Securitatea internetului Jobs

Senior Zscaler engineer needed to guide me over the shoulder while I rebuild the foundational pieces of our ZPA/ZIA setup. I drive the consoles; you advise in real time and explain the why behind each setting. Context: A current implementation works but isn't scalable, security-focused, or aligned with best practice. Goal is to reset the foundation so those problems don't carry forward, built to a strong security bar, with a structure that scales cleanly across employees, contractors, admins, and third parties without rework. Constraint: Okta SSO is operational and out of scope. ZIdentity group/role binding is on a separate track. Work fits around both. In scope: - Hardened pre-auth machine tunnel with the strongest realistic device trust model - Least-privilege pre-logon acc...

I need a certified cybersecurity professional to determine whether my personal Android phone has been subjected to unauthorized access and to help me regain full, lawful control of every component that may have been touched. The device is the only confirmed target right now; however, if traces lead to email or social channels I will widen the scope with you. Your investigation must be forensically sound so that any evidence you uncover can stand up to scrutiny should I decide to take legal action. I am expecting a hands-on approach that covers log collection, malware/spyware scanning, vulnerability mapping, and clear recommendations on how to close every gap you find. Where recovery steps are needed—password resets, two-factor reconfiguration, data restoration—I want you ...

I need an expert to respond to a Trojan malware infection. Key Requirements: - Identify and contain the infection - Remove the Trojan and secure the network - Provide a detailed incident report - Recommend preventive measures for the future Ideal Skills and Experience: - Strong background in incident response - Expertise in dealing with Trojan malware - Relevant certifications (CISSP, CEH, etc.) - Proven track record of successful malware removal

Înregistrează-te sau Conectează-te pentru a vedea detaliile.

I run an EU-registered consultancy delivering cybersecurity services to mid-market and enterprise clients in France and broader Europe. I'm building a roster of cybersecurity engineers I can engage on a recurring basis as client missions come in — not a one-off project. What I'm looking for : A cybersecurity engineer (mid-level acceptable, 3+ years hands-on) able to deliver vulnerability assessments and penetration tests on: - Network infrastructure (internal/external) - Web applications (OWASP Top 10, API security) - Cloud environments (AWS, Azure, or GCP — at least one) Required : - At least one recognized certification: OSCP, CEH, CompTIA PenTest+, or equivalent (please state which in your bid) - Hands-on experience with Nmap, Burp Suite, Metasploit, OWASP ZAP, a...

A recent malware incident on our server has left several database files renamed with a “.p2k” extension and rendered unreadable. These files hold mission-critical operational data and, unfortunately, there are no usable backups to fall back on. I need an experienced specialist who can: • Analyse the infected samples, identify the exact encryption or packing method the malware used, and safely extract or reproduce any required keys. • Restore every affected .p2k file to a fully functional database format that can be opened in its original application. • Document the full recovery workflow so we can repeat the process should more files surface and so we can harden the environment against reinfection. Acceptance criteria • At least one damaged file is r...

I’m building an automated model that scans Solidity code on the Ethereum network and flags three critical weaknesses—reentrancy, arithmetic overflow/underflow, and access-control flaws. What I need from you is a working detection engine: it can be rule-based, machine-learning, formal-verification driven, or a hybrid, as long as it reliably pinpoints those issues in typical ERC-20/721 style contracts and produces a clear, human-readable report. I’ll provide sample contracts (both vulnerable and safe) so you can tune precision and recall; feel free to augment with publicly available datasets such as SWC Registry examples. Because this is Ethereum-only work, please focus on Solidity syntax quirks, common library usage (OpenZeppelin), and the nuances of the EVM. If you le...

I need a thorough security audit that examines our network perimeter, our internally-developed web and mobile applications, and the policies we rely on to stay aligned with compliance and governance standards. The goal is to obtain a clear, evidence-based view of where our current controls succeed, where they fail, and which vulnerabilities demand immediate remediation. Here is what the engagement should cover: • Network security – vulnerability assessment, configuration review, segmentation and firewall rule analysis • Application security – code-level and runtime testing aligned with OWASP, including authentication, data handling and session management checks • Compliance and governance – gap analysis against the relevant framework (ISO 27001, NIST ...

We are looking for an experienced cybersecurity OSINT researcher to support an external threat intelligence and exposure monitoring platform. This is a long-term opportunity for someone who understands the cyber threat landscape and can efficiently identify, validate, and document publicly available threat intelligence from open and legally accessible sources. Responsibilities: Monitor publicly accessible threat intelligence sources, including: Security forums, Telegram channels, Paste sites, Public breach disclosures, Open-source intelligence (OSINT) sources. Identify credible and relevant intelligence related to: Credential exposures, Data leaks, Public code exposure, Threat actor discussions, Initial access broker activity, Infrastructure exposure Verify and validate findings before...

I need an experienced ethical hacker to dive deep into my web application and pinpoint any security weaknesses before they can be exploited in the wild. The sole objective is to identify vulnerabilities, not to gain or provide unauthorized access for malicious purposes. You’ll have full permission to run a comprehensive penetration test against the live site (or a staging clone, if you prefer). Feel free to use the tools you trust most—Burp Suite, OWASP ZAP, Metasploit, custom scripts—so long as the process is legally compliant and doesn’t disrupt service for genuine users. At the end of the engagement I expect: • A clear, well-structured report detailing every vulnerability you uncover, proof-of-concept evidence, risk ratings, and practical remediation advic...

I run a data-rich learning management system that prepares students for judiciary exams. The platform is currently hosted on Lovable Cloud and was built with the Lovable framework. Before we open the doors to paying users, I need a thorough security and stability sweep, a clean migration to Hostinger, and a seamless Stripe checkout flow. Security audit • Focus first on user authentication: session handling, password policies, token expiration, brute-force prevention, and any other weak spots you uncover. • Document every finding, rate its severity, and propose concrete fixes. I will need a concise technical report plus an executive summary I can share with non-technical stakeholders. Bug fixing & hardening Apply the agreed-upon fixes, retest, and confirm that previous...

I want a seasoned security professional to probe my site from every angle and show me—plainly—where a hacker would slip in. My main worry is outright breaches, not just compliance check-boxes, and at the moment I only have the usual basic plugins and a standard SSL certificate in place. You’ll need to run a full vulnerability assessment and light penetration test, review server and application configurations, and evaluate any code that touches the public web. Feel free to bring out Burp Suite, OWASP ZAP, Nikto, or whatever toolset you trust; I’m interested in real-world exploitability, not generic scanner output. Please deliver: • A concise report detailing each weakness, its risk level, and clear remediation steps • A prioritised action plan I c...

I need an experienced ethical hacker to dive deep into my web application and pinpoint any security weaknesses before they can be exploited in the wild. The sole objective is to identify vulnerabilities, not to gain or provide unauthorized access for malicious purposes. You’ll have full permission to run a comprehensive penetration test against the live site (or a staging clone, if you prefer). Feel free to use the tools you trust most—Burp Suite, OWASP ZAP, Metasploit, custom scripts—so long as the process is legally compliant and doesn’t disrupt service for genuine users. At the end of the engagement I expect: • A clear, well-structured report detailing every vulnerability you uncover, proof-of-concept evidence, risk ratings, and practical remediation advic...

Our regional payment subdomain is being flagged by Google Safe Browsing and other security filters as a "potential phishing threat," preventing members from processing payments. We need a technically competent freelancer to diagnose the root cause, implement a secure subdomain solution under our primary corporate domain, and restore trust. Background Primary domain: [Corporate domain managed by headquarters] Payment subdomain: [Regional payment portal — currently flagged] Current impact: Members are discouraged by browsers to proceed, even blocked; payment abandonment is high, credibility is being lost Scope of Work Phase 1: Root Cause Diagnosis (REQUIRED FIRST) Before any fixes, you must: [ ] Scan the payment subdomain for malware, suspicious scripts, or compromise indica...

Our organisation runs a geographically-distributed Wide Area Network and I want independent confirmation that the data moving across it cannot be intercepted, decoded, or manipulated. The engagement is limited to traffic analysis and sniffing on the live WAN links; firewall rule-sets and router configurations are out of scope unless you discover something during capture that clearly ties back to them. Scope • Perform lawful, ethical interception of packet flows on agreed WAN segments. • Analyse captured traffic for clear-text credentials, session fixation, protocol misconfiguration, or other weaknesses that could lead to privilege escalation or data leakage. • Attempt non-disruptive proof-of-concept exploits only where traffic analysis indicates a realistic attack pat...

I need a CapCut-savvy editor to turn raw clips into polished educational pieces aimed at the general public. The footage is already organised; what’s missing is your touch: clear cuts, smooth pacing, readable on-screen text, and light music or ambient sound that never distracts. I favour a clean, simple style—minimal transitions, consistent lower-thirds, and colour that feels natural rather than over-graded. Each finished video will run 3–6 minutes and must be optimised for YouTube and TikTok (9:16 and 16:9 versions). Deliverables • Final exports in 1080p (H.264) for both aspect ratios • Source CapCut project file with organised layers • Embedded captions (srt + burned-in) • One rounds of minor revisions within 48 hours of delivery If ...

More details: ما هو سبب إزالة مقطع الفيديو؟ +21 video posted in a non-consensual manner ما هي الخطوة التي اتخذتها لمطالبة إزالة الفيديو؟ اتصال بإدارة الموقع هل تلقيت أي رد من إدارة الموقع؟ لا، لم أتلقَ أي رد

Title: Cybersecurity Lab Setup + Structured PCAP Dataset (Strict Project Workflow) Description: I need a freelancer to complete the initial phase of a cybersecurity project, strictly following a structured workflow until a properly generated and labeled PCAP dataset is produced. This is NOT a simple PCAP generation task — the work must follow the correct academic methodology step-by-step. Scope of Work (Must Follow This Order): 1. Lab Design & Setup Build an isolated virtual lab environment (VirtualBox or VMware only) Use 3–4 virtual machines: Kali Linux → Attacker Windows Server → Target server Windows Client → Normal user traffic (Optional but preferred) Ubuntu/Security Onion → Traffic monitoring Configure: Internal/host-only network (fully isolate...

I run all outbound messages through a custom SMTP server, yet too many land in spam and certain promotional sequences show the lowest open rates. I want a clear, data-backed explanation of why this is happening and a concrete path to reliable inbox placement. The scope covers a full inspection of the delivery stack: authenticating SPF, DKIM and DMARC records, DNS propagation, mail-server and MTA settings, sending cadence, IP and domain reputation, blacklist status, and the raw headers produced by each message type. Once root causes of the spam placement are identified, the fixes should be applied and verified. Deliverables • Detailed audit report that maps every issue to its impact on deliverability and lists actionable fixes in priority order. • Corrected and fully ali...

I am seeking a professional US-Based consultation to evaluate and potentially challenge a significant failure in Information Security governance and Incident Response (IR) at a major R1 university. I am currently navigating a situation involving a persistent, log-evasive intrusion where the institution has leveraged the significant power asymmetry inherent in large bureaucracies to circumvent accountability. I am looking for CISO-level expertise to dismantle a "no record found" defense that was manufactured through intentional administrative delay. **The core pillars of this case include:** * **Failure of Notice:** The institution was provided with explicit, immediate notice of a breach and data loss on 11/27. Despite this "on-notice" status, they remained unresponsive ...

Scope of Work * Perform security assessment of web application (Python/Django) and APIs * Test authentication, authorization (RBAC), and session management * Identify vulnerabilities (e.g., SQLi, XSS, command injection, API abuse) * Assess Linux and Windows endpoint agents for: * Privilege escalation risks * Service configuration and permissions * Secure communication (TLS) * Evaluate on-prem server security: * Open ports/services * OS hardening * User access and permissions * Conduct network security testing: * Data in transit (encryption) * Internal communication paths * Review installation and deployment process: * RPM/package security * Configurations and secrets handling ⸻ Deliverables * Detailed security report with severity ratings * Proof ...

My site was taken offline by my UK host after it started broadcasting attacks. I need the infection completely removed and the core CMS, plugins, themes and server-side code cleaned so the host will re-enable the account. Once the immediate threat is gone, I also want regular security updates and monitoring so I am not caught out again. If you can set up automated scans, timely patching and a simple monthly report, that would be ideal. I do not yet have any formal compliance obligations, but please build the solution so it can be tightened later should specific requirements arise. Key outcomes I expect: • All malware, backdoors and suspicious files eradicated • Clear documentation of what was found and fixed • Hardening of WordPress, server configs and user credenti...