Upwork home
Sign up
Secondary

Hire the best Information Security Analysts

Check out Information Security Analysts with the skills you need for your next job.
Hire freelancers
Clients rate Information Security Analysts
Rating is 4.7 out of 5.
4.7/5
based on 1,807 client reviews
  2. Development & IT Talent
  3. (Current) Information Security Analysts
  • $50 hourly

    • 5.0/5
    • (56 jobs)
    Transforming Information Security into a Competitive Advantage! I have the ability to translate complex compliance requirements into clear and concise language that resonates with the business. I'm a certified senior professional specializing in implementing and managing diverse security frameworks, including ISO 27000 family, SOC 2, PCI, GDPR, HIPAA, FedRAMP and CMMC. With a proven track record of guiding businesses to successful certification, I can help you achieve compliance while mitigating risks. Don't wait until it's too late! Contact me now and avoid drowning in compliance requirements. I'm well-versed in compliance platforms like Thoropass, Drata, StrikeGraph, and TrustCloud. Explore how I can assist you and inquire about my 10% referral discount.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    CMMC
    Risk Management
    Microsoft SQL Server
    Security Framework
    NIST Cybersecurity Framework
    HIPAA
    GDPR
    NIST SP 800-53
    Data Privacy
    Information Security Audit
    Compliance
    Governance, Risk Management & Compliance
    ISO 27001
    SOC 2 Report
  • $150 hourly

    • 5.0/5
    • (264 jobs)
    I am a cybersecurity professional with a Master's Degree in Cyber Operations and two years of work experience in cybersecurity research and development at a world-class R&D laboratory. In that job, I gained experience in network traffic analysis, malware analysis, and cryptography. For over two years, I have worked as a freelancer, providing consulting, content development, and course creation in cybersecurity and blockchain security. I specialize in development of technical content (blogs, whitepapers, case studies, and courseware) in the field of cybersecurity. I currently hold the Certified Ethical Hacker and Certified Blockchain Security Professional certifications.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Reverse Engineering
    Cryptocurrency
    Blockchain
    Cryptography
  • $55 hourly

    • 4.9/5
    • (305 jobs)
    IT Professional with over 30 years experience. 15+ years experience in web development. 8+ Years experience in PCI-DSS Consultation, including level 1 companies, working with QSA's to swiftly obtain compliance. For the past five years, I have been providing GDPR consultation to many small to medium-sized companies. Three years experience with ISO 27001 helping clients get and maintain ISO 27001 accredited certification. I spent 20 years working in various IT roles, mainly support, engineering, and web development, within one of the largest companies in the world. I was awarded Charted IT Professional status from the British Computer Society in July 2008. Since then, I have run my own company with a small team producing web-based platforms and services and offering freelance compliance consultation to small businesses. I have also worked as a CTO on several start-up projects managing their entire IT infrastructure and gaining valuable PCI compliance experience, essential to all e-commerce projects. Due to my experience and varied IT roles, I have a good knowledge of web design, programming, databases, security, SEO, troubleshooting, technical writing & more. I am a highly organised and reliable individual, utilising existing knowledge and experiences to find practical solutions to even the most complex project.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Compliance Consultation
    Data Privacy
    Vulnerability Assessment
    PCI DSS
    Data Protection
    Website Security
    PCI
    Compliance
    ISO 27001
    Risk Assessment
    Information Security Audit
    GDPR
    Web Content Accessibility Guidelines
    Security Analysis
  • $50 hourly

    • 5.0/5
    • (11 jobs)
    Need any process automated? You're in the right place! Are you currently facing challenges in safeguarding your business against cyber threats? Are there specific areas where you've experienced difficulties in mitigating security vulnerabilities? I'm here to understand your unique concerns. In the realm of cutting-edge technology, what aspects of AI, advanced automation, or information security solutions are you currently exploring or considering to scale your business? How do you envision these technologies strengthening your operations? As someone passionate about fortifying businesses, I'm curious to learn more about your goals and aspirations. What initiatives are you currently undertaking to drive growth, and how do you perceive the role of technology in achieving those goals? I am dedicated to helping businesses navigate the digital landscape securely. What are your key priorities when it comes to information security, and how can we tailor our expertise to address your specific needs? Let's embark on a conversation about your business journey. What challenges do you anticipate in the ever-evolving digital world, and how can we work together to position your business at the forefront of innovation?
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Appium
    Selenium
    Computer Vision
    Natural Language Processing
    Reverse Engineering
    Artificial Intelligence
    Machine Learning
    Web Scraping
    C#
    Python
    Penetration Testing
  • $240 hourly

    • 5.0/5
    • (29 jobs)
    I have provided HIPAA consulting services for the last 20 years and over that time served over 1,000 clients. Client experience includes work with covered entities including hospitals, physicians, other health providers, insurers, union health plans and county government agencies. Experience with business associates include software vendors, IT managed services providers, cloud computing vendors, mobile app developers, medical billing services, value-added resellers, third-party administrators and pharmaceutical marketing companies. Services include virtual Privacy/Security Officer, policy and procedure development, policy gap analysis, computer security risk analysis, technical vulnerability analysis, vendor audits, HIPAA training, business associate contracting and other HIPAA related services. Other related experience includes use of security frameworks including ISO 27001/27002, NIST and HITRUST as well as the PCI DSS. I have worked with other government regulations including 42 CFR Part 2, GxP, FERPA, IDEA, DEA Regulations for E-prescribing of controlled substances and state laws relating to medical privacy and data breach in over 20 states.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Company Policy
    Security Analysis
    PCI
    Information Security Governance
    Project Risk Management
    Vulnerability Assessment
    Data Privacy
    ISO 27001
    HIPAA
    Risk Assessment
    GDPR
  • $75 hourly

    • 5.0/5
    • (159 jobs)
    As a Certified Information Privacy Professional (CIPP/US), I provide privacy law advice and specialized privacy notices and related documents for business, website, mobile app, and SaaS owners. This helps my clients comply with the U.S. and global privacy laws and regulations. SUBJECTS OF SPECIALIZATION • Draft globally compliant privacy notices for website, mobile app, and SaaS owners. • California Consumer Privacy Act (CCPA), (CPRA), and other U.S. state privacy laws. • General Data Protection Regulation (GDPR), Canadian, and other global privacy laws. • Data Subject Access Requests (DSARs). • International transfer of data and standard contractual clauses. • Data controller processor regulations and data processing agreements. • Risk management, ISO 2700, and NIST Cybersecurity Framework • Blockchain technology, cryptocurrency, and artificial intelligence (AI). • Assessing vendors and processors. • Privacy impact assessments, data mapping, and record of processing activities. • COPPA and global children and student privacy laws. • HIPAA and HITECH compliance and data protection policies. • Comprehensive data management from the beginning of the cycle to the end. • Internet advertising laws and regulations. My services also include drafting documents and providing guidance including, but not limited to the following: • Privacy notices to comply with the CCPA, US, GDPR, and global privacy laws • Data processing agreements between controllers, processors, and subprocessors • Standard contractual clauses • Data privacy impact assessments • Data protection policies • Data subject access requests (DSARs) response letters • Children's privacy notices to comply with COPPA and global privacy laws • Privacy law training • NIST and cybersecurity frameworks • Internet terms and conditions --- It's the little things in documents most people do not see that protect or hurt their business.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Legal Writing
    Compliance
    Data Privacy
    HIPAA
    Business Development
    Policy Writing
    Privacy Law
    GDPR
  • $15 hourly

    • 5.0/5
    • (2 jobs)
    I have a strong background in ISO 27001, 22301 and SOC2 documentation (mandatory policies, risk assessment and treatment registry, etc.) implementation and certification. Achievements ISO 27001 Lead Auditor Managed Readiness up to Certification for ISO 27001: 2013 ISO 9001:2015 ISO 22301:2019 ISO 17100:2015 SOC 2 CREST Other achievements: • Implemented a Document Management System • Established ACE Hour • Increase turnaround time by implementation of Automation Projects: Buying Requisition Canvassing Request Request for Payment Online Facilities Request
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Security Analysis
    Atlassian Confluence
    ISO 27001
    SOC 2 Report
    Document Control
    ISO 9001
    Documentation
    Internal Auditing
    Business Process Management
    Technical Writing
  • $80 hourly

    • 5.0/5
    • (17 jobs)
    passionate security enthusiast interested in assisting a team increase their security posture by providing guidance and consultation on building and improving security operation capabilities, reducing overall attack surface with proper vulnerability management, and security engineering/architectural improvements.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Security Operation Center
    Security Engineering
    Cloud Engineering Consultation
    Cloud Computing
    Cloud Security
    Security Analysis
    Google Cloud Platform Administration
    Information Security Governance
    Network Security
    Configuration Management
  • $40 hourly

    • 4.4/5
    • (11 jobs)
    As a seasoned Senior Security Analyst, I bring forth seven years of dedicated expertise in fortifying the Cybersecurity landscape for enterprises, corporations, and medium-sized businesses. My proficiencies encompass an extensive range, including: -Orchestrating the full spectrum of incident response life cycles and post-incident activities. -Mentoring and guiding junior colleagues in mastering the intricacies of incident response cycle. -Crafting robust Information Security policies and procedures tailored to organizational needs. -Authoring comprehensive security guidelines to empower security personnel with actionable directives. -Conducting thorough training sessions for employees, covering the breadth of Cybersecurity awareness. -Configuring SIEM alarm rules and formulating clear incident response playbooks. - A hands-on experience with SOAR platforms, fostering a seamless operational environment. My forte lies in delivering quick security alarm analysis across various domains and tools, including: Web security and email security solutions, security awareness platforms, Microsoft and Amazon security stack, brand and digital landscape protection, EDR and HIPS, as well as an array of SIEMs such as LogRhythm, Qradar, Sentinel, XDR, Rapid7, Amazon. With a commitment to robust security measures and a track record of elevating defenses across multifaceted environments, I am committed to contribute expertise that safeguards and fortifies your organization against evolving threats.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Security Operation Center
    GDPR Compliance Review
    GDPR
    ISO 27001
    Information Security Consultation
    Vulnerability Assessment
  • $35 hourly

    • 5.0/5
    • (13 jobs)
    ⭐⭐⭐⭐⭐ "It doesn't get better than Ezinne. The quality of what she delivers is outstanding...You won't be disappointed." Experienced writer with over a decade of expertise producing purpose-driven documents for businesses across various industries. Specializing in crafting clear, concise, and error-free materials, including proposals, SOPs, user manuals, training modules, YouTube scripts, short stories and blog posts. Services Offered: - Proposal writing for contracts, grants, RFPS and bids - Technical documentation including Standard Operating Procedures (SOPs), user manuals, and training modules - YouTube scripts on technical subjects and SEO blog posts in healthcare, IT, and cybersecurity - Templates, Speeches, PowerPoint presentations, and ChatGPT prompts - Requirements gathering - Grant writing for non-profits, small businesses and tech startups Key Skills: - Proposal writing - Technical writing and editing - Article writing - Creative writing - Grant writing - Proficiency in Microsoft Office, PowerPoint, Excel, Google Suite, ChatGPT, and Canva Work Approach: - Understanding client objectives through detailed project analysis - Thorough online research and information gathering - Creating comprehensive outlines - Drafting and submission of initial content for client review - Revisions based on client feedback - Delivery of finalized, polished documentation Why Choose Me: - Collaborative approach to ensure client needs are met - Commitment to deadlines and deliverables - Ability to simplify complex concepts for easy comprehension - Meticulous attention to detail and accuracy Client Testimonials: - "Easy to work with" - "Paid attention to details" - "Completed the job on time" - "Impressed by the quality of work" Let's discuss your project and how I can assist in achieving your documentation goals. My working hours align with GMT+2 (currently based in Kigali, Rwanda, though originally from Ontario, Canada).
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Business Writing
    User Guide Writing
    NIST Cybersecurity Framework
    Quiz Writing
    Policy Writing
    Story Writing
    Grant Writing Consultation
    Report Writing
    Speech Writing
    Article Writing
    Grant Writing
    Blog Writing
    RFP Writing
    Content Writing
    Technical Writing
  • $30 hourly

    • 4.8/5
    • (355 jobs)
    With a degree in Computer Engineering and a passion for writing, my experience spans across writing whitepapers, blogs, research reports, content for websites, thesis for academic submissions, sales pitch, business proposals and more. I am highly organized and schedule my time to get things accomplished accordingly. I am detail-oriented and an excellent researcher. I can be entrusted with big projects as I prefer to complete my work before deadlines giving you ample time to review my work and provide feedback. I take pride in my work
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Amazon Web Services
    Artificial Intelligence
    Blockchain
    Network Security
    Web App Penetration Testing
    Network Penetration Testing
    Vulnerability Assessment
    Robotics
    Editing & Proofreading
    Website Copywriting
    ISO 27001
    Cloud Security
    Disaster Recovery
    Policy Writing
    Technical Writing
    PCI
    Project Risk Management
  • $20 hourly

    • 5.0/5
    • (56 jobs)
    I protect your content from getting stolen over the web and if someone is using your content without your permission, I report and take down the pirated content under DMCA. I provide services to online content creators such as writers, bloggers, photographers, and the companies who own intellectual content of any type, or copyright products. My motto is to end content piracy. Here is my Plan of action: 1) I start by searching for all the websites which are stealing and using your content, through all the web search engines (Google, Bing, Yahoo, AOL, Yandex, etc.) using multiple effective keywords. 2) I de-index (remove) those websites from the search engines. It will help to stop your audience go on the infringing website in the first place and this process also helps if the infringing website is not willing to remove the content directly. 3) Send DMCA takedown notices to the website owners and their hosting providers. 4) Reporting infringing content on social media platforms and video sharing websites like Facebook, Instagram, Pinterest, Reddit, YouTube, Twitter, Dailymotion, VK, OK, Youku, Archive.org, 4shared, Vimeo, Google-drive, and many more. 5) Keeping a complete follow-up of the work done. 6) Provide you with weekly reports regarding the work and progress. Why choose me? I leave no stones unturned in protecting your content. Moreover, I am committed to providing customer satisfaction. I make sure that my client is up to date about the work progress and is able to get a complete follow-up regularly. I put all my efforts in a task that I have assigned. Let me assist you with my quality service. Thank you.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Intellectual Property Protection
    Legal
    Trademark
    Internet Security
    Copyright
    Legal Assistance
    Trademark Law
    Copyright Law
    Copyright Search
    Intellectual Property Law
    Legal Research
  • $95 hourly

    • 5.0/5
    • (9 jobs)
    I am a Cyber Security and Information Technology expert with 20 years experience ranging from small start-ups to multi-billion euro businesses. I hold a CISSP, the gold standard of Information Security Qualifications. I specialise in Strategy, Governance, Risk and Compliance - this makes me ideal for projects such as: Helping you achieve Cyber Essentials or IASME Governance status PCI-DSS & ISO 27001 compliance programs and audits Being your Cyber Security / Info Sec manager or CISO on a part-time basis Selecting and managing IT and Cyber Security suppliers on your behalf Writing, reviewing and updating your IT and Cyber Security policies Security Awareness Training I am an award winning public speaker and trainer and my Cyber Security Awareness Training is very popular delivered in person or from my online studio to clients around the world.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    GDPR
    Security Infrastructure
    Information Security Awareness
    ISO 27001
    PCI DSS
    Information Security Audit
    Information Security Governance
    Certified Information Systems Security Professional
    PCI
    Security Policies & Procedures Documentation
    Incident Response Plan
    Vulnerability Assessment
    Security Assessment & Testing
    Network Security
  • $30 hourly

    • 5.0/5
    • (86 jobs)
    I'm a Penetration Tester and Cyber Security Specialist who is a professional in evaluating the security posture of Web-Applications (Websites) and ensuring the security of personal clients' online identities, accounts, devices, and networks, I've possessed my current knowledge through 3+ years of self-study and research plus 2+ years of work in the industry, protecting clients on a personal level and running vulnerability assessments against business websites, always leaving positive impression and impact, I hold a great record of being able to expertly provide the following services: - Perform comprehensive security checkups on Emails and Phone numbers and pinpoint security holes which often lead victims to be hacked with zero interaction nor awareness from them. - Assist in Account Recovery (Ex. Instagram, Facebook) - Educate thoroughly on the findings and remediations for a vulnerable target, equipping clients with enough information to trust themselves as they continue to utilize the technologies as normal with no fear of being targetted by hackers. - Investigate and educate on online frauds/scams, especially crypto ones, why and how they work, and how to distinguish between legit and not legit easily. - Clean up networks and devices from viruses/malware and ensure optimal patching for security. - Report fraud websites that impersonate legit businesses for a takedown. IMPORTANT: When it comes to cybersecurity-related services, there is a number of scammers not to be underestimated, whether within or outside of Upwork, therefore stay vigilant and keep in mind the following, 1. If you were scammed online via crypto, there's no one out there with the right to give a guarantee that they will be able to recover it for you despite how well furnished the so-called hacker's portfolio appears to be, the chance remains very slim and you should only pursue this kind of service for the sake of leaving no stone unturned knowing the high probability of failure, and you should only select a freelancer with a reputable profile and reviews to back up their activity because scammer accounts are usually fresh with no reviews and no verified ID, feel free to consult me to evaluate that. 2. Same applies to the request of hacking an account, there are complicated caveats that explain why it DOES NOT work the way you think it does but to keep it short, if you want someone's account hacked, aside from it being illegal and unethical and isn't the type of "service" I provide, the chance for it to work is about 1% to begin with, again, I'm available for consultation, account recovery is a different subject with a higher probability for success as long as it's your own account that was lost/hacked.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Malware Removal
    Vulnerability Assessment
    System Security
    Network Security
    Information Security Consultation
    Website Security
    Penetration Testing
    Network Penetration Testing
    Internet Security
    Ethical Hacking
    Security Testing
    Security Assessment & Testing
  • $60 hourly

    • 4.7/5
    • (197 jobs)
    SATISFIED CLIENT REVIEWS; "Gray did an excellent job writing 50 complex articles in 4 weeks. His writing is original, error-free, and meets all my requirements to the finer details. I trust his work ethic and I'm looking forward to hiring him in future projects!" "Gray is an awesome blog writer! He does tons of research for each article, has a captivating writing style, and is able to produce a high output. Highly recommend him." "Gray is an excellent writer with a good work ethic. He delivered all articles ahead of schedule and I'm happy with the end product. I'll be working with Gray with additional projects, and I'm quite sure he will add tremendous value to the articles again. Highly recommended!" ________________________________________________________________________________________________________ With everyone taking their businesses online, content writing has become increasingly popular over the past few decades. As we know, the internet encompasses all sorts of written content, from fiction to creative nonfiction, from blog articles to product reviews. According to Internet Live Stats, Orbit Media Solutions, there are more than 1.7 million blog posts published per day. Unfortunately, only a relatively small percentage of these have resulted in desired outcomes. The best content not only attracts but also engages and motivates people. While almost everyone can write, only a few are skilled at communicating and influencing specific reactions with words. People with these skills deliver the goods. The fact that you are still reading this means that you are looking for this specific group of writers. I say you have found a viable solution if you have found me! My current focus is on tech, SEO, and marketing content, but I am open to writing about other niches if the deal is right! WHY YOU SHOULD STICK WITH ME? With over four years of experience as a content writer, I have written in almost every niche you can think of. I've worked with brands like (give examples) and more, collaborating with high-performing teams and breaking new ground! My secret? I'm a hard-core researcher, versatile, creative, and storyteller! In each paragraph I inject splashes of ecstasy, owning my piece, and holding my audience until the very last word. More importantly, I will make my readers take action. In order for your business to thrive, you need content that will engage your readers, motivate them to act, and make them return. My goal is to contribute to your success story by solving the most basic of your business's digital needs. As a freelancer, I am client-oriented. My focus is on you and what you need. As far as qualifications go, I have over 4 years of experience, and I can tell you all the other things that several other freelancers would tell you. If I can't provide quality to you, dear client, then what's the point? It’s all just gibberish. Professional gibberish, at that. If you want quality, you can identify it, and you are prepared to pay for it, let’s talk! Cheers.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Health & Fitness
    Content Writing
    Blog Writing
    Website Content
    Ghostwriting
    Ebook
    Copywriting
    Article Writing
    About Us Page
    Technical Report
    Cloud Security
    Technical Writing
    Tech & IT
    SEO Writing
  • $20 hourly

    • 5.0/5
    • (6 jobs)
    Passionate Cybersecurity Researcher and Penetration Tester. Bachelors with Computer System Engineering. I offer my services in Cybersecirity and Network Security with Can-do-Attitude: 1) Kali Linux, Parrot OS, Black Arch, Ubuntu, and Network Security Toolkit. 2) Wireless Penetration Testing – WPA, WPA2, WEP. 3) Antivirus Solutions including Spyware, Malware, Ransomware, and others, etc. 4) Networking Vulnerability Assessment and Penetration Testing 5) Password familiarity using hash cat, MD5, SHA1, Rainbow Tables, SHA2 and etc. 6) Router and Switches Configuration using OSPF, RIP, IGRP, Static and Dynamic and etc. 7) Real-time monitoring network traffic analysis using GNS3, Packet Tracer, Splunk, Wireshark and etc. 8) Hand-on experience in tools like Aircrack-ng, Hydra, Burpsuite, Nessus, OpenVAS, Acunetix, Wapiti, Metasploit, Veil-Evasion, Social Engineering Tool kit, Autopsy, John the Ripper, Sherlock, OWASP-ZAP, NMAP and etc.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Ethical Hacking
    Business with 1000+ Employees
    Security Operation Center
    Network Analysis
    Security Engineering
    Website Security
    Vulnerability Assessment
    Wireshark
    Metasploit
    Digital Forensics
    Kali Linux
    Security Testing
    Penetration Testing
    Network Security
  • $149 hourly

    • 4.9/5
    • (327 jobs)
    🚫I don't provide hacking or account recovery services!🚫Security, Privacy, and Compliance sell to Enterprises! Join 200+ successful Founders, CTOs, and CEOs in unlocking business opportunities worth millions💲💲 💲by working with the 🥇 Upwork virtual CISO, Security, Privacy, and Compliance consultant (1M+ earnings, 20+ years of enterprise experience)! CEO selling to Pepsi:🎉 "Attila supported the growth of our business into Fortune 100 accounts." CEO selling to Philips: 🍾 "We have achieved the ISO 27001:2022 certification in record time." CEO selling to Morgan Stanley: 🥂"The certification is enabling us to strike a deal with a Fortune 100 client." COO selling to Fannie Mae:👏 "We achieved a successful SOC 2 Type II attestation with no exception." 💭Securing your business, passing security assessments by clients or prospects, and achieving a security certification 𝙨𝙝𝙤𝙪𝙡𝙙 𝙣𝙤𝙩 𝙗𝙚 𝙖 𝙘𝙪𝙢𝙗𝙚𝙧𝙨𝙤𝙢𝙚 𝙖𝙣𝙙 𝙥𝙖𝙞𝙣𝙛𝙪𝙡 𝙚𝙭𝙚𝙧𝙘𝙞𝙨𝙚. 👌 Specialized in business-to-business, providing 💸money-back guaranteed💸 ISO 27001, SOC 2, GDPR, HIPAA, PCI-DSS, CMMC, and FedRAMP projects and affordable virtual CISO (vCISO) services. ----> If you don’t get certified, all my fees will be refunded! <---- 😢Are you busy developing your product or business and don’t have time and resources to be consumed by compliance efforts and endless meetings, halting your production for months? 😢You quickly need quick security or privacy awareness training, cloud security posture assessment (AWS, GCP, Azure), endpoint security (MS 365 - Intune, Jumpcloud, Google Workspace), or penetration testing? 💪Want to decrease your sale cycle by being compliant and having all the answers for the security and privacy questionnaires? 💪Need PCI-DSS ASV (approved scanning vendor) scans to support your PCI compliance? Got your back! 💪Facing the challenges of the security and privacy implications of AI products? 💪Want continuous access to a certified, creditable security, compliance, and privacy professional to manage your security framework? -> Continous virtual CISO (vCISO / fractional CISO) service with affordable weekly payments! 😟Need world-class, battle-proof security and privacy policies? Maybe you need it quickly? The kind of ones that have passed audits by KMPG, Microsoft, PWC, Deloitte, E&Y, Pepsi, Rolex, Uber, Verizon, Philips, Facebook, and many others? 🤔Already purchased a DIY compliance tool (Drata, Vanta, Thoropass/HeyLaika, Sprinto, OneTrust Compliance Automatization/Tugboat Logic, SecureFrame, Strike Graph, Audit Board, Trust Cloud, and so on) but don’t know the next step or don’t have time for it? Click on the green invite button at the top right corner to invite or message me. 📣 🚫No hacking service! Don't ask to hack, crack, or gain access to any accounts, systems, social media, etc. Please note that all invitations for this will be declined. 🚫I only serve businesses, no service for private individuals!🚫 Working with me, you will: ★ Get the burden of security and compliance management taken off your shoulders so you can focus on building your company ★ Get an end-to-end, professionally managed service ★ Get a consultant aiming for long-term support and providing advice and services to enable you to achieve growth-phase plans and targets by establishing a solid security and governance framework to win Enterprise clients. ★ Have access to a pool of hand-picked security professionals for SecOps, DevOps, Cloud security, penetration testing, application security, and endpoint security. --- My stats are: ✅Saved tens of thousands $$$$$ for clients, advising them on the right security tools, solutions, and approach ✅Enabled businesses to generate increases in ARR 💵 by getting them compliant and secure ✅#1 in Information Security and IT compliance categories (1M+ earned) ✅Supporting all time zones ✅Long-term engagements ✅Professional certifications (CISA, CISSP, ISO 27001 IA) Security questionnaire and vendor assessment tools: CyberGRX, Panorays, KY3P (S&P, PWC), RSM, CyberVadis, SIG, CAIQ, VAS, HECVAT, OneTrust, Graphite Connect, Centrl, Whistic, Compliance management tools: Drata, Vanta, Onetrust Compliance Automatization - Tugboat Logic, Sprinto, SecureFrame, Thoropass (HeyLaika), Trust Cloud, Strike Graph, Audit Board, ISMS.online, Instant27001.com Security/Compliance frameworks: ISO 27001, SOC 2, FedRAMP, NIST 800-53, NIST 800-171, NIST CSF, TISAX, HIPAA, HITRUST CSF, GDPR, NERC, ISO 27017, ISO 27018, CMMC, CMMI, TX-RAMP, StateRAMP, AZ-RAMP, NY DFS 23 / NYCRR Part 500, PCI-DSS, FFIEC, C5, ENISA, Center of Information Security (CIS), IRAP. Projects not for me: ✖Asking to fill security questionnaires, providing the appropriate answers but not implementing controls ✖Asking to create falsified audit or assessment reports
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Security Management
    SOC 2
    HIPAA
    SOC 2 Report
    Risk Management
    Cloud Security
    Information Security Audit
    Certified Information Systems Security Professional
    Governance, Risk Management & Compliance
    ISO 27001
    Information Security Consultation
    IT Compliance Audit
    Cybersecurity Management
    Security Policies & Procedures Documentation
  • $40 hourly

    • 5.0/5
    • (291 jobs)
    I'm an OSCP (Offensive Security Certified Professional), OSWE (Offensive Security Web Expert), CREST CRT, and CEH (Certified Ethical Hacker) certified penetration tester. I can conduct vulnerability assessments and penetration testing for your web applications, mobile applications, and cloud infrastructures. I can also audit the code of your PHP / Python / JS (NodeJS) applications and fix code-level vulnerabilities. My day to day work includes: -- Research on bleeding edge technologies -- PHP/Python/JavaScript development -- Code auditing -- Database management -- APIs development & integration -- AWS services (EC2, SES, SNS, SQS, Route53, S3, Lambda, API gateway) -- Penetration testing -- Data scraping -- and a lot more
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Network Security
    Security Testing
    Network Penetration Testing
    PHP
    JavaScript
    Laravel
    Penetration Testing
    Cloud Security
    Web App Penetration Testing
    Web Application Security
    Website Security
    Information Security Audit
    Linux System Administration
    Amazon Web Services
  • $30 hourly

    • 5.0/5
    • (20 jobs)
    Cloud Solution Expert with five years of experience designing and developing enterprise-level solutions using the latest technologies, including Azure, AWS, GCP, Terraform, Ansible, DevOps, Machine Learning, AI, C#, ASP.NET MVC, Angular, SQL Server, Power BI, and Oracle. I have designed and executed multiple cloud and colo migrations. I have also worked on Azure search and Azure ML. I have extensive knowledge of cloud security and have performed comprehensive assessments and implementation of cloud environments. I have implemented Palo Alto's next-generation firewalls for the azure environment in enterprise solutions. I have worked on projects for various clients on cloud technologies, including Schlumberger, TATA, JCB, McCann, National Express, Crown Paints, BFS, and Future Generali.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Microsoft Azure
    C#
    Cloud Computing
    Ansible
    Cloud Security
    Internet Security
    Kubernetes
    DevOps
    GitHub
    Azure App Service
    Microsoft SQL Server
    Cloud Architecture
    Azure IoT HuB
    Terraform
    Docker
    Machine Learning
  • $150 hourly

    • 4.7/5
    • (10 jobs)
    PKI Security products and solutions related Cryptography, PKCS#11, HSM, Smart Card, Multi-factor Authentication, OTP Authentication, Bio-metric authentication, Application Security, Encryption, Digital Signature, CSP, Credential Provider, solution conforming to NIST FIPS-140 level 2/3 certification, PIV, CAC, Entrust, Id-entrust, CMS solutions, MS Identity life cycle Manager, Minidriver, SSL and VPN integration, Various Identity access control and management solutions, Worked on solutions targeted for Desktop (Windows, Linux, Mac), Embedded Software, IOT Device solutions, Android Native Development, Cloud solutions, - Languages*:: C, C++, Java, QT, C# ,Python,Javascript, TypeScript - Operating System:: Windows, Android,vxWorks, Linux, Embedded Linux - Tools:: GCC, GDB,LLVM, LLD, Android Studio, Shell scripting, Eclipse, Visual Studio - Standards/ API:: PKCS # 11, #12 , MS CAPI, Credential Provider, TokenD, KeyChain APIs, ISO - 7816, Bluetooth / Bluetooth LE APIs, FIPS-140 level 2 & 3, KMIP specification, FIDO specifications, PCSC lite, - OpenSource:: OpenSSL, OpenSSH, - Web Technologies:: NodeJS, Protobuffer, DJanfo, Angular, HTML, CSS - HSM: IBM CloudHSM, AWS-CloudHSM, AWS-KMS, SafeNet CloudHSM, DPoD, SoftHSM, - Blockchain: Bitcoin and Ethereum signing with CloudHSM, BIP32 Signing, secp256k1 signing, Ethereum Signer with CloudHSM.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    OAuth
    Windows API Development
    Blockchain, NFT & Cryptocurrency
    C++
    Java
    JavaScript
    Reverse Engineering
    NFC
    C
    Android
    Python
    Cryptography
    Application Security
    Encryption
    Linux
    Elliptic Curve Cryptography
  • $30 hourly

    • 4.9/5
    • (21 jobs)
    Hi, If you need a cyber security and information security professional with higher education (Ph.D.), certification(CISSP), and experience(CISO, Enterprise SOC design, and management, GRC, Security Architect) with a proven top-rated plus profile, I am here. Let's make your organization a safe and secure place for your precious information and data. As a cybersecurity architect and information security compliance expert, my primary focus is safeguarding sensitive data and ensuring critical information systems' integrity, confidentiality, and availability. I have extensive experience in designing and implementing robust security solutions that protect against cyber threats and comply with industry regulations. I thrive in dynamic and challenging environments, constantly adapting to emerging technologies and staying ahead of the evolving threat landscape. My expertise includes conducting risk assessments, developing security policies and procedures, and leading incident response teams. As a cybersecurity expert, I have a proven track record of implementing and maturing industry-leading standards such as the NIST Cybersecurity Framework, NIST 800-53, and NIST 800-37, FedRAMP, ISO 27001 ISMS, CMMC v.2. I take pride in designing and developing state-of-the-art cybersecurity operation centers (SOC) from scratch, integrating them seamlessly with network operation centers (NOC). Additionally, I have designed and developed a state-of-the-art Cyber Security Operations Center (SOC) from scratch. By integrating it with the Network Operations Center (NOC), I have created a seamless environment for promptly monitoring and responding to security incidents. To enhance operational efficiency, I have established playbooks, monitoring processes, and incident response procedures that align with industry best practices. This ensures a proactive approach to identifying and mitigating security risks. I hold a Ph.D. in cyberpolitics, specializing in studying the intersection between politics and cyberspace. My research focuses on cyber security threats, online activism, and the impact of digital technologies on political processes. I have extensive experience working with government agencies, private organizations, and non-profit institutions to develop strategies for addressing cyber threats and ensuring a safe and secure digital environment. Additionally, I am an avid writer and have published various articles and research papers on cyberpolitics. -As a leading auditor, I designed, developed, deployed, and reported Enterprise Organizations IT and Information Security Audits. If you need a CISO with higher education, certification, and experience, I am here to help. When I'm not busy securing networks and systems, you can find me exploring the latest trends in cybersecurity, attending industry conferences, and expanding my knowledge through continuous learning. Feel free to reach out if you have any questions or need assistance with cybersecurity. Let's create a secure digital world together. Ibrahim AKDAG CISO CISSP|Ph.D.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Information Security Audit
    Governance, Risk Management & Compliance
    SOC 2 Report
    FedRAMP
    Compliance
    ISO 27001
    Risk Assessment
    CMMC
    NIST SP 800-53
    Penetration Testing
    Security Assessment & Testing
    Vulnerability Assessment
    Cybersecurity Management
  • $60 hourly

    • 4.9/5
    • (124 jobs)
    In the last years I did more than 100 Penetration-Tests and Security Assessments. Most of them on Web and Mobile applications with Finance Background implemented with various technologies and frameworks. (J2EE, ASP, PHP). Based on my daily work I am experienced with all common attack vectors and mitigation techniques. Since 2009 I am CISSP (Certified Information Systems Security Professional) and since 2017 I am CEH (Certified Ethical Hacker) certified. Please check also my UPWORK work history and client feedbacks. I am offering professional Black and Grey-box Penetration tests for Web and Mobile Applications. Sorry, I am not able to locate your girlfriend, recover your lost FACEBOOK, GMAIL, YAHOO etc. account or find your lost phone. Please do not invite me to such jobs. Before I start offensive tests, I may ask you for evidence that you are the site owner or to show me that you have admin access.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    App Development
    Internet Security
    Certified Information Systems Security Professional
    Security Analysis
    Wireless Security
    Java
    Network Security
    Penetration Testing
  • $30 hourly

    • 5.0/5
    • (114 jobs)
    Currently based in east coast USA, I am a seasoned IT professional with over 15 years of experience in multiple domains in IT such as Information Security and auditing, IT Project Management, IT Infrastructure Management, IT Operations, Business Analysis, Business Continuity and DR planning etc. Last worked as the Head of IT for five years in the Sri Lankan business of AIA Group, which is the largest insurance company in the world. I am now working as a freelance Consultant and accolade with the status 'TOP RATED' in Upwork. My skills are supported by industry leading professional and academic qualifications:- - Master of Science in Project Management from AeU - Malaysia - Certified Information Security Manager (CISM) from ISACA - USA - Certified Information Systems Auditor (CISA) from ISACA - USA - Certified in Risk & Information Systems Controls (CRISC) from ISACA - USA - Certified Data Privacy Solutions Engineer(CDPSE) from ISACA - USA - Certified Information Systems Security Professional (CISSP) from ISC2 - USA - HealthCare Information Security and Privacy Practitioner (HCISPP) from ISC2 - USA - GIAC Certified Intrusion Analyst (GCIA) from SANs USA - GIAC Continuous Monitoring Certification (GMON} from SANs USA - Project Management Professional (PMP) from PMI - USA - Working knowledge in ITIL V3 I have expert knowledge in multiple disciplines: **Information Security** - Development of Information Security Policies/ Procedures and Standards aligned to ISO27001/2 or NIST standards. - Development of Security Baseline Documents - Vulnerability Assessments and Penetration Testing (VAPT) - Assist in responding to Security Questionnaires - Risk Management Documentation - Business Continuity and Disaster Recovery Plans (DRP) - Cloud Security Enhancements - Good working knowledge on HIPAA, PCI DSS, ISO, GDPR, NY CRR500, FERPA etc. - Any other Information Security Related Tasks **Project Management** - Development of Business cases, Project Plans, Project Initiation Documents, Project Risk Logs and any other projects related documents and templates. - Developing Project Management Frameworks - Implementation assistance on Project Management tools such as Wrike or Asana - Project Management Support **Information Systems (IS) Auditing** - Develop Audit Programs - Conduct IS Audits (General Controls) - Conduct Specialized Audits (Cloud computing/Active Directory/ MS SQL etc) - Regulatory Compliance Reviews **IT Technical & Academic Writing** - User manuals both graphical/ text based and animated (simulations) - Undertake IT technical and academic writing on Information Security, Project Management or any other suitable topic. Passion and commitment keeps me fully engaged with clients to always deliver more value. Please get in touch and looking forward to work with you. Fluent in English and contactable through Upwork, Skype or WhatsApp Thank you
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Information Security Audit
    Splunk
    Academic Writing
    Project Management Professional
    Information Technology Operations
    Technical Writing
    System Administration
    IT Management
    Network Security
    Security Policies & Procedures Documentation
    Security Assessment & Testing
  • $150 hourly

    • 5.0/5
    • (5 jobs)
    I am an experienced penetration tester and adjunct professor with years of experience and the following certs: OSCP, PNPT, eCPPTv2, GPEN, GWAPT, CISSP, PenTest+, Sec+, and many more. Owner of DispareoSecurity.com
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Ethical Hacking
    Vulnerability Assessment
    Network Security
    Penetration Testing
  • $125 hourly

    • 3.9/5
    • (122 jobs)
    EXPERTISE M365 Azure Active Directory Intune Microsoft Defender Google Workspace Email migrations Mail records DNS Domains Information Security Windows Servers Email flow and troubleshooting • Technology Management • Information Security and Auditing • Vendor Management • Infrastructure Development and Architecture • Employee Development • Collaboration • Change Management • Project Management and Tracking • On Premise and Cloud migrations • Networking • Budgeting and Resource Management Technical Support
    vsuc_fltilesrefresh_TrophyIcon Information Security
    Microsoft Office
    Domain Migration
    Technical Support
    IT Management
    DNS
    Information Technology
    Office 365
    Solution Architecture
    Information Technology Operations
    Incident Management
  • $60 hourly

    • 5.0/5
    • (83 jobs)
    I am a Certified Compliance and Ethics Professional - International (provided by SCCE). I have an Advanced Diploma in Accounting and Business (provided by ACCA). I am ACCA certified. I have 13 years of experience in Compliance, Internal Audit, and Risk Management in Fortune 500 companies in diverse industries (Information Technology, Financial Services, Pharmaceuticals, FMCG, Telecom, and others). I am an experienced professional with a proven track record of delivering profitability, sustainable business growth, operational optimization, and driving innovation. My areas of focus: 1. FCPA, UKBA Compliance. 2. AML/CTF. 3. KYC (Due Diligence). 4. Information Security (ISO 27001, SOC2, NIST). 5. Data Privacy (GDPR, HIPAA, CCPA, PECR, etc). 6. PCI:DSS Compliance. 7. Risk Management (ERM). 8. Internal Audit. 9. Contracts and Policies writing. 10. MSA and ADA compliance. Feel free to contact me whenever it will be convenient for you. Looking forward to hearing from you and hope for our productive cooperation. Regards,
    vsuc_fltilesrefresh_TrophyIcon Information Security
    ISO 27001
    Information Security Audit
    ISO 9001
    PCI
    Policy Writing
    GDPR
    Anti-Money Laundering
    IT Compliance Audit
    Due Diligence
    Internal Control
  • $85 hourly

    • 4.9/5
    • (41 jobs)
    Security engineer and technical editor/writer specializing in cybersecurity architecture, operations, compliance/audit readiness, vulnerability scanning/pen testing, and technical documentation. Experience drafting security policies/procedures, and conducting cybersecurity framework mapping/pre-audit prep for NIST, PCI DSS, SOC2, HIPAA, HITRUST, GDPR, ISO 27001, and privacy and security frameworks. Proven track record of technical team and project management.
    vsuc_fltilesrefresh_TrophyIcon Information Security
    HIPAA
    Technical Documentation
    NIST SP 800-53
    ISO 27001
    Technical Writing
    IT Compliance Audit
    SOC 2 Report
    Internet Security
    Security Infrastructure
    Application Security
    Penetration Testing
    Cybersecurity Management
    System Security
  • Want to browse more freelancers?
    Sign up

How it works

1. Post a job (it’s free)

Tell us what you need. Provide as many details as possible, but don’t worry about getting it perfect.

2. Talent comes to you

Get qualified proposals within 24 hours, and meet the candidates you’re excited about. Hire as soon as you’re ready.

3. Collaborate easily

Use Upwork to chat or video call, share files, and track project progress right from the app.

4. Payment simplified

Receive invoices and make payments through Upwork. Only pay for work you authorize.

Trusted by

Information Security Analysts Hiring FAQs

What is an information security analyst?

With the scale and complexity of networked environments growing every year, the need for seasoned information security analysts has become more prevalent. Upwork provides access to information security talent adept at overseeing and managing risk in the areas of network security, cyber security, and endpoint security.

How do you hire an information security analyst?

You can source information security analysts on Upwork by following these three steps:

  • Write a project description. You’ll want to determine your scope of work and the skills and requirements you are looking for in an information security analyst.
  • Post it on Upwork. Once you’ve written a project description, post it to Upwork. Simply follow the prompts to help you input the information you collected to scope out your project.
  • Shortlist and interview information security analysts. Once the proposals start coming in, create a shortlist of the professionals you want to interview. 

Of these three steps, your project description is where you will determine your scope of work and the specific type of information security analyst you need to complete your project.  

How much does it cost to hire an information security analyst?

Rates can vary due to many factors, including expertise and experience, location, and market conditions.

  • An experienced information security analyst may command higher fees but also work faster, have more-specialized areas of expertise, and deliver higher-quality work.
  • A contractor who is still in the process of building a client base may price their information security analyst services more competitively. 

Which one is right for you will depend on the specifics of your project. 

How do you write an information security analyst job post?

Your job post is your chance to describe your project scope, budget, and talent needs. Although you don’t need a full job description as you would when hiring an employee, aim to provide enough detail for a contractor to know if they’re the right fit for the project.

Job post title

Create a simple title that describes exactly what you’re looking for. The idea is to target the keywords that your ideal candidate is likely to type into a job search bar to find your project. Here are some sample information security analyst job post titles:

  • Need marketing manager with experience in information data security
  • Cyber security analyst needed to oversee corporate governance project
  • Database analyst with security experience needed for financial institution

Project description

An effective information security analyst job post should include: 

  • Scope of work: From developing security policies to implementing network security strategies, list all the deliverables you’ll need. 
  • Project length: Your job post should indicate whether this is a smaller or larger project. 
  • Background: If you prefer experience with certain industries, software, or environments, mention this here. 
  • Budget: Set a budget and note your preference for hourly rates vs. fixed-price contracts.

Information security analyst job responsibilities

Here are some examples of information security analyst job responsibilities:

  • Help manage the enterprise information security infrastructure for a software development company
  • Support vulnerability review, management, and remediation efforts
  • Create the incident response plan and implement the business continuity plan 

Information security analyst job requirements and qualifications

Be sure to include any requirements and qualifications you’re looking for in an Information security analyst. Here are some examples:

  • Bachelor’s degree in IS or related field 
  • Minimum 5 years experience in vulnerability scanning and remediation
  • Excellent knowledge of Microsoft Windows and virtualization technologies
Read more
View less
Schedule a call

Looking to hire for long-term or full-time assignments? See how Full-time hiring on Upwork simplifies the process.