You will get PCI-DSS Compliance Report for your Website
Top Rated

Project details
I have over a decade of experience in cybersecurity, specializing in PCI-DSS compliance and helping businesses meet requirements for payment gateways such as Stripe, Bank of America, Authorize.net, and PaySimple. My expertise includes guiding e-commerce platforms and other organizations through gap assessments, custom security policies, and SAQ filing to achieve and maintain compliance effortlessly.
Whether you need an ASV Pass for minimal vulnerabilities or full resolution of PCI-DSS issues, I provide tailored solutions that simplify the process, enhance your security, and build trust with your customers. Let’s work together to secure your payment systems and ensure your compliance journey is smooth and successful.
Whether you need an ASV Pass for minimal vulnerabilities or full resolution of PCI-DSS issues, I provide tailored solutions that simplify the process, enhance your security, and build trust with your customers. Let’s work together to secure your payment systems and ensure your compliance journey is smooth and successful.
Cybersecurity Expertise
Audit, Privacy, Gap AnalysisTechnology Type
Computer Network, Operating System, SaaS, Web Application, CRM, Email System, ERP, PaaSCybersecurity Regulation
PCI DSSCompany Size
Small Company SizeWhat's included
| Service Tiers |
Starter
$400
|
Standard
$600
|
Advanced
$800
|
|---|---|---|---|
| Delivery Time | 4 days | 6 days | 8 days |
Cybersecurity Monitoring | - | - | |
Malware Removal | - | - | |
Security Analysis | - | - | |
Security Patch Installation | - | - | - |
Optional add-ons
You can add these on the next page.
Fast Delivery
+$200Frequently asked questions
49 reviews
(48)
(0)
(0)
(1)
(0)
This project doesn't have any reviews.
LG
Lucas G.
Mar 15, 2026
Web Application and Network Penetration Tester Needed
PB
Prakash B.
Mar 12, 2026
VAPT for Infrastructure (OS) + Web Application — Delivery in 48 Hours
Here is a ~1000-character Upwork review for Rafay and his team, focused on VA/PT across AWS, on-prem VMs, endpoints, and application security:
We had the opportunity to work with Rafay and his team on a comprehensive Vulnerability Assessment and Penetration Testing (VA/PT) engagement covering our full infrastructure, including AWS cloud resources, on-premise virtual machines, endpoints, and our application layer. The team demonstrated a high level of professionalism, technical expertise, and a very structured methodology throughout the entire process.
Their assessment was thorough and well-organized, identifying potential vulnerabilities across multiple layers of the infrastructure while clearly explaining the associated risks and impact. The final report was detailed, easy to understand, and included practical remediation recommendations that our team could immediately act upon.
Communication was smooth and responsive, and they were always available to clarify findings and guide us through best practices for improving our security posture. Their work provided us with valuable insights and significantly strengthened our infrastructure security.
I highly recommend Rafay and his team to any organization looking for reliable and highly skilled cybersecurity professionals for VA/PT engagements.
We had the opportunity to work with Rafay and his team on a comprehensive Vulnerability Assessment and Penetration Testing (VA/PT) engagement covering our full infrastructure, including AWS cloud resources, on-premise virtual machines, endpoints, and our application layer. The team demonstrated a high level of professionalism, technical expertise, and a very structured methodology throughout the entire process.
Their assessment was thorough and well-organized, identifying potential vulnerabilities across multiple layers of the infrastructure while clearly explaining the associated risks and impact. The final report was detailed, easy to understand, and included practical remediation recommendations that our team could immediately act upon.
Communication was smooth and responsive, and they were always available to clarify findings and guide us through best practices for improving our security posture. Their work provided us with valuable insights and significantly strengthened our infrastructure security.
I highly recommend Rafay and his team to any organization looking for reliable and highly skilled cybersecurity professionals for VA/PT engagements.
OB
Operations B.
Feb 13, 2026
DDOS Mitigation & Security Expert Needed
JT
Justin T.
Feb 7, 2026
Cybersecurity Expert Needed for OWASP Top 10 Source Code Review
Rafay was easy to work with, completed on time, didn't go over his estimated hours, and produced what I wanted. Would work with him again.
MS
Michael S.
Nov 27, 2025
PCI DSS Compliance Questionnaire Specialist (Urgent)
About Rafay
Cyber Security Consultant | Penetration Tester| PCI-QSA |CREST| V-CISO
100%
Job Success
London, United Kingdom - 1:13 pm local time
I currently hold the following educational degrees and certifications:
✅ Masters in Cyber-Security and Forensics
✅ Certified Information Systems Security Professional (CISSP)
✅ Certified Information Security Auditor (CISA)
✅ Offensive Security Certified Professional (OSCP)
✅ CREST Practitioner Security Analyst (CPSA)
✅ Offensive Security Web Expert (OSWE)
✅Offensive Security Wireless Professional (OSWP)
Security/Compliance Frameworks:
ISO 27001, SOC2, PCI-DSS, HIPAA, NY DFS 23/ NYCRR Part 500, NIST, CIS, GDPR, HIPAA, FedRAMP, NIST 800-53, NIST 800-171, NIS2, DORA
Services I Offer:
Penetration Testing
Vulnerability Assessment
PCI-DSS SAQ Filing + ASV
PCI compliance assessment
Cloud Security (AWS, Azure and GCP)
Red Teaming Assessment
Threat Modelling
Security Architecture Review
Web 3.0 Wallet Security
Smart Contract Audits
Cloudflare WAF Protection
DDOS Protection Expert
Bot Protection Expert
Steps for completing your project
After purchasing the project, send requirements so Rafay can start the project.
Delivery time starts when Rafay receives requirements from you.
Rafay works on your project following the steps below.
Revisions may occur after the delivery date.
Client Submits Website Details
Client will submit the website or subdomain for ASV scan. In case of Cloversecurity and other intermediaries, credentials will be provided.
Submission of Final Report
Optional: Depending upon the vulnerability type, access to backend server might be required. In either case, final report from ASV with PCI-DSS pass will be provided.
