🔒 You need security that actually works — not a report that says it does. The organisations I work with want to find the vulnerabilities that matter, fix them with confidence, and get on with growing their business without security becoming the thing that stops them.
I have delivered over 1,000 commercial penetration tests across 27 years. Not side projects. Not internal assessments. Full mission-critical engagements for high street and investment banks, hedge funds, insurance firms, government departments, police, military, national infrastructure, retailers, law firms, airports and more. I led the security architecture for the Athens 2004 Olympics internet-facing systems. I was lead architect on the UK Cyber Essentials scheme at launch. I have published in commercial security press and guest lectured at universities.
There is a difference between someone who does penetration testing and someone who has seen every flavour of environment, every attack pattern, and every way organisations deceive themselves about their security posture. That difference is what you are hiring.
🎯 Where can I help:
🗡️ Network & Infrastructure Penetration Testing — adversarial testing of internal and external infrastructure, finding exploitable exposures before an attacker does.
🌐 Application Penetration Testing — web application and API security testing against real attack patterns: authentication, authorisation, input handling and business logic flaws.
☁️ Microsoft 365 Security Assessment — Entra ID, Conditional Access, PIM, Intune, DLP, sensitivity labelling, Exchange Online and Defender for Office 365.
🔷 Azure Security Assessment — identity and access management, network controls, storage and key management, Defender for Cloud posture, and monitoring coverage.
🟢 Google Workspace, GCP & AWS Security Assessments — configuration and access control assessments across Google and Amazon cloud environments.
🏛️ Security Architecture and Risk Advisory — senior technical input on architecture decisions, control design and risk without a full engagement commitment.
👤 Every engagement is delivered directly by me — David Morgan, founder of Metis Security. No account management layer, no junior handoffs, no templated output. You work with the person conducting the analysis and writing the report.
📋 How I work is as important as what I find
Every finding in my reports is one I will defend as genuinely material to your environment. No padding, no low-hanging fruit included to justify the fee, no default risk ratings copied from a scanner. If your context changes the risk, the rating reflects that.
What you receive:
✅ A visually structured report with clear separation between executive summary, findings and remediation roadmap — written to be read by people who are not security specialists
✅ Risk ratings adjusted to your specific environment and context, not defaulted from a tool
✅ A prioritised remediation roadmap so your team knows exactly what to fix first and why it matters commercially
✅ Immediate escalation of any high-risk finding or schedule-affecting issue during the engagement — you are never waiting until the end to hear something important
✅ Daily status updates so you always know where the engagement stands
✅ A debrief call at close to walk through findings, answer questions and finalise the report before it is delivered
CISSP | ISSAP | Microsoft Security certifications | 27 years
If you need to know whether your environment is genuinely secure — not whether it looks configured — I am worth a conversation.
Vulnerability Assessment
Penetration Testing
Web Application Security
Network Penetration Testing
Office 365
Microsoft Azure
Cloud Security
Network Security
Security Assessment & Testing
Cybersecurity Management
Zero Trust Architecture
Security Analysis
Google Cloud Platform
Google Workspace
Amazon Web Services
NIST Cybersecurity Framework
Microsoft 365 Copilot
Internet Security
Information Security Audit
Information Security Consultation
Najam U.
Gujranwala, Pakistan
$75/hr
5.0
88 jobs
Expert-Vetted on Upwork (Top 1% of security professionals). If you're building on the cloud and want to find the security gaps attackers would exploit — before they do — I can help.
I’m a cybersecurity consultant and founder of Exfiltra, helping startups and enterprises secure their applications, cloud infrastructure, and DevOps pipelines.
I have worked with organizations generating $6B+ in annual revenue and helped companies strengthen security across cloud environments, applications, and compliance programs.
I personally lead security engagements and, when needed, bring in specialists from my team at Exfiltra to support larger or complex projects.
Most clients hire me when they want to:
✔ Secure Azure / AWS / GCP environments
✔ Perform professional penetration testing
✔ Implement DevSecOps and secure CI/CD pipelines
✔ Prepare for SOC 2, ISO 27001, HIPAA, FedRAMP, or CMMC
✔ Improve security posture using industry frameworks
CORE EXPERTISE
AZURE & CLOUD SECURITY
• Azure security architecture reviews
• Microsoft Defender for Cloud & Sentinel
• Identity security (Entra ID / Conditional Access)
• Cloud configuration reviews and CIS Benchmark hardening
APPLICATION SECURITY & PENETRATION TESTING
• Web application penetration testing
• API security testing
• Mobile application security testing
• Network and cloud penetration testing
• Assessments aligned with OWASP Top 10 and OWASP ASVS
DEVSECOPS & SECURITY AUTOMATION
• Secure CI/CD pipelines (Azure DevOps / GitHub Actions)
• Infrastructure as Code security (Terraform / Bicep)
• SAST and DAST integration in pipelines
SECURITY TOOLS
• Snyk
• Semgrep
• OWASP ZAP
• Burp Suite
• Wazuh
• CrowdStrike
• Microsoft Sentinel
AI & LLM SECURITY
• AI application threat modeling
• Prompt injection and model abuse testing
• Secure architecture for AI-powered applications
WHY CLIENTS WORK WITH ME
• Upwork Expert-Vetted (Top 1% of freelancers)
• Founder of Exfiltra – a cybersecurity services company
• Supported by a team of security specialists for larger engagements
• Contributor to OWASP ZAP
• Experience securing environments for organizations generating $6B+ in revenue
• Background in both software engineering and cybersecurity
• Security research involving organizations like the U.S. Department of Defense
NOT A GOOD FIT IF
• You want to hack or recover social media accounts
• You want enterprise-grade security but are not willing to invest in it
If your goal is to build secure systems instead of reacting to breaches later, feel free to invite me to your job or send a message describing your project.
Vulnerability Assessment
Network Security
Kali Linux
Security Assessment & Testing
Penetration Testing
Information Security Consultation
Application Security
Information Security
Web Application Security
Ethical Hacking
Cloud Security
Web App Penetration Testing
Security Management
System Security
AI Security
Secure SDLC
Security Testing
Website Security
Database Security
Cybersecurity Management
Petar A.
Sabac, Serbia
$50/hr
4.9
265 jobs
✅ Professional Penetration Tester ✅ 3500+ Hours ✅ Top Rated Plus Freelancer
Security Researcher and Penetration Tester recognized by the U.S. Department of Defense, AT&T, Sony, and Semrush for the responsible disclosure of 40+ vulnerabilities via HackerOne. Since 2022, an active member of the Synack Red Team - an elite tier of offensive security specialists vetted through rigorous technical and background screening.
Every engagement concludes with a comprehensive technical report built to satisfy the specific penetration testing controls required for HIPAA, ISO 27001, SOC2, and PCI-DSS. I provide a high-level executive summary for stakeholders alongside deep-dive technical findings, fully reproducible Proofs-of-Concept (PoCs), and prioritized remediation steps to ensure your team can effectively close every gap before your audit.
Specializing in black and gray box testing of live web applications, cloud environments, and networks, covering all common attack vectors, business logic flaws, and discovering previously undisclosed vulnerabilities (0days) to prevent high-impact data breaches.
Service Description:
1) Web Application Penetration Testing (OWASP Top 10, PTES, ASVS, Business Logic Testing)
2) Mobile Application Penetration Testing (OWASP Top 10, MASVS, MASTG, PTES)
3) Network Penetration Testing (Active Directory, Entra ID, Internal & External Network)
4) API Security Testing - REST, GraphQL, SOAP, gRPC, Webhooks (OWASP API Top 10)
5) Cloud Security Testing - AWS/Azure/GCP/OCI/Alibaba/IBM/DigitalOcean/SaaS/IaaS/PaaS
6) Cloud-Native & Container Security (Kubernetes, Docker, OpenShift, EKS/AKS/GKE)
7) LLM Security Testing (OWASP LLM Top 10, Prompt Injection, Data Poisoning)
Tools used in engagements:
BurpSuite Professional | Custom Python scripts | BloodHound | Impacket Framework | Responder | Metasploit | Mimikatz | Nuclei | Nmap | FRIDA | Android Studio | Pacu | Prowler | Postman
Identify and secure your attack surface before threat actors do ! Message me to discuss your project requirements.
Vulnerability Assessment
Penetration Testing
Network Security
Security Testing
AI Security
Internet Security
Network Penetration Testing
Web App Penetration Testing
Ethical Hacking
Black Box Testing
Reverse Engineering
JavaScript
Web Application Security
Cloud Security
API
OWASP
NIST SP 800-53
HIPAA
PCI DSS
Bug Bounty
Youssef E.
Kenitra, Morocco
$25/hr
5.0
28 jobs
I find the vulnerabilities in your web apps, APIs, and networks before attackers do, then hand your team a clear, reproducible penetration testing report they can act on.
GXPN and GCIH certified. Top Rated on Upwork with 100% Job Success across web application, API, and network security engagements.
No scanner dump and no jargon wall. Every finding comes with a severity rating (CVSS), working proof of concept, and a concrete fix your developers can ship.
What I test:
- Web application penetration testing (OWASP Top 10, PTES, NIST)
- API security testing (REST, GraphQL, auth/OAuth, IDOR, broken access control)
- SaaS and multi-tenant assessments (Supabase / Firebase data-isolation testing)
- Network and external perimeter penetration testing
- Source code / secure code review
How I work: authorized testing only, on systems you own or have permission to test. Everything is documented over Upwork so you get a written record of every finding, not a verbal hand-wave. I retest after you patch to confirm the holes are actually closed.
Credentials: GXPN (GIAC Advanced Penetration Tester & Exploit Researcher), GCIH (GIAC Certified Incident Handler), SANS CTF winner, and an active national/international CTF competitor (web, reverse, crypto, forensics).
I also handle WordPress malware removal and incident response. See my Project Catalog for a fixed-price option.
Vulnerability Assessment
Penetration Testing
Web Application Security
WordPress
Malware Removal
Website Security
Network Penetration Testing
OWASP
Information Security
API
Rafe F.
Melbourne, Australia
$75/hr
5.0
1 jobs
I'm Rafe, founder of Aussie Pen Test and a dedicated penetration tester with a formal IT background and seven years of hands-on experience across web application testing, network security, and infrastructure assessments.
I work with small to medium businesses and Managed Service Providers who need professional security testing without the enterprise price tag. You get manual testing, not just automated scans, and a clear plain-English report your team can actually act on.
No jargon. No fluff. Just straight answers about where you're vulnerable and exactly how to fix it.
All engagements are conducted ethically and professionally — written authorisation required before any testing begins.
Compliance
Information Security
Computer Network
Computing & Networking
Database
Database Management
Penetration Testing
Network Penetration Testing
Web App Penetration Testing
Wafa A.
Islamabad, Pakistan
$15/hr
5.0
27 jobs
💪 Top Rated
I help startups, SaaS companies, and enterprises identify security vulnerabilities before attackers do. With 5+ years of cybersecurity experience, I specialize in manual penetration testing, application security, API security, cloud security, compliance assessments, and privacy audits.
I have worked with organizations across the United States, United Kingdom, Germany, and Canada, delivering security assessments aligned with international standards and industry best practices. My assessments have uncovered critical vulnerabilities including Account Takeover, Remote Code Execution (RCE), IDOR, Authentication & Authorization flaws, Business Logic vulnerabilities, SSRF, XSS, CSRF, SQL Injection, Sensitive Data Exposure, Security Misconfigurations, and Insecure API Implementations.
My Services
Penetration Testing
• Web Application Penetration Testing (OWASP Top 10)
• Mobile Application Security Testing (Android & iOS)
• REST & GraphQL API Security Testing
• External & Internal Network Penetration Testing
• Authentication & Authorization Testing
• Business Logic Testing
• Secure Code Review (SAST)
• Cloud Security Assessments (AWS, Azure & GCP)
Privacy & Tracking Audits
I perform non-destructive privacy and tracking audits to evaluate how websites collect, process, and share user data without making any changes to production environments.
My privacy audits include:
• Tracking & Analytics Review (Google Analytics, Meta Pixel, LinkedIn Insight Tag, etc.)
• Cookie & Consent Compliance Assessment
• Third-Party Script & Tag Analysis
• Privacy & Data Collection Review
• Browser Storage Review (Cookies, Local Storage & Session Storage)
• Sensitive Data Leakage Detection
• Tracking Request Analysis
• GDPR Privacy Assessment
• Actionable Privacy & Security Recommendations
Important: I do not modify, delete, or update website code, tracking configurations, analytics settings, or production systems. My work is strictly read-only and results in a detailed report highlighting privacy concerns, security risks, and practical recommendations for improvement.
Compliance & Security Frameworks
• CASA Tier 2 Security Testing
• CMMC Level 2
• NIST SP 800-171
• NIST SP 800-53
• ISO 27001
• SOC 2
• GDPR
Security Automation
I develop custom security automation solutions that help organizations reduce manual effort and improve their security posture.
Automation services include:
• Vulnerability Management Automation
• Security Testing Automation
• Compliance Reporting Automation
• Security Workflow Automation
• Custom Security Scripts & Tools
Technical Toolkit
Security Tools
• Burp Suite Professional
• OWASP ZAP
• Nmap
• Nessus
• Metasploit
• SonarQube
• Veracode
• Appknox
• Bandit
Infrastructure & Cloud Security
• Cloudflare
• Imperva WAF
• Firewall Configuration
• Identity & Access Management (IAM)
• Access Control Management
• Database Security
Programming & Automation
• Python
• Bash
• Node.js
• Java
Why Clients Hire Me
✅ 5+ Years of Professional Cybersecurity Experience
✅ Manual Security Testing Not Just Automated Scanner Reports
✅ Clear, Actionable Reports with Risk Ratings and Remediation Guidance
✅ Independent Security Consultant (No Agency, No Subcontracting)
✅ Strong Communication Throughout the Engagement
✅ Flexible Across Multiple Time Zones (Including EST Overlap)
Deliverables
Every assessment includes:
• Executive Summary
• Technical Findings with Evidence
• Risk Severity (CVSS/OWASP where applicable)
• Step-by-Step Reproduction
• Screenshots & Proof of Concept
• Practical Remediation Recommendations
• Optional Re-Testing After Fixes
Due to client confidentiality, I do not publicly share full penetration testing reports. However, I can demonstrate redacted professional reports during a screen-sharing meeting or after an NDA is signed.
Whether you need a comprehensive penetration test, a privacy and tracking audit, an application security assessment, or compliance guidance, I'm here to help you strengthen your security posture and reduce risk.
Let's discuss your project.
Computer Network
Information Security
Network Penetration Testing
Penetration Testing
Testing
Software Testing
Malware Removal
Digital Forensics
Web App Penetration Testing
Security Testing
Cloud Testing
Cloud Security
Compliance
SOC 2
IT Compliance Audit
AI Compliance
GDPR Compliance Review
SOC 2 Report
Compliance Consultation
How it works
Post a job for freePost a job
Tell us what you need. Create your own job post or generate one with AI then filter talent matches.
Hire top talent fast
Consult, interview, and hire quickly, so you can meet the freelancers you're excited about.
Collaborate easily
Use Upwork to chat or video call, share files, and track project progress right from the app.
Payment simplified
Manage payments in one place with flexible billing options. Only pay for approved work, hourly or by milestone.
Don't just take our word for it
“Upwork provides an umbrella-level of security. I can see a talent’s work history and ratings. I can hold payments in escrow. I can communicate through Upwork Messages instead of working through my email address.”
KD
Kim Darling
Emerald Tiger
“Upwork is the best platform to hire skilled professionals when we're not looking for a full-time employee. All the companies in our portfolio use Upwork to find talent across a wide range of fields.”
DM
David Merry
Kinetic Investments
“Our very specific requirements can be a challenge—With Upwork, we’re able to access a bigger community to ensure the success of our projects.”
KK
Katja Krohn
Summa Linguae
How do I hire a Vulnerability Assessment Specialist on Upwork?
You can hire a Vulnerability Assessment Specialist on Upwork in four simple steps:
Create a job post tailored to your Vulnerability Assessment Specialist project scope. We’ll walk you through the process step by step.
Browse top Vulnerability Assessment Specialist talent on Upwork and invite them to your project.
Once the proposals start flowing in, create a shortlist of top Vulnerability Assessment Specialist profiles and interview.
Hire the right Vulnerability Assessment Specialist for your project from Upwork, the world’s largest work marketplace.
At Upwork, we believe talent staffing should be easy.
How much does it cost to hire a Vulnerability Assessment Specialist?
Rates charged by Vulnerability Assessment Specialists on Upwork can vary with a number of factors including experience, location, and market conditions. See hourly rates for in-demand skills on Upwork.
Why hire a Vulnerability Assessment Specialist on Upwork?
As the world’s work marketplace, we connect highly-skilled freelance Vulnerability Assessment Specialists and businesses and help them build trusted, long-term relationships so they can achieve more together. Let us help you build the dream Vulnerability Assessment Specialist team you need to succeed.
Can I hire a Vulnerability Assessment Specialist within 24 hours on Upwork?
Depending on availability and the quality of your job post, it’s entirely possible to sign up for Upwork and receive Vulnerability Assessment Specialist proposals within 24 hours of posting a job description.
Find more freelancers
Similar Vulnerability Assessment Specialist Skills