Category Archives: information system compliance

diacap tarry town

DIACAP Compliance Engineer and Information Assurance Lead Jobs (risk management framework)

Role: DIACAP Compliance Engineer
Location: Tarrytown, NY
Duration: 6+ months

Enterprise Solution Inc.
500 E. Diehl Road, Suite 130, Naperville, IL 60563
Office: # 630-214-9485
E-Mail : pradyut@enterprisesolutioninc.com
Gmail : pradyut10.esi@gmail.com

Title: Information Assurance Lead
Location: Aberdeen, MD
Client: Federal
Duration: Full Time

Home


8251 Greensboro Drive, 9th Floor

McLean VA 22102
yogeshk@etalentnetwork.com

Office: (877) 715-3865 Ext.328

I get people contacting me every week about jobs all around the US! Today, I am going to show you a couple that I received recently. I hope that it will give you some idea of what employers and contracts look for in security compliance professionals.

3_NIST SP 800-37 (rev 2) changes

NIST 800 37 Revision 2 – RMF for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

NIST 800 37 Revision 2 Risk Management Framework for Information Systems and Organizations A System

Download the presentation in this Video & Learn more here:

http://securitycompliance.thinktific.com

This is an overview of NIST 800-37 Revision 2. I discuss the changes, the sources and Cybersecurity Framework.

NIST Special Publication 800-37, Revision 2
Risk Management Framework for Security and Privacy
Initial Public Draft: May 2018
Final Public Draft: July 2018
Final Publication: October 2018

NIST 37-800 Rev 2:
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r1.pdf

Executive Order:
https://www.whitehouse.gov/presidential-actions/presidential-executive-order-strengthening-cybersecurity-federal-networks-critical-infrastructure/

OMB:
https://www.whitehouse.gov/sites/whitehouse.gov/files/omb/memoranda/2017/M-17-25.pdf

Cybersecurity Framework:
https://www.nist.gov/sites/default/files/documents/cyberframework/cybersecurity-framework-021214.pdf

NIST SP 800-53 (Revision 5):
https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/draft

Source of Changes:
President’s Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Office of Management and Budget Memorandum M-17-25 – next-generation Risk Management Framework (RMF) for systems and organizations
NIST SP 800-53 Revision 5 Coordination

PCI DSSPCI an example of information system security framework

Information Security Framework aka System Compliance

What are Cyber Security Standards?
These are rules that put in place to protect every aspect of an information system.

Also know as information system security standards, information security framework, security system compliance, information system compliance, risk management framework. There are also many types that specialize on different functions of a given industry. For example the medical industry has a standard for protecting patient information called HIPAA which is an acronym for the Health Insurance Portability and Accountability Act that was passed by Congress in 1996. And there is a standard for protecting point of sale and merchant systems called PCI. There are many others.. but the mission is the same… to protect the confidentiality, availability and integrity of important data.