You will get ISO-27001 standard assessment and recomendations
Top Rated

Project details
The standards and controls of ISO-27001 were developed by the members or authorities of ISO and IEC (the International Electrochemical Commission). The recent revision of these controls has made in the year 2022.
Challenges:
šÆ Addressing various security risks in compliance with the international standard.
šÆ Ensuring thorough internal audits and management reviews to meet ISO/IEC 27001 requirements.
šÆ Integrating a comprehensive security policy and risk management process within the organization.
Solutions:
ā Engaging a reputable certification body for ISO/IEC 27001 certification and regular audits.
ā Developing a dynamic risk management process and implementing a security risk assessment strategy.
ā Establishing a security framework and a set of control objectives tailored to the organizationās needs.
Outcomes:
š¤ Achieved ISO/IEC 27001:2022 certification, enhancing the organizationās security posture and credibility.
š¤ Reduced likelihood of security incidents and cyber threats through stringent security measures.
š¤ Demonstrated compliance with privacy regulations and industry regulations, boosting customer confidence.
Challenges:
šÆ Addressing various security risks in compliance with the international standard.
šÆ Ensuring thorough internal audits and management reviews to meet ISO/IEC 27001 requirements.
šÆ Integrating a comprehensive security policy and risk management process within the organization.
Solutions:
ā Engaging a reputable certification body for ISO/IEC 27001 certification and regular audits.
ā Developing a dynamic risk management process and implementing a security risk assessment strategy.
ā Establishing a security framework and a set of control objectives tailored to the organizationās needs.
Outcomes:
š¤ Achieved ISO/IEC 27001:2022 certification, enhancing the organizationās security posture and credibility.
š¤ Reduced likelihood of security incidents and cyber threats through stringent security measures.
š¤ Demonstrated compliance with privacy regulations and industry regulations, boosting customer confidence.
Technology Type
IaaS, Data Center, Operating SystemCybersecurity Regulation
ISO, NIST Cybersecurity Framework, SOC 2What's included $1,050
These options are included with the project scope.
$1,050
- Delivery Time 7 days
162 reviews
(157)
(4)
(1)
(0)
(0)
This project doesn't have any reviews.
RV
Roger V.
May 12, 2026
Microsoft365 look over / setup
Working with Nandy was great, clear expectations and outlines. Did the work as promised and managed to get our security score from a low 20 to the high 70s in a matter of weeks.
PS
Puga S.
Feb 20, 2026
ROCKSTAR Single Sign on Azure Cloud Microsoft Active Directory Expert
Did a great job, would hire again and would recommend to others also.
JB
Jeremy B.
Feb 10, 2026
Microsoft Entra ID deployment
Loved working with Nandy. Look forward to our future projects together!
MC
Marcus C.
Jan 5, 2026
Microsoft 365 Admin Needed for Ongoing Support
Nandy provided exceptional tech support and was an absolute pleasure to work with. From the start, they were responsive, knowledgeable, and highly attentive to the details of my project. They didnāt just troubleshoot issuesāthey took the time to understand the bigger picture and offered thoughtful, effective solutions that moved the project forward efficiently.
Their communication was clear, professional, and timely throughout the entire process, which made collaboration seamless and stress-free. Itās rare to find a support agent who combines technical expertise with such a strong customer-first mindset.
I would highly recommend Nandy to anyone needing reliable, high-quality technical support and would gladly work with them again in the future.
Their communication was clear, professional, and timely throughout the entire process, which made collaboration seamless and stress-free. Itās rare to find a support agent who combines technical expertise with such a strong customer-first mindset.
I would highly recommend Nandy to anyone needing reliable, high-quality technical support and would gladly work with them again in the future.
DI
Dan I.
Dec 16, 2025
Expert Photo Retoucher Needed ā Realistic Aging of 6 Portraits + Lighting & Detail Enhancement
Amazing guy! Really knows his stuff.
About Nandy
Expert Azure, Microsoft 365, DevSecOps, Forensics, High-Value Security
100%
Job Success
Lehigh County, United StatesĀ - 1:06 pm local time
Hi there! š Iām an Upwork veteran with over 10,000 hours delivered, 200+ successful projects, and $1M+ earned helping U.S. companies secure and scale their cloud and hybrid environments.
āļø I specialize in Azure, Microsoft 365, and security-focused systems ā delivering:
⢠Secure infrastructure using Zero Trust, IaC (Terraform/Bicep), and DevSecOps pipelines
⢠Incident response, forensics, and breach containment across regulated industries
⢠Compliance-ready solutions aligned to SOC 2, HIPAA, ISO 27001, and NIST 800-53
As a certified consultant, I work directly with technical teams to deliver secure cloud transformation, implement controls, and respond to threats ā fast. I also collaborate with Microsoftās internal dev teams, giving me early-access insights and practical fixes 3ā4 release cycles ahead of public rollout.
Why Choose Me?
ā $1M+ in security projects delivered across healthcare, fintech, crypto, and gov sectors
š Architected Azure landing zones, GitOps pipelines, and zero trust cloud environments
šØ Led incident response and forensic investigations for Fortune 500 and defense clients
š Built compliance workflows and policy-as-code enforcement for audit success
šŖ Secured crypto CI/CD pipelines and smart contract environments with GitHub, Checkov, GHAS
š§ Career Highlights:
āŖ Delivered security modernization and audit readiness for global government contractors and Fortune 500 companies
āŖ Led compliance remediation and data protection initiatives across healthcare, fintech, and public sector clients
āŖ Migrated global users to Microsoft 365 with security-first design ā Exchange, Purview, Intune, Defender
āŖ Built hybrid identity strategies (Entra ID, ADFS, GoDaddy 365, Azure AD B2C, custom policy support)
āŖ Managed VMware-to-Azure hardening with conditional access, audit enforcement, and security baselines
š§ Solutions I Deliver:
⢠Azure Infra Security: Terraform, Bicep, Azure Policy, RBAC, Defender for Cloud
⢠DevSecOps: GitHub Actions, tfsec, Checkov, Trivy, GHAS, pipeline reviews
⢠Microsoft 365 Hardening: Defender, Purview, Compliance Center, Intune, Exchange
⢠Compliance & Audits: SOC 2, ISO 27001, HIPAA, GDPR, NIST, CIS Benchmarks
⢠Incident Response & Forensics: Malware analysis, reverse engineering, breach recovery
⢠Crypto Security: CI/CD for smart contracts, wallet infra hardening, Web3 audits
⢠Reverse-engineered malware to identify attack vectors and harden systems post-breach
⢠Hardened Microsoft Exchange Online and Defender for Email in phishing-prone orgs
⢠Integrated Azure Sentinel analytics with dashboards for cross-cloud visibility
š¤ Retainer & Advisory Support:
⢠Ongoing guidance for CISOs, security architects, and compliance teams
⢠Monthly retainers for SOC 2 evidence collection, security tool reviews, and policy automation
⢠Rapid-response engagements for forensics, malware recovery, and breach root cause analysis
š§° Platforms & Tools:
⢠Azure, Microsoft 365, Azure Sentinel, Microsoft Defender (all modules), Intune
⢠Terraform, Bicep, GitHub, Azure DevOps, GitOps, GHAS
⢠Splunk, FTK, EnCase, Wireshark, Autopsy, Cisco ASA/Firepower
⢠Checkov, Trivy, Aqua Security, smart contract security tooling
⢠Compliance: SOC 2, HIPAA, ISO 27001, CIS, NIST, GDPR
š Letās set up a free 30-minute consultation to explore how I can help you with security transformation, compliance readiness, or urgent recovery ā no fluff, just fast, proven results.
I bring the calm in chaos ā whether you're planning secure growth or cleaning up after a breach, Iāll steady the course and deliver results.
š Helped a fintech client pass SOC 2 in under 60 days
š Responded to ransomware, restored 95% of systems in 48 hours
š Hardened crypto wallet infra securing $100M+ in assets
Thanks again for stopping by. You can invite me to your job post or simply send a message to arrange a quick discovery call ā I respond fast, and weāll keep everything inside Upwork.
ā Nandy Bo
š£ļøā šš© šššØ šššš£ š š„š”šššØšŖš§š š©š¤ š¬š¤š§š š¬šš©š ššš£šš® ššŖš§šš£š š©šš š©š§šš£šØšš©šš¤š£ š¤š š¾šš”š”šš¤š¢. ššš£šš® ššØ š«šš§š® ššš£šŖšš£š, šš¤š£ššØš© šš£š ššš”š„ššŖš” šš£ š£šš©šŖš§š. šš šš”šØš¤ šššØ š š«šš§š® šš£-ššš„š©š š š£š¤š¬š”šššš š¤š šš š¬ššš”š š¢ššš£š©ššš£šš£š š š«šš§š® šš§š¤šš š„š§š¤šš”šš¢-šØš¤š”š«šš£š š¤šŖš©š”š¤š¤š . ššššØš šššš©šŖš§ššØ š¢šš š ššš¢ š£š¤š© š¤š£š”š® š š„š”šššØšŖš§š š©š¤ š¬š¤š§š š¬šš©š ššŖš© šš”šØš¤ š«šš§š® šš£šØš„šš§šš©šš¤š£šš”. ā
ā š š¤š§šš¤š£ š½šš”š” - ššš£šššš£š šæšš§ššš©š¤š§ - š¾šš”š”šš¤š¢ šš£š©šš§š£šš©šš¤š£šš”
Steps for completing your project
After purchasing the project, send requirements so Nandy can start the project.
Delivery time starts when Nandy receives requirements from you.
Nandy works on your project following the steps below.
Revisions may occur after the delivery date.
Discovery call