You will get Cybersecurity Compliance Audit: GDPR, HIPAA, and ISO 27001 Readiness

4.5

Let a pro handle the details

Buy Cybersecurity & Data Compliance Services services from Donald, priced and ready to go.
4.5

Let a pro handle the details

Buy Cybersecurity & Data Compliance Services services from Donald, priced and ready to go.

Project details

The GRC (Governance, Risk, and Compliance) niche is perfect for your engineering background because it requires the same meticulous attention to detail and structural thinking you used in structural engineering and CAD. This work is highly valued because it protects companies from legal liability and massive fines.
Cybersecurity Expertise
Audit, Risk Assessment, Cybersecurity Awareness
Technology Type
Firewall, IaaS, Computer Network, Data Center, Database, Operating System, SaaS, Web Application, CRM, Email System, ERP, Mobile Device, PaaS
Cybersecurity Regulation
GDPR, ISO, HIPAA, NIST Cybersecurity Framework, SOC 2
What's included
Service Tiers Starter
$500
Standard
$1,800
Advanced
$3,500
Delivery Time 7 days 14 days 28 days
Compliance Plan
-
Gap Analysis
-
Implementation
4.5
5 reviews
60% Complete
20% Complete
20% Complete
1% Complete
(0)
1% Complete
(0)

CH

Colin H.
5.00
Mar 20, 2025
Need Spreadsheet Model Creating in Google Sheets Did a great job, highly recommended +++++

FR

Francis R.
5.00
Dec 7, 2023
Summarize 30,000 Trades for Capital Gain Loss Summary. Large Input Context AI model access needed

PM

Peter M.
4.30
Aug 17, 2023
Seeking Full Stack Dev for Growing Startup Donald's communication was probably the best I've yet experienced here on upwork and I've worked with a lot of people! Thanks Donald and looking forward to some future work together as discussed.

SR

Salvika R.
3.00
Jun 26, 2023
Changes

SR

Salvika R.
5.00
Jun 21, 2023
simple project
Donald S.Status: Offline

About Donald

Donald S.Status: Offline
Cybersecurity Engineer | Red Team Operations | AI Integration Expert
4.5  (5 reviews)
Nairobi, Kenya - 4:58 pm local time
I am a trained engineer transitioning into offensive security, bringing a meticulous, structural approach to identifying and fixing vulnerabilities. My expertise lies at the intersection of Red Team Operations, Active Directory security, and AI-driven automation, helping organizations secure their "crown jewels" while optimizing their workflows.
With a deep background in structural engineering and CAD, I treat network infrastructure like a blueprint, analyzing every connection for potential failure points. I specialize in simulating real-world adversary behavior to test defenses against lateral movement, privilege escalation, and prompt injection in AI models.
Core Competencies:
Offensive Security: Internal Network Penetration Testing, Active Directory exploitation (Kerberoasting, BloodHound analysis), and Red Team simulations.
Defensive Engineering: Custom Sysmon configuration for advanced threat detection and EDR hardening.
AI & Automation: Local LLM deployment (Ollama/Gemma 4), AI workflow integration, and securing RAG pipelines against adversarial attacks.

Compliance & GRC: Mapping technical controls to GDPR, HIPAA, and ISO 27001 standards.

Key Projects & Accomplishments:
Lead Developer, Sysmon Home Defense: Created an optimized GitHub project for real-time monitoring of DNS tunneling and lateral movement.

AI Benchmarking: Engineered local AI environments on high-performance GPU clusters to optimize small-scale language models.

Structural Background: Former expertise in Autodesk Fusion 360 and complex infrastructure design, providing a unique perspective on system architecture.

Why Work With Me?
I don’t just find "holes"; I build bridges to fix them. Whether you need a full-scale AD audit, a custom trading bot, or an AI-secured infrastructure, I deliver professional technical reports and actionable remediation plans that satisfy both technical teams and executive stakeholders.

Steps for completing your project

After purchasing the project, send requirements so Donald can start the project.

Delivery time starts when Donald receives requirements from you.

Donald works on your project following the steps below.

Revisions may occur after the delivery date.

Framework Selection

We identify the specific regulations (GDPR, HIPAA, or the new 2026 standards) applicable to your industry.

Technical Gap Analysis

I review your existing infrastructure (including Active Directory and Cloud setups) to see where they fail to meet compliance bars.

Review the work, release payment, and leave feedback to Donald.