearchEngineering, Procurement & ConstructionConstruction EstimatingContract ManagementBusiness IntelligenceRisk AnalysisContractContract LawFinancial RiskContract NegotiationProject Risk ManagementTax Law - $111 hourly
- 5.0/5
- (42 jobs)
I offer a comprehensive suite of the services. 1. DIETARY SUPPLEMENTS : - review your product labels to ensure FDA compliance - review your website, Amazon page or social media to ensure FDA & FTC compliance - conduct 21 CFR 111 gap assessment - develop nutritional labels (Supplement Facts Panels) 2. HELP YOU PASS (INITIAL OR RE-CERTIFICATION) SQF AUDIT: - conduct gap assessment - develop the SQF system (procedures, policies, training, etc.) - internal audit of the existing system - onsite pre-audit evaluation 3. GMP FOR FOOD (21 CFR 117) & DIETARY SUPPLEMENTS (21 CFR 111) - Write and implement Food Safety program 4. DEVELOPING HACCP PLANS FOR SMALL SCALE BUSSINESSES 5. FDA FOOD FACILITY REGISTRAITON
Risk Assessment
Training & DevelopmentFood & SupplementsFood & BeverageUSDARegulatory ComplianceLabel ComplianceFoodQuality AssuranceGood Manufacturing Practice - $20 hourly
- 4.8/5
- (14 jobs)
KYC/AML/Enhanced Due Diligence/Fraud/Sanctions/CTF/Compliance/Risk Thank you for taking the time to read through my profile. I'm Charity, self-motivated, detail-oriented, and constantly looking for new ideas. I am looking to launch a freelancing career with eight years of corporate experience in jobs such as Customer Service Associate, Analyst, and Account Servicing and 3 years of freelancing for start-ups and fintechs. I possess a diverse range of skills and expertise encompassing various areas such as customer support (via email, chat, and phone), account monitoring, payment processing, review of loan documents, credit risk assessment, KYC (Know Your Customer), AML (Anti-Money Laundering), enhanced due diligence, fraud detection, training, data entry, administrative assistance, virtual assistance, providing personalized customer service to high net worth individuals, generating reports, and more. In summary, I am versatile and capable of multiple roles and responsibilities. I am an expert in email management, account administration, customer service via chat and phone, research, data input, professional report writing, process workflow and document development, process mapping, and other areas. I was able to attend several trainings as a result of my work experience in the corporate world, including Lean Six Sigma Yellow Belt training, essentials of team dynamics, risk management, Business English speaking and many more. I always put my clients at the heart of everything I do and go beyond and above for them. I gauge my own success solely based on the success of my clients. Let's chat and talk about your goals and ambitions. I would love to hear it and let me help you get there My skills are as follows: - Time Management - Attention to Details - Creating Standard Operating Procedures - Outstanding Customer Service - Familiar with Microsoft Office Suite - Familiar with Zoom and Skype - Basic knowledge of Canva - Team Player - Web Research - Familiar with Lexis Nexis Bridger and Refinitiv World check - Problem Solver - Decision Making - Quick Learner - Resourceful - Result Interpretation - Process Improvement - Flexible - Managing Teams - Good Communication - Zendesk ticket Handling - Microsoft office - Google Suite - Slack -Mailchimp For AML/Fraud/KYC and EDD tools, I am very much familiar with the following tools: -Lexis Nexis Bridger -Refinitiv's Worldcheck -Accuity, Orbis & Sayari -Factiva -RDC -Comply Advantage -Sardine -Sift -Persona -Sentilink -Sardine -Plaid -Sumsub The rate is negotiable depending on Business needs. Looking forward to hearing from you soon
Risk Assessment
Operations Management SoftwareCommunicationsCustomer SupportForum PostingFraud DetectionKnow Your CustomerProcess ImprovementMicrosoft WordDue DiligenceAdministrative SupportAnti-Money LaunderingData EntryPresentation DesignZendeskPhone Support - $75 hourly
- 5.0/5
- (15 jobs)
I am your SOX compliance and Internal Control solution for business process and IT areas to support your organizations: - Scoping and Risk Assessments - Narrative and Flowchart Development - Test of Design - Test of Operating Effectiveness - Deficiencies Evaluation - SOD Analysis - Fraud Risk Assessments - Key Reports Testing (IUC/IPE/EUC) and Spreadsheet Controls - SOC report reviews I am a Certified Internal Auditor who can help support your audit needs for projects, investigations and ad hoc audits. I can support your audit needs for ISO compliance and operational effectiveness and efficiency.
Risk Assessment
Internal AuditingSEC ReportingIT Compliance AuditSarbanes-Oxley ActInternal ControlFinancial Audit - $55 hourly
- 5.0/5
- (45 jobs)
A seasoned professional with an extensive 10+ years background in regulatory compliance, anti-money laundering (AML), and financial crime (FinCrime). My career spans across diverse sectors, including FinTech, Regulatory Technology (RegTech), Cross-Border Payments, Employ on Record (EOR), Contractor Management, Money Services Businesses (MSB), Foreign Exchange, Cryptocurrency, Tokenization, Broker-Dealers, Crowdfunding, Non-Profit Organizations, and comprehensive Financial Services. Renowned for my leadership acumen and exceptional communication skills, I excel in fostering engagement and steering complex problem-solving initiatives. My expertise encompasses a broad spectrum of compliance-related responsibilities: from crafting and enforcing compliance processes, pioneering compliance automation solutions, to managing operational compliance. I am deeply passionate about all facets of financial crime compliance. My professional journey has been characterized by the successful development and implementation of robust compliance frameworks and cutting-edge, AI-enhanced RegTech solutions aimed at optimizing compliance operations and mitigating risk. This foundation not only ensures adherence to AML regulations but also supports sustainable product innovation, such as advancements in KYC and on-going monitoring technologies.
Risk Assessment
FinTechKnow Your CustomerAI ComplianceGDPRProcedure ManualPolicy WritingCompliance ConsultationComplianceRegulatory ComplianceAnti-Money Laundering - $50 hourly
- 5.0/5
- (7 jobs)
An experienced cyber-security specialist & quality assurance & regulatory professional with a proven track record in governance, risk & compliance. I bring a wealth of hands-on experience in Information Security audits, Risk Management, Risk Assessment, Vendor Risk Assessment, Information Security Policy and procedures formulation, compliance with various security standards for several global clients and also performed cyber-security compliance assessments using NIST 800-53, NIST CSF based controls and supports remediation and mitigation activities. I also have experience in managing Quality Management System (single-handedly), drafting Standard Operating Procedures (SOP), managing Corrective & Preventive Action (CAPA) & Non-conformances/deviations, Training & Development, Document Management, KPI Management, Audit (Internal/External) Management in adherence to MDSAP, EU MDR 2017/745 & ISO 13485:2016 with deep understanding of these laws and standards. I have a deep understanding of various laws such as HIPAA. GDPR, Data Protection Act, MDSAP, EU MDR 2017/745 and standards such as ISO 27001:2013, PCI-DSS, SOC2, ISO 13485:2016 etc.
Risk Assessment
Information Security AuditFinancial AuditPCICybersecurity ManagementGDPRIT Compliance AuditPCI DSSData PrivacyISO 27001 - $75 hourly
- 5.0/5
- (22 jobs)
My reputation as a dynamic leader stems from my track record in leading cross-functional teams and steering high-functioning Business Continuity and Information Security Programs within the banking industry and capital markets. I possess a strong aptitude for utilizing my well-developed analytical skills and a keen eye for identifying synergies to drive cost-effective initiatives and increase overall performance. I consistently deliver projects on time and within budget. My expertise extends to risk management and information security, ensuring that organizations can handle uncertainties and protect sensitive data. With proven capabilities in leveraging excellent customer service and interpersonal communication skills, I continually promote stakeholder collaboration, fostering trust and resilience. I am competent in all aspects of Business Continuity Management, Risk Management, and Information Security, including: • Business Impact Analysis (BIA) • Risk Management (Risk Appetite, Risk Identification, Risk Assessment, Risk Mitigation, Risk Monitoring) • ISO 22301 • ISO 27001 • Recovery Strategy • Vendor Management • GDPR • Business Continuity Planning (BCP) • Workplace Recovery Testing • Disaster Recovery Testing • Business Continuity Audit • Information Security Management System (ISMS) • Incident Management • Training and Awareness Some key achievements in this role include: • Received the BCI Global and BCI European Awards for achieving the most effective recovery in 2016 • Membership of Business Continuity Institute (MBCI) • Certificate of the Business Continuity Institute (CBCI) • Data Protection in Financial Institutions Certification • Outsourcing Management in Financial Institutions Certification • ISO 22301 Certification • Project Management Professional (PMP) Certification
Risk Assessment
Business Continuity PlanningDisaster RecoveryBusiness AnalysisBusiness Continuity PlanProject Risk ManagementManagement ConsultingDisaster Recovery PlanProject Management ProfessionalVisual Basic for ApplicationsCrisis Communications Want to browse more freelancers?
Sign up
How it works
1. Post a job
Tell us what you need. Provide as many details as possible, but don’t worry about getting it perfect.
2. Talent comes to you
Get qualified proposals within 24 hours, and meet the candidates you’re excited about. Hire as soon as you’re ready.
3. Collaborate easily
Use Upwork to chat or video call, share files, and track project progress right from the app.
4. Payment simplified
Receive invoices and make payments through Upwork. Only pay for work you authorize.
Trusted by
How do I hire a Risk Assessment Freelancer on Upwork?
You can hire a Risk Assessment Freelancer on Upwork in four simple steps:
- Create a job post tailored to your Risk Assessment Freelancer project scope. We’ll walk you through the process step by step.
- Browse top Risk Assessment Freelancer talent on Upwork and invite them to your project.
- Once the proposals start flowing in, create a shortlist of top Risk Assessment Freelancer profiles and interview.
- Hire the right Risk Assessment Freelancer for your project from Upwork, the world’s largest work marketplace.
At Upwork, we believe talent staffing should be easy.
How much does it cost to hire a Risk Assessment Freelancer?
Rates charged by Risk Assessment Freelancers on Upwork can vary with a number of factors including experience, location, and market conditions. See hourly rates for in-demand skills on Upwork.
Why hire a Risk Assessment Freelancer on Upwork?
As the world’s work marketplace, we connect highly-skilled freelance Risk Assessment Freelancers and businesses and help them build trusted, long-term relationships so they can achieve more together. Let us help you build the dream Risk Assessment Freelancer team you need to succeed.
Can I hire a Risk Assessment Freelancer within 24 hours on Upwork?
Depending on availability and the quality of your job post, it’s entirely possible to sign up for Upwork and receive Risk Assessment Freelancer proposals within 24 hours of posting a job description.