- Hourly: $57.00 - $77.00
- Expert
- Est. time: More than 6 months, 30+ hrs/week
Location: Massachusetts (Hybrid/Remote with Onsite Support as Needed) Employment Type: Full-Time Clearance/Background Requirements: Ability to pass state and federal background investigations About the Opportunity We are seeking a highly skilled and experienced Senior Splunk Engineer to support large-scale security operations, observability, and data analytics initiatives for government and enterprise environments, including critical support for the Commonwealth of Massachusetts Executive Office of Technology Services and Security (EOTSS). This role requires a hands-on technical expert capable of architecting, deploying, optimizing, troubleshooting, and maintaining complex Splunk environments supporting cybersecurity operations, compliance initiatives, incident response activities, and enterprise IT monitoring. The ideal candidate combines deep Splunk expertise with strong infrastructure, cloud, security, and automation skills and can operate effectively within highly regulated environments. Key Responsibilities Splunk Architecture & Administration • Design, deploy, configure, and maintain enterprise Splunk environments. • Manage Splunk Enterprise and Splunk Cloud deployments. • Administer Indexers, Search Heads, Deployment Servers, Heavy Forwarders, Universal Forwarders, and Cluster Managers. • Design and optimize data ingestion pipelines across diverse data sources. • Implement and maintain Splunk clustering and high-availability architectures. • Perform capacity planning and infrastructure optimization. Security Operations Support • Support Security Operations Center (SOC) initiatives. • Develop and maintain SIEM use cases, correlation searches, alerts, and dashboards. • Create and tune Splunk Enterprise Security (ES) content. • Assist with threat hunting and incident investigations. • Support MITRE ATT&CK mapping and threat detection engineering. • Analyze security events and provide actionable recommendations. EOTSS & Government Support • Assist with onboarding state agencies and municipalities into centralized Splunk platforms. • Support compliance initiatives including CJIS, IRS Publication 1075, HIPAA, NIST, and other regulatory frameworks. • Participate in major incident response activities. • Collaborate with agency stakeholders, security teams, and executive leadership. • Develop operational runbooks and technical documentation. Data Engineering & Integration • Integrate logs and telemetry from: o Microsoft 365 o Azure o AWS o Google Cloud o Windows Server o Linux o Network Infrastructure o Firewalls o Endpoint Security Platforms o Identity Providers o SaaS Applications • Develop custom parsers, field extractions, transforms, and CIM mappings. • Support Splunk Data Models and accelerated searches. Automation & Optimization • Develop automation using: o Python o PowerShell o REST APIs o SOAR platforms • Improve operational efficiency through workflow automation. • Optimize search performance and reduce infrastructure costs. • Implement monitoring and health-check frameworks. Required Qualifications Technical Experience • 5+ years of hands-on Splunk engineering experience. • 3+ years supporting enterprise-scale Splunk deployments exceeding 500GB/day ingestion. • Strong experience with: o Splunk Enterprise o Splunk Enterprise Security (ES) o Splunk Cloud o Splunk ITSI (preferred) o Splunk SOAR (preferred) Infrastructure Knowledge • Windows Server Administration • Linux Administration • Active Directory • Microsoft Azure • AWS • Virtualization Platforms • Networking fundamentals • DNS, DHCP, PKI, VPN technologies Security Knowledge • SIEM Operations • Threat Detection Engineering • Incident Response • Vulnerability Management • Security Frameworks: o NIST o CIS o CJIS o HIPAA o IRS 1075 o CMMC (preferred) Scripting & Development • Python • PowerShell • Regex • JSON • XML • REST APIs • Git Preferred Certifications Splunk Certifications • Splunk Certified Architect • Splunk Certified Admin • Splunk Enterprise Security Certified Admin Security Certifications • CISSP • GIAC Certifications • GCIH • GCIA • Security+ • CySA+ Cloud Certifications • Microsoft Azure Administrator • Azure Security Engineer • AWS Solutions Architect Desired Experience Candidates with experience supporting any of the following will receive special consideration: • State Government • EOTSS • Massachusetts Municipalities • Public Safety Agencies • Law Enforcement • Emergency Management • Healthcare • Critical Infrastructure • Managed Security Service Providers (MSSP) • Security Operations Centers (SOC) Personal Characteristics • Strong troubleshooting skills • Excellent communication abilities • Ability to interact with executive leadership • Strong documentation practices • Self-starter capable of working independently • Team-oriented mindset • Ability to remain calm during high-pressure incidents • Passion for cybersecurity and operational excellence What Success Looks Like Within the first 12 months, this individual will: • Improve Splunk search performance and platform stability. • Assist in onboarding additional agencies and data sources. • Enhance threat detection coverage. • Reduce alert fatigue through optimization. • Strengthen compliance reporting capabilities. • Become a trusted technical advisor for EOTSS stakeholders and leadership. Bonus Qualifications • Previous EOTSS experience. • Existing Commonwealth of Massachusetts relationships. • Experience supporting large Splunk deployments exceeding 1TB/day ingest. • Experience with cybersecurity consulting or MSSP environments. For EOTSS specifically, I would strongly recommend targeting candidates with Splunk Architect, Splunk ES, Microsoft Sentinel, and Massachusetts state government experience, because the technical challenges tend to be as much about stakeholder management, compliance, and onboarding agencies as they are about Splunk administration itself. A former EOTSS contractor or someone from Optiv, Deloitte, Accenture, TekStream, or a large MSSP would likely hit the ground running.
- Hourly: $100.00 - $100.00
- Expert
- Est. time: Less than 1 month, Less than 30 hrs/week
We are seeking an expert, hands-on Corporate Trainer to deliver a highly interactive, advanced online training course on Open Source Intelligence (OSINT). The curriculum closely follows an advanced framework designed to take security professionals, analysts, and investigators to the next level of public data harvesting, analysis, and threat intelligence. This is a remote, online, live instructor-led engagement. The ideal candidate isn't just an academic; you are a practitioner who knows how to navigate real-world investigative constraints, maintain strict operational security (OPSEC), and teach others how to transform raw big data into highly actionable intelligence reports. Key Responsibilities: Deliver 21 hours of live, interactive online training (split across logical multi-day sessions). Facilitate hands-on lab exercises, guiding participants through tool configuration, data mining, and live simulations. Clearly explain the balance between technical execution and the strategic "Intelligence Cycle" framework. Core Modules to Cover: Environment Setup & OPSEC: Configuring advanced toolkits, obfuscating activities, using proxies, and protecting identity while researching third parties. Deep Data Mining: Legitimate scraping practices, big data analysis, and securely/safely mining the Dark Web. AI Integration: Utilizing artificial intelligence tools for predictive analysis, facial recognition, and sentiment analysis. Targeting & Profiling: Advanced strategies for mapping out corporate structures/hierarchies, investigating individuals, and tracking consequential actors (threat assessment/criminal profiling). Financial Investigations: OSINT techniques for tracking money, black markets, credit card transactions, and cryptocurrency ledger tracking. Required Qualifications & Experience: Proven Training Experience: Must have a strong track record of delivering technical training to professional corporate, law enforcement, or cybersecurity audiences. Deep Technical Domain Expertise: Exhaustive familiarity with modern OSINT toolkits, advanced scraping methodologies, crypto-tracking tools, and Dark Web navigation. Engaging Delivery Style: Ability to avoid "death by PowerPoint." We require someone who leads via interactive discussions, live-lab troubleshooting, and highly practical exercises. Professionalism: High standards for corporate compliance, ethical data boundaries, and clear communication. Course Format: Type: Live, instructor-led online training. Duration: 21 total hours of instructional time. Audience: Security analysts, corporate researchers, and investigators.
- Hourly: $5.00 - $10.00
- Intermediate
- Est. time: 1 to 3 months, Less than 30 hrs/week
I’m looking for an AI Engineer to help build an automated red-teaming product based on open-source models. This is a short-term, hands-on project for around 2 months, with an expected commitment of about 20 hours per week. The goal is to build a specialized red-teaming engine that can generate adversarial prompts across different risk domains, severity levels, and attack strategies — then automatically run those prompts against target AI models to identify bad cases, failure patterns, and safety gaps. 🔍 What you’ll work on Build red-teaming systems on top of open-source LLMs, including fine-tuning, prompt optimization, evaluation pipelines, and model orchestration. Design automated prompt generation workflows across risk domains such as self-harm, hate, violence, sexual safety, misinformation, fraud, cyber, and other high-risk areas. Generate prompts across different harm levels, from benign edge cases to policy-borderline and clearly unsafe scenarios, while maintaining structured taxonomies and evaluation criteria. Run automated tests against target models such as Gemma, Llama, Qwen, or other open-source / closed-source models to surface jailbreak patterns, over-refusal, under-refusal, and policy inconsistencies. Build feedback loops that turn model failures into stronger red-team prompts, improved eval sets, remediation recommendations, and continuous safety testing. 🧠 What I’m looking for Hands-on experience with open-source LLMs, fine-tuning, LoRA / QLoRA, RAG, model evaluation, and LLM inference pipelines. Familiarity with AI safety, red teaming, adversarial prompting, jailbreaks, safety evals, or trust & safety systems. Ability to build end-to-end systems, including data pipelines, model serving, eval harnesses, scoring, dashboards, and automation workflows. Bonus if you’ve worked on model safety, content moderation, policy evaluation, agentic testing, or automated eval infrastructure. ⏳ Project setup Duration: around 2 months Time commitment: about 20 hours per week Format: flexible / remote-friendly Stage: early-stage build, from 0 to 1 🚀 Why this is interesting This is not about manually writing red-team prompts one by one. The goal is to build a scalable system that can continuously generate, test, categorize, and learn from model failures — helping teams understand where AI models break, why they break, and how to improve them. If you enjoy working with open-source models, AI safety, red teaming, and fast 0-to-1 product building, I’d love to chat. Feel free to DM me if this sounds like you, or if you know someone who might be a good fit.
- Fixed price
- Intermediate
- Est. budget: $62,543.00
Upwork's Governance, Risk & Compliance (GRC) team is seeking an experienced freelancer with a strong background in AI tool automation to help streamline and enhance our compliance workflows. You will work closely with our GRC team to identify automation opportunities, design and implement AI-driven solutions, and integrate tools that improve efficiency across risk assessments, policy management, audit preparation, and compliance monitoring. Key Responsibilities: Assess existing GRC workflows and identify high-impact automation opportunities Design and implement AI-driven automations using Claude AI to support intelligent document analysis, risk summarization, policy drafting, and compliance Q&A workflows Integrate AI tools with Vanta to enhance compliance monitoring, evidence collection, and control mapping Build automated workflows for risk tracking, audit preparation, and policy lifecycle management Document solutions and provide handoff training to internal GRC team members Required Qualifications: Deep knowledge of GRC principles, practices, and frameworks — including SOC 2, ISO 27001, ISO 27018, ISO 42001, PCI-DSS, and Microsoft SSPA — with the ability to translate compliance requirements into functional automation logic Demonstrated experience building AI and automation workflows, including LLM integration, prompt engineering, and API-based tool development Strong understanding of risk management methodologies, control frameworks, and audit readiness processes Experience operationalizing compliance programs, not just familiarity — you should be comfortable owning GRC workflows end-to-end Proficiency with no-code/low-code automation platforms and/or Python scripting Excellent written and verbal communication skills, with the ability to document technical solutions clearly for compliance audiences Preferred Qualifications: Prior hands-on experience working within a GRC or Information Security team Relevant certifications such as CISA, CRISC, CISSP, or ISO Lead Implementer/Auditor Experience with AI governance frameworks and emerging standards around responsible AI (aligned with ISO 42001) Familiarity with Upwork's platform or similar marketplace environments
- Hourly: $50.00 - $150.00
- Expert
- Est. time: 1 to 3 months, Less than 30 hrs/week
I want to build a private multi-model RAG-based Opportunity Intelligence Agent. It should support document ingestion, opportunity-specific workspaces, vector search, source citations, multi-model routing across OpenAI, Claude, Perplexity, and possibly DeepSeek, and generate strategic recommendations from both uploaded files and live web research. This is intended to become a reusable base agent capable of knowledge retrieval, web research, multi-model orchestration, document analysis, citation generation, and agent clonding and configuration. It will be used for analyzing & strategy development for project opportunities, responding to RFPs, and proposal assistance, as well as other applications.