Talent badge filter
Skills filter
$20/hr
94% Job Success
$10K+ earned
Offers consultations
Start of list.
End of list.
Cybersecurity Consultant | ISO 27001 Lead Implementer | GRC, SOC & Penetration Testing | System Administrator | Networking I help startups, SaaS companies, and enterprises secure their systems, achieve ISO 27001 compliance, and reduce cyber risk through practical, audit-ready security controls. With 10+ years of hands-on experience, I specialize in GRC, SOC operations, vulnerability assessment & penetration testing (VAPT), digital forensics, networking, and system administration. I focus on clear documentation, measurable risk reduction, and real-world security implementation — not generic checklists. Key Skills & Strengths --ISO 27001 / ISMS implementation & audit readiness --Risk assessment, gap analysis & control mapping --SOC operations, SIEM (Splunk, IBM QRadar, Wazuh) --Web & network penetration testing (OWASP) --Digital forensics & incident investigation --Network & system administration (Domain Server, endpoint security) --Security policies, procedures & technical documentation Experience & Accomplishments --Delivered ISO 27001 implementation and GRC support for SaaS, payment services, and regulated organizations --Designed SOC processes and SIEM monitoring for enterprise environments --Conducted penetration testing with clear, actionable remediation reports --Authored security policies, audit documents, technical reports, and whitepapers --Supported compliance, vendor risk, and executive-level security reporting Education & Certifications ----MS in Computer Engineering ----ISO 27001 Lead Implementer (PECB) ----Background in ethical hacking, SOC operations & compliance consulting 📩 If you need a cybersecurity professional who combines technical expertise with compliance and clear communication, let’s connect.
Kainat M. has worked .
Elastos C.
$50/hr
100% Job Success
$30K+ earned
Available now
Offers consultations
Start of list.
End of list.
Elastos Chimwanda is a Virtual CISO (vCISO), Enterprise Security Architect & Cybersecurity, Cloud Security and AI Security Advisor, helping enterprises navigate AI adoption, cloud transformation, and compliance within unified, scalable security and governance architectures. By integrating governance, risk, compliance, and operational security, he enables enterprises to reduce complexity, accelerate audit readiness, and build resilience. He specialises in designing and operationalising integrated security and IT transformation programs across: • vCISO Advisory: Board-level risk reporting, security strategy, policy development, and roadmap execution. • Enterprise Security Architecture: Security architecture design aligned to enterprise frameworks, control rationalization, and modern security transformation. • Cloud Security Architecture: AWS, Azure, GCP, hybrid, and cloud-native security design and governance. • Security & Compliance Transformation: ISO/IEC 27001, SOC 2, NIST CSF, CMMC, HIPAA, PCI DSS. • AI Governance & Security: EU AI Act, NIST AI RMF, and ISO/IEC 42001 alignment. Backed by an MBA and globally recognized credentials including CISSP, CCSP, CCSK, CISA, ITIL and ISO 31000 Lead Risk Manager, he combines executive leadership, enterprise architecture thinking, and risk-based cybersecurity expertise to help enterprises securely scale digital transformation.
Elastos C. has worked .
$50/hr
100% Job Success
$10K+ earned
Start of list.
End of list.
Hi, I am a Cyber Security Expert and Information Technology professional with 18 years of experience in Cyber Security, Information Technology, Website Design & Development, and Graphic Design. I hold an MS in Cyber Security from Scotland, UK, and an MSc in Information Technology. I am a CISM (Certified Information Security Manager) certified by ISACA, USA. I have strong expertise in managing Cyber Security and Information Security standards. I develop policies and procedures in accordance with the latest cyber security standards. I provide services for ISO/IEC 27001 ISMS and the NIST Cybersecurity Framework. I specialize in Vulnerability Assessment and Penetration Testing (VAPT). I conduct authorized website security scanning with owner consent. I prepare detailed penetration testing reports based on CVSS. I advise clients on vulnerability mitigation and risk reduction. I am available for Cyber Security Consultancy Services. Team Members: My wife, an MSc in Computer Science graduate, is an expert Website Designer and Developer. She also specializes in MS Word, Excel, PowerPoint, content writing, and creates training videos for HTML, C, C++, Python, and more. My brother is an experienced Network Support Engineer with expertise in LAN, VLAN, routing protocols, switching, and Linux. Yours sincerely, Noor Mustafa Awan Calgary, Alberta, Canada
Noor M. has worked .
Khurram S.
$10/hr
100% Job Success
$20K+ earned
Offers consultations
Start of list.
End of list.
As a Cyber Security Analyst, Research Analyst and Technical Writer, Penetration Tester, SIEM/SOC Engineer, and Information Security Specialist, I represent a range of expertise in the cybersecurity sector, safeguarding organizations against intricate digital threats and ensuring the integrity, confidentiality, and availability of critical data. My career is dedicated to developing cybersecurity strategies that align seamlessly with corporate objectives, enhancing robust strategic planning, thorough risk assessments, and implementing detailed security policies and compliance frameworks. My extensive knowledge spans GDPR, HIPAA, NIST, and ISO 27001 standards, reflecting advanced capabilities in threat detection, incident response, and network and IT infrastructure protection. Certifications and Professional Acumen: My professional stature is backed by prestigious knowledge based certifications experience acquired during my bachelors such as CISSP, CISM, and CEH. With Google certifications and ISO/IEC 27001 Information Security Associate™ certifications acquired, marking me as a vanguard in the field of cybersecurity. Core Competencies for Enhanced Digital Presence: • Cybersecurity Strategy and Digital Risk Management: Renowned for formulating cybersecurity strategies intricately linked to business goals, I excel in performing exhaustive risk assessments, and vulnerability analyses, and leveraging threat intelligence for top-tier risk mitigation solutions. My strategic approach addresses immediate security challenges and forecasts potential future threats to keep businesses resilient against all odds. • Security Policy, Standards, and Compliance Mastery: With a solid track record in crafting and enforcing security policies and standards, my expertise in adhering to GDPR, HIPAA, NIST, and ISO 27001 compliance is exceptional. I guide organizations through stringent audits and security validations, surpassing industry standards. • Advanced Threat Detection and Incident Response: I specialize in advanced threat detection techniques and SIEM technology, designing sophisticated incident response strategies. My meticulous documentation and communication of breaches facilitate a cohesive response to cybersecurity incidents, enhancing organizational preparedness. • Network and Infrastructure Security Expertise: As a seasoned Network Security expert and adept Pentester, my proficiency in managing firewalls, IDS/IPS systems, and conducting penetration tests fortifies organizational defenses against cyber threats. • Comprehensive Security Technologies Utilization: Skilled in deploying a wide array of security tools, from antivirus solutions and endpoint protection to encryption technologies and multi-factor authentication systems, I bolster organizational security measures and champion essential security practices. • Dedication to Continuous Monitoring and Cybersecurity Evolution: Committed to ongoing security monitoring and keeping pace with emerging trends and threats, I ensure that all stakeholders remain well-informed and equipped to proactively tackle new challenges. In the contemporary digital ecosystem, a robust cybersecurity posture is indispensable. Partnering with my expertise enables organizations to establish a formidable defense system that not only secures their digital assets but also solidifies their reputation as leaders in cybersecurity resilience. Elevate your cybersecurity stance with a visionary adept at navigating the complexities of digital security and ensuring the safeguarding of your organization’s future.
Khurram S. has worked .
Scott A.
$75/hr
100% Job Success
$300K+ earned
Available now
Start of list.
End of list.
vCISO, AI-Cyber specialist, and technical writer helping organizations manage AI risk and complete audits for CMMC Level 2 (NIST 800-171), SOC 2, HIPAA, NIST 800-53, and NIST AI RMF. I deliver audit-ready security architecture across AWS and Azure, practical SSP/POA&M execution, compliance automation in Drata, Vanta, and Sprinto, plus security operations visibility using Microsoft Sentinel (SIEM). I support organizations in banking and financial services, healthcare, SaaS, defense-related environments, and energy/utilities, aligning security and compliance programs to regulatory, contractual, and operational requirements. I am especially effective when engagements require both strategic leadership and detailed execution across people, process, and technology. What clients hire me for: AI Risk and AI Compliance: NIST AI RMF adoption, AI use-case inventories, AI risk assessments, control mapping, AI policy development, vendor governance, and alignment to ISO/IEC 42001 CMMC / NIST 800-171: readiness assessments, SSP/SAR/POA&M, remediation roadmaps, mock assessments, and implementation support SOC 2 (Type I/II): gap assessments, control design, evidence strategy, audit support, and continuous compliance operations HIPAA: risk analysis, safeguard mapping, policy development, vendor security documentation, and audit preparation NIST 800-53: baseline alignment, control tailoring, implementation guidance, and governance operating models Banking / Financial Services: security and compliance programs aligned to FFIEC expectations and GLBA safeguards requirements Energy / Utilities: security governance, risk management, and control support for resilience-focused environments Enterprise Security Architecture: security program architecture, control architecture, reference designs, threat modeling, and secure enterprise patterns AWS and Azure Security Architecture: cloud security posture, IAM design, network segmentation, logging and monitoring strategy, encryption and KMS, platform hardening, and audit-ready evidence models Microsoft Sentinel: SIEM architecture, log integration strategy, detection and monitoring support, incident visibility, and security operations alignment in Azure and hybrid environments Platforms and tooling: I work with compliance and audit-readiness platforms including Drata, Vanta, Sprinto, Secureframe, and Scrut for control mapping, evidence collection, remediation tracking, and ongoing compliance workflows. I also support security operations visibility using Microsoft Sentinel where monitoring and audit evidence need to align. How I engage: vCISO advisory: security leadership, compliance strategy, risk management, executive reporting, incident readiness, and continuous oversight Project-based engagements: targeted assessments, audit readiness projects, control implementation, security architecture initiatives, and documentation packages including SSPs, policies, standards, and procedures I also bring a strong background in technical writing and technical editing, which means clients receive deliverables that are accurate, clear, organized, and audit-ready. If you need a consultant who can help you manage AI risk, improve audit readiness, strengthen security architecture, and deliver documentation that supports compliance outcomes, I can help.
Scott A. has worked .
$25/hr
72% Job Success
$30K+ earned
Start of list.
End of list.
With years of experience in Information Security & Compliance, I specialize in Cyber Security, System Security, and secure infrastructure development. My expertise spans cyber investigations, penetration testing, forensic investigations, deep search, and systems and network administration. I possess strong skills in GNU/Linux and Windows administration, enabling effective management and hardening of information security systems. I have in-depth knowledge of penetration testing methodologies, forensic techniques, secure server configurations, and strategic security planning. I support online businesses in protecting their systems from cyberattacks, ensuring operational continuity and revenue security. My services cover: Web application security API security Network infrastructure security Cloud infrastructure security Information security auditing Automated and manual Vulnerability Assessment and Penetration Testing (VA/PT) Compliance Expertise: OWASP Top 10 vulnerabilities HIPAA compliance ISO 27001 compliance Network and Cloud Security Services: DDoS prevention Web and network firewall configuration AWS security and Cloudflare integration Proxy server configuration Linux server hardening and issue resolution Source Code Security: Vulnerability assessments using Snyk, SonarQube Enterprise, Synopsys Coverity/Seeker CMS Security & Recovery: WordPress, Magento, Joomla hardening Malware removal and hacked website recovery Additional Expertise: Digital forensics and log analysis (Android, iOS, Windows, Linux, macOS) IoT security and penetration testing Ransomware removal Malware and virus removal Mobile Device Management (MDM) SIEM integration Cybersecurity training IT consultancy and security audits My goal is to ensure robust security, compliance, and business continuity for all clients. Let’s work together to strengthen your cyber defenses and protect your critical infrastructure.
Asim S. has worked .
Cytas
Associated with
Cytas
$40K+
earned
Bhakti V.
$30/hr
100% Job Success
$300K+ earned
Start of list.
End of list.
I’m a Computer Engineer by degree and a writer by passion, and I've tackled everything from whitepapers and blogs to academic theses and business proposals. If it needs to be written (especially on cybersecurity), I’m your go-to! I’m all about staying organized, diving deep into research, and hitting deadlines like they’re going out of style. Expect your projects done with time to spare—giving you plenty of room for feedback. I take real pride in delivering polished, top-quality work. Let’s get things done!
Bhakti V. has worked .
Muhammad Ali I.
$85/hr
90% Job Success
$60K+ earned
Available now
Offers consultations
Start of list.
End of list.
𝐘𝐨𝐮 𝐟𝐨𝐜𝐮𝐬 𝐨𝐧 𝐲𝐨𝐮𝐫 𝐆𝐑𝐎𝐖𝐓𝐇 & let me take all the compliance pain away from you. Compliant companies have 𝟑𝟎-𝟓𝟎% more chance of 𝐖𝐈𝐍𝐍𝐈𝐍𝐆 𝐁𝐈𝐆 𝐜𝐨𝐧𝐭𝐫𝐚𝐜𝐭𝐬 from clients like Microsoft, Google, Uber, Amazon, Uber and Government. Secure your company with SOC2, ISO 27001, CMMC, GDPR, HIPAA/ HITRUST. Take your AI innovation to the world by complying with ISO 42001, EU AI Act and NIST AI RMF. 👌 Just ping me on Upwork, share your challenge, and within a 15-minute scoping call I’ll deliver a crystal-clear Scope of Work with tailored pricing—so you know exactly what you’ll get, how fast, and at what cost 𝐈 𝟏𝟎𝟎% 𝐆𝐮𝐚𝐫𝐚𝐧𝐭𝐞𝐞 𝐲𝐨𝐮𝐫 𝐜𝐞𝐫𝐭𝐢𝐟𝐢𝐜𝐚𝐭𝐢𝐨𝐧 – 𝐨𝐭𝐡𝐞𝐫𝐰𝐢𝐬𝐞 𝟏𝟎𝟎% 𝐦𝐨𝐧𝐞𝐲 𝐫𝐞𝐭𝐮𝐫𝐧𝐞𝐝! CEO selling to US-Government: “Ali got us through ISO 9001 and 27001 audits successfully. CISO selling to Accenture: “Muhammad is an expert for complex compliance requirements” CEO selling to EU clients: “He, is an absolute asset to any team." CEO selling to Microsoft & Google: “Muhammad did a terrific job for us on a very short timeline” I completely understand the B2B selling requires compliance certification 𝐀𝐬 𝐅𝐨𝐮𝐧𝐝𝐞𝐫 𝐨𝐟 𝐊𝐢𝐧𝐯𝐞𝐫𝐠.𝐜𝐨𝐦 𝐚𝐧𝐝 𝐂𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞𝐌𝐚𝐜𝐡𝐢𝐧𝐞.𝐚𝐢 (𝐚 𝐜𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 𝐚𝐮𝐭𝐨𝐦𝐚𝐭𝐢𝐨𝐧 𝐬𝐨𝐥𝐮𝐭𝐢𝐨𝐧). Also, working with startups & SaaS is exciting for me due to my deep understanding of their unique challenging environment. I hold CISA, PMP, ISO27001 LI & LA, CMMI ATM, CMMC RP (In Progress), ITIL along with 𝟑𝟎𝟎+ 𝐜𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 𝐩𝐫𝐨𝐣𝐞𝐜𝐭𝐬 with over 𝟏𝟔 𝐲𝐞𝐚𝐫𝐬 of diverse experience. 👌 Don't Forget to ping me on Upwork, share your challenge, and within a 15-minute scoping call I’ll deliver a crystal-clear Scope of Work with tailored pricing—so you know exactly what you’ll get, how fast, and at what cost 𝐂𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 𝐚𝐮𝐭𝐨𝐦𝐚𝐭𝐢𝐨𝐧 𝐭𝐨𝐨𝐥𝐬 Drata, Vanta, SecureFrame, Compliance Machine 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐪𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐧𝐚𝐢𝐫𝐞 𝐚𝐧𝐝 𝐯𝐞𝐧𝐝𝐨𝐫 𝐚𝐬𝐬𝐞𝐬𝐬𝐦𝐞𝐧𝐭 𝐭𝐨𝐨𝐥𝐬 CyberGRX, Panorays, KY3P (S&P, PWC), RSM, CyberVadis, SIG, SIG Lite, CAIQ, VAS, HECVAT, OneTrust, Graphite Connect, Centrl, Whistic, Process Unity 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲/𝐂𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 𝐟𝐫𝐚𝐦𝐞𝐰𝐨𝐫𝐤𝐬: ISO 27001, SOC 2, FedRAMP, NIST 800-53, NIST 800-171, NIST CSF, TISAX, HIPAA, HITRUST CSF, GDPR, NERC, ISO 27017, ISO 27018, CMMC, CMMI, TX-RAMP, StateRAMP, AZ-RAMP, NY DFS 23 / NYCRR Part 500, PCI-DSS, FFIEC, C5, ENISA, Center of Information Security (CIS) CSAT, IRAP, PIPEDA, ISO 42001, NIST AI RMF, EU AI Act
Muhammad Ali I. has worked .
Kinverg
Associated with
Kinverg
Collins M.
$50/hr
100% Job Success
$100K+ earned
Available now
Start of list.
End of list.
I help security vendors, MSSPs, SaaS teams, NGOs, and enterprise security teams strengthen their cybersecurity operations through practical security engineering, SIEM/logging expertise, incident response support, and clear technical documentation. I am a Cybersecurity Engineer and Technical Writer with 9+ years of hands-on experience across security operations, threat detection, incident response, vulnerability assessment, system hardening, compliance documentation, and cybersecurity product documentation. My background is not generic content writing. I have worked directly with SIEM, XDR, DLP, WAF, endpoint security, Linux systems, cloud platforms, vulnerability scanners, and security monitoring tools. I also have professional experience writing technical cybersecurity documentation for enterprise users, product teams, and security operations teams. I can help you with: * SIEM, logging, and security operations documentation * Incident response plans, SOC playbooks, and security runbooks * Vulnerability assessment reports and remediation guidance * Cybersecurity policies, procedures, compliance reports, and audit documentation * Security product documentation, integration guides, and troubleshooting guides * Cybersecurity blog articles, white papers, and technical explainers * Security awareness content and training materials * Device security, endpoint hardening, and operational security guidance * Risk assessments, security audits, and control gap analysis Tools and technologies I have worked with include Splunk, IBM QRadar, ELK Stack, Wazuh, Microsoft Sentinel, Chronicle, NXLog, Datadog, Prometheus, Zeek, Snort, Suricata, OSSEC, OpenVAS, Tenable Security Center, ModSecurity, WPScan, GitLab, MkDocs, Linux, Windows Server, AWS, Azure, and GCP. Security frameworks and standards I work with include ISO 27001, PCI-DSS, GDPR, NIST, SOC 2, CIS Controls, OWASP Top 10, and MITRE ATT&CK. Selected experience: * Conducted 50+ cybersecurity assessments on devices used by at-risk civil society groups. * Developed and delivered device security training to 100+ staff. * Authored 60+ cybersecurity product and integration documents for enterprise users. * Configured log collection and SIEM integrations with Splunk, ELK Stack, and IBM QRadar. * Deployed and configured SIEM, XDR, DLP, and WAF tools for telecom, finance, and public sector clients. * Led incident response for 30+ critical cyber threats. * Optimized 100+ SIEM detection rules to improve alert quality and reduce false positives. * Conducted 35+ vulnerability assessments and penetration tests. * Produced ISO 27001 and PCI-DSS compliance reports. * Led a managed security services project for a major telecom environment. Why clients work with me: * I understand cybersecurity from the engineering side, not just the writing side. * I can communicate clearly with executives, engineers, compliance teams, and end users. * I can turn messy technical information into structured, useful documentation. * I can help security teams reduce confusion, improve response workflows, and document security operations properly. * I am comfortable working remotely with international teams and long-term clients. If you need someone who can understand the technical details, ask the right security questions, and produce clear, practical deliverables, I can help.
Collins M. has worked .
Susan M.
$115/hr
100% Job Success
Available now
Offers consultations
Start of list.
End of list.
I'm an Upwork Expert Vetted freelancer placing me in this platform's top 1% of freelancers. I am also a subject matter expert (SME) in digital identity management and cybersecurity. All of my writing is my own, I do not use GenAI to create content. I deliver domain expertise on complex technology subjects, creating knowledge-led, evidence-based, engaging, and readable tech content that interests readers. My content is rich, while meeting the requirements for robust SEO and GEO. I have created content for many startups to develop their website and position them with a recognized domain presence. As one of the most influential women in technology in the UK in 2020, 2021, 2022, 2023, and 2024 (Computer Weekly), I have the background to understand your products quickly. I use this knowledge to create a domain expert voice for C-level and management. My key areas of focus are cybersecurity, authentication and authorization, online identity, data privacy, security awareness training, and regulatory compliance. I regularly write on topics that impact the financial sector, such as money laundering, fraud, identity, KYC/CDD, AML, open banking, and financial regulations. Areas covered include emerging technologies and regulatory compliance, such as HIPAA, GDPR, ISO 27001, and PSD2 / PSD3. I have columns in CSOOnline and CyberNews. I am also published in IoTforAll, Electronics 360, and Information Age. My versatility comes from having spent much time in start-up companies and being responsible for creating sales, marketing, and technical collateral that helped sell products to international clients. I have worked in the software industry for over 20 years. Before that, I taught science and worked in industry as a chemist. The content that I create includes the following: * Articles and blog posts, * White papers, * Market analysis and research, * Case studies and, * Short ebooks. Audience engagement and readability are vital skills for a writer. I take technically complex subjects and make them digestible for a business audience: I am an alumnus of the "Story for Screenwriting" course by the John Yorke Story Institute.
Susan M. has worked .