- Fixed price
- Intermediate
- Est. budget: $250.00
I need someone to manage job applications online securely and host a laptop 24/7. The ideal candidate will ensure all applications are processed efficiently and securely, maintaining continuous availability. Experience in online application management and security is essential.
- Hourly
- Intermediate
- Est. time: Less than 1 month, Less than 30 hrs/week
Log term fulltime consulting project for US based experts. We are seeking to augment our team with a solid SIEM / SOAR expert with experience working for MSSP or service provider. The right candidate will have expertise in XSOAR, Splunk, Splunk Soar or other leading SOC technology stacks. Must have experience in SOC automation including creating playbooks and scripting automation to accomplish common tasks such as creating detection rules, tunning detections and managing data quality. Deliverables - Configure and customize SIEM/SOAR capabilities - Create Playbooks - Create use cases and rules - Tune and optimize detection use cases - Provide training as needed
- Hourly: $18.00 - $31.00
- Intermediate
- Est. time: More than 6 months, 30+ hrs/week
Overview: We are a growing Managed IT Services Provider (MSP) based in the Pittsburgh, PA area looking for a reliable and sharp Level 1 IT Support Technician to assist with day-to-day support operations. This role is critical to our growth. We need someone who can handle frontline support efficiently, communicate clearly with clients, and escalate issues appropriately. If you are proactive, organized, and take ownership of your work—we want to work with you. ⸻ Responsibilities: • Provide Level 1 remote support for end users (Windows, basic Mac support) • Handle ticket intake, triage, and resolution through our ticketing system • Troubleshoot common issues: • Password resets • Microsoft 365 (Outlook, Teams, OneDrive) • Printer issues • Basic networking (connectivity, WiFi troubleshooting) • Install and configure software applications • Assist with onboarding/offboarding users • Document issues, resolutions, and client environments • Escalate complex issues to Level 2/3 as needed • Follow SOPs and contribute to improving documentation ⸻ Required Skills: • Strong communication skills (clear written and spoken English) • Experience with: • Microsoft 365 Admin Center • Windows 10/11 support • Basic networking (IP, DNS, DHCP fundamentals) • Ability to follow processes and stay organized • Reliable internet connection and availability during business hours ⸻ Preferred (Nice to Have): • MSP experience (this is a big plus) • Familiarity with RMM tools (Datto, Ninja, Kaseya, etc.) • Experience with ticketing systems (Zoho Desk, Jira, etc.) • Basic understanding of cybersecurity best practices • Experience with Apple/Mac environments ⸻ Work Expectations: • Availability during Eastern Time business hours (9 AM – 5 PM) • Daily communication and updates on tickets • Ability to follow defined processes and checklists • Willingness to learn and improve continuously ⸻ How to Apply: Please include: 1. A brief summary of your experience with IT support 2. Your experience working in an MSP (if any) 3. Tools and platforms you’ve used 4. Your availability (hours per day/week) 5. Example of a common issue you’ve resolved and how you handled it ⸻ Important: We are looking for someone long-term. Reliability, communication, and ownership matter more than just technical skill. If you are someone who takes pride in doing things the right way and wants to grow with a company—this is a great opportunity.
- Hourly: $80.00 - $125.00
- Expert
- Est. time: More than 6 months, 30+ hrs/week
Company Overview Regie.ai is an AI-native SaaS platform (Series B) that helps sales teams automate and personalize their outreach. As an engineering-led organization, we prioritize security and compliance as a core pillar of our customer trust and product excellence. Role Summary We are seeking an experienced Fractional CISO to lead our security and compliance strategy. This is a part-time, long-term engagement (approximately 20–40 hours per month). You will own our compliance roadmap, serve as the primary security contact for our enterprise customers, and ensure our infrastructure remains audit-ready. Key Responsibilities • Compliance Leadership (SOC 2 & Beyond): - Oversee and drive the continuous monitoring and annual renewal of our SOC 2 Type II certification. - Maintain and update internal security policies to align with evolving regulatory requirements and industry best practices. • Data Privacy & Legal Support: - Manage DPA (Data Processing Addendum) reviews and related privacy compliance tasks. - Ensure the organization adheres to GDPR, CCPA, and other relevant data protection frameworks. • Sales Enablement & Customer Trust: - Own the completion of Security & Compliance Questionnaires from prospective and current enterprise customers. - Join customer calls as the technical security expert to address high-level concerns regarding our security posture and data handling. • Strategic Security Advisory: - Partner with the Head of Engineering to identify and mitigate infrastructure risks. - Provide guidance on security tooling, threat modeling, and incident response readiness. Qualifications • Experience: 10+ years in information security, with at least 3+ years in a CISO or Head of Security role (ideally within the SaaS/AI space). • Compliance Expert: Proven track record of managing SOC 2 audits from start to finish. • Customer-Facing: Excellent communication skills with the ability to translate complex security concepts for non-technical stakeholders and enterprise legal teams. • Technical Depth: Familiarity with AWS cloud security, MongoDB atlas environments, and modern AI/LLM security considerations.
- Fixed price
- Expert
- Est. budget: $8,000.00
We're a B2B data and identity resolution company operating in the ad tech and marketing data space. Our platform handles consumer identity data at scale — pixel-based visitor identification, audience building, API-delivered intent signals, and integrations with major activation platforms (LiveRamp, The Trade Desk, Meta, Google, Amazon DSP). We process and license data under CCPA/CPRA and related frameworks. We are initiating our SOC 2 Type I journey with a target of Type II readiness. What You'll Do Conduct a gap assessment against SOC 2 Trust Service Criteria (Security required; Availability and Confidentiality likely in scope) Map existing infrastructure and data flows to control requirements — our stack includes ClickHouse, PostgreSQL, cloud infrastructure, and multiple third-party API integrations Build or refine policies and procedures (access control, incident response, change management, vendor management, data classification, etc.) Implement or advise on technical controls — logging, monitoring, encryption, access reviews, vulnerability management Coordinate with engineering to close gaps in our cloud environment Prepare evidence collection workflows and audit-readiness documentation Liaise with our auditor during fieldwork (we may or may not have one selected — input welcome) Track remediation progress and report status to leadership Requirements Demonstrated SOC 2 experience as implementer or compliance engineer — not just auditor-side Hands-on with cloud environments (AWS, GCP, or Azure) and practical control implementation, not just policy writing Familiarity with data companies, SaaS API platforms, or ad tech a strong plus — our data flows are non-trivial Experience working with CCPA, GDPR, or other privacy frameworks alongside SOC 2 preferred (our data touches consumer identity) Proficiency with a compliance platform (Vanta, Drata, Secureframe, or equivalent) preferred Ability to work autonomously with a lean team — no large internal GRC function to hand things off to Nice to Have CISSP, CISA, CCSP, or equivalent cert Prior experience with companies that process third-party licensed data or operate as data brokers/resellers Experience prepping for both Type I and guiding through Type II in subsequent cycle Engagement Details Remote, async-friendly You'll work directly with the founder and technical lead We move fast — looking for someone who can start within 2 weeks Please include in your proposal: (1) your typical SOC 2 engagement approach, (2) estimated timeline to Type I readiness from gap assessment, and (3) representative past engagements (anonymized is fine)
- Fixed price
- Expert
- Est. budget: $200.00
- AWS security group and VPC remediation - Using Vanta to keep track of remediated items for SOC2 compliance audit - Create audit reports and provide strategy to correct security failures per NIST and SOC2 standards.
- Hourly: $30.00 - $41.00
- Intermediate
- Est. time: 1 to 3 months, Not sure
Role Level: IC3 Role Title: Security Administrator II (US Contract) Reports to: Manager of Engineering Services Salary: $41/h Job Description The Security Administrator role supports BEMO managed service customers and internal teams by assisting in the implementation, management, and monitoring of security and compliance solutions across Microsoft 365 and hybrid environments. This role is focused on a security-centric customer base, and we are specifically seeking candidates with experience working in GCC High tenants. In this role, you will also have the opportunity to lead compliance frameworks, including SOC 2, ISO, and CMMC, by maintaining security and compliance requirements across regulated environments. The Security Administrator II IC3 will demonstrate the ability to conduct routine work with specialist and commercial knowledge in the following areas: • Microsoft 365 Security Administration • Azure • GRC Platforms • AI tools • Customer Service • Managed Services • Team Communication • Data Gathering and Analysis At BEMO, the Security Administrator IC3 competencies require: • Understanding of prioritization and time management of tasks • Building effective working relationships within the team and with peers • Demonstrates skill to influence other peers • Conducts complex tasks autonomously • Works on problems of moderate scope and uses multiple known practices and procedures to solve problems with the support of manager and peers • The ability to respond to customers’ security and compliance needs proactively and reactively in the alignment of BEMO’s products and service scope • Clear and open communicator with wider teams and stakeholders • Maintains transactional communication with customers or partners • Builds self-awareness about strengths and areas of development by being open to feedback from your manager and peers. • Consistently seeks to improve technical knowledge in the Microsoft technology and security areas Responsibilities & Primary Goals • Monitoring and Maintenance o Proactively secure Microsoft 365 and Azure environments o Monitor all security systems and provide advice on strategy and implementation for the customer base o Conduct security risk and vulnerability assessments on security package customers o Enforce data governance o Patch and vulnerability-managed life cycle o Implement updates programmatically on different security packages offered by BEMO o Send out customer communications on security improvements and maintenance • Automation and Implementation of Managed Service Solutions o Create and document repeatable processes through automation across our managed service maintenance activities o Manage internal projects, provide technical guidance o Must be comfortable performing multiple initiatives simultaneously in a fast-paced environment o Leverage AI and automation technologies to optimize processes, improve response times, and enhance overall managed service delivery • Cross-Group Collaboration and Support o Support the Customer Success team with customer-specific data for security scores and value realization efforts o Provide T1-T2 Team members support for tickets and issues relevant to managed service customers' security and compliance o Working with the BEMO IT Manager to align security policies and processes o Work collaboratively with delivery engineers, operations team members, customer success managers, support engineers, and our BEMO customers o Manage support queue during designated times • Managed Security o Triage: Working with our SOC team and Microsoft Sentinel, you will help filter the noise to prioritize incidents and alerts that matter to alleviate alert fatigue. o Investigate: Investigate and analyze the most critical incidents, and document progress and findings. You will be analyzing logs within M365 tools and Sentinel. o Respond: Contain and mitigate incidents faster with managed response and proactive remediation. o Prevent: Provide detailed recommendations and best practices to go beyond detection and response to prevent future attacks Requirements • Educational degree or diploma in Computer Science, Engineering, or the equivalent in proven experience • 2 + years of experience administrating, managing, and implementing Microsoft Azure and Microsoft 365 as an implementation, security, or support engineer. • Experience analyzing M365 usage data to identify issues and usage patterns • Strong critical thinking, analysis, and problem-solving skills • Strong competency in core professional skills, especially attention to detail, responsiveness, follow-through, and flexibility, with a high degree of emotional intelligence and tact • Ability to work independently and collaboratively with other internal teams when needed • Proven customer service experience with clear and consistent writing, presentation, and communication skills • Azure Cloud experience Specialized Knowledge or Skills Preferred • A Bachelor of Science or Engineering in Computer Science or a related field preferred • Other Microsoft certifications are preferred (AZ-500, SC-300, SC-400, etc.)
- Hourly: $19.00 - $30.00
- Expert
- Est. time: More than 6 months, Less than 30 hrs/week
Computer Solutions, Inc. is seeking an experienced Senior Help Desk & Network Administrator to join our growing team. This is not an entry-level position. We are looking for a seasoned IT professional with a proven track record of supporting business environments, troubleshooting complex technical issues, and managing network, server, and workstation infrastructure. The ideal candidate will be comfortable handling day-to-day help desk tickets while also providing advanced technical expertise involving networking, Microsoft Windows environments, Active Directory, servers, domains, and workstation deployment. If you have spent years supporting real-world business environments and can demonstrate hands-on experience resolving technical challenges, we want to hear from you. Responsibilities Analyze, troubleshoot, and maintain business network environments Respond to and resolve help desk support tickets Configure, deploy, and support Windows workstations Manage Active Directory environments and domain-joined devices Troubleshoot DNS, DHCP, Group Policy, VPNs, and network connectivity issues Support Windows Server environments Diagnose and resolve hardware, software, and operating system issues Assist with Microsoft 365 administration and troubleshooting Perform remote support for clients across multiple industries Document work performed and maintain accurate ticket records Collaborate with internal team members to resolve escalated issues Participate in infrastructure improvement and optimization projects Required Qualifications Applicants must have a proven history of performing the following tasks in production business environments: Windows Server administration Active Directory management Domain setup, maintenance, and troubleshooting Network troubleshooting and diagnostics Workstation deployment and configuration Microsoft Windows desktop support DNS and DHCP configuration and troubleshooting VPN setup and support Microsoft 365 administration Remote support tools and ticketing systems Technical Skills Required Microsoft Windows 10 and Windows 11 Windows Server Active Directory Group Policy DNS DHCP TCP/IP Networking VPN Technologies Microsoft 365 Network Switches and Firewalls Remote Monitoring and Management (RMM) Platforms Help Desk and Ticketing Systems Preferred Qualifications CompTIA Network+ CompTIA Security+ Microsoft Certifications Experience supporting small and medium-sized business environments Experience with virtualization platforms Experience with cybersecurity best practices What We Are Looking For We are specifically seeking candidates who have a demonstrated history of performing these duties professionally. General familiarity or academic knowledge alone is not sufficient. Applicants should be prepared to discuss actual projects, environments, and technical challenges they have successfully managed. Screening Requirements Employment is contingent upon successful completion of: Criminal Background Check Credit Check Drug Screening Employment Verification Professional Reference Verification Schedule Starts at approximately 30 hours per week Opportunity to transition into a full-time position based on performance and company growth How to Apply Please submit: Current Resume Relevant Certifications Summary of Network, Server, and Active Directory Experience Examples of Business IT Environments You Have Supported Qualified candidates will be invited to participate in a technical interview and practical skills assessment.
- Fixed price
- Intermediate
- Est. budget: $62,543.00
Upwork's Governance, Risk & Compliance (GRC) team is seeking an experienced freelancer with a strong background in AI tool automation to help streamline and enhance our compliance workflows. You will work closely with our GRC team to identify automation opportunities, design and implement AI-driven solutions, and integrate tools that improve efficiency across risk assessments, policy management, audit preparation, and compliance monitoring. Key Responsibilities: Assess existing GRC workflows and identify high-impact automation opportunities Design and implement AI-driven automations using Claude AI to support intelligent document analysis, risk summarization, policy drafting, and compliance Q&A workflows Integrate AI tools with Vanta to enhance compliance monitoring, evidence collection, and control mapping Build automated workflows for risk tracking, audit preparation, and policy lifecycle management Document solutions and provide handoff training to internal GRC team members Required Qualifications: Deep knowledge of GRC principles, practices, and frameworks — including SOC 2, ISO 27001, ISO 27018, ISO 42001, PCI-DSS, and Microsoft SSPA — with the ability to translate compliance requirements into functional automation logic Demonstrated experience building AI and automation workflows, including LLM integration, prompt engineering, and API-based tool development Strong understanding of risk management methodologies, control frameworks, and audit readiness processes Experience operationalizing compliance programs, not just familiarity — you should be comfortable owning GRC workflows end-to-end Proficiency with no-code/low-code automation platforms and/or Python scripting Excellent written and verbal communication skills, with the ability to document technical solutions clearly for compliance audiences Preferred Qualifications: Prior hands-on experience working within a GRC or Information Security team Relevant certifications such as CISA, CRISC, CISSP, or ISO Lead Implementer/Auditor Experience with AI governance frameworks and emerging standards around responsible AI (aligned with ISO 42001) Familiarity with Upwork's platform or similar marketplace environments
- Hourly: $70.00 - $110.00
- Expert
- Est. time: More than 6 months, Less than 30 hrs/week
We need an experienced Tenable VM + ASM engineer to support ongoing vulnerability management for a financial‑sector client. Work includes configuring scans, weekly triage, validating findings, and producing monthly reports. Approx. 25 hours for onboarding, then 10–15 hours/month ongoing. Must have strong hands‑on experience with Tenable.io, credentialed scanning, and vulnerability prioritization (VPR). Preference for freelancers in Canada or U.S. Eastern/Central time zones. Please share your Tenable experience and hourly rate.