• Skip to main content
  • Skip to primary sidebar

ConvoCourses

Cyber Security Compliance and IT Jobs

  • Cyber Security Training
  • about me.
  • Information Assurance Jobs

NIST Security Framework

NIST SP 800-53, Revision 5 Security Controls for Information Systems and Organizations – 1 overview

September 5, 2018 by Leave a Comment

NIST SP 800-53, Revision 5 Security Controls for Information Systems and Organizations – 1 overview

To download the slide go to:
https://securitycompliance.thinkific.com

NIST Special Publication 800-53, Revision 5
Security and Privacy Controls
Final Public Draft: October 2018
Final Publication: December 2018
Source: https://csrc.nist.gov/projects/risk-m…

NIST Special Publication 800-53A, Revision 5
Assessment Procedures for Security and Privacy Controls
Initial Public Draft: March 2019
Final Public Draft: June 2019
Final Publication: September 2019

There are 6 major objectives for this update—
-Making the security and privacy controls more outcome-based by changing the structure of the controls;

-Fully integrating the privacy controls into the security control catalog creating a consolidated and unified set of controls for information systems and organizations

-Separating the control selection process from the actual controls: systems engineers, software developers, enterprise architects; and mission/business owners

-Promoting integration with different risk management and cybersecurity approaches and lexicons, including the Cybersecurity Framework

-Clarifying the relationship between security and privacy to improve the selection of controls necessary to address the full scope of security and privacy risks

Filed Under: DIARMF, diarmf - implement, diarmf - select, information system compliance, NIST Security Framework, risk management Tagged With: NIST 800-53, nist sp 800-53, Revision 5 Security Controls for Information Systems and Organizations, risk management framework, rmf

DIACAP Compliance Engineer and Information Assurance Lead Jobs (risk management framework)

July 9, 2018 by Leave a Comment

Role: DIACAP Compliance Engineer
Location: Tarrytown, NY
Duration: 6+ months

Enterprise Solution Inc.
500 E. Diehl Road, Suite 130, Naperville, IL 60563
Office: # 630-214-9485
E-Mail : pradyut@enterprisesolutioninc.com
Gmail : pradyut10.esi@gmail.com

Title: Information Assurance Lead
Location: Aberdeen, MD
Client: Federal
Duration: Full Time

Home


8251 Greensboro Drive, 9th Floor

McLean VA 22102
yogeshk@etalentnetwork.com

Office: (877) 715-3865 Ext.328

I get people contacting me every week about jobs all around the US! Today, I am going to show you a couple that I received recently. I hope that it will give you some idea of what employers and contracts look for in security compliance professionals.

Filed Under: Assurance Technology, certification & accreditation, DIACAP, DIARMF, Information Assurance, Information Assurance Jobs, information system compliance, IT Security Jobs, NIST Security Framework, risk management, Risk Management For DoD IT, security compliance Tagged With: DIACAP compliance engineer, Information Assurance Lead, rmf

NIST 800 37 Revision 2 – RMF for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

June 28, 2018 by Leave a Comment

NIST 800 37 Revision 2 Risk Management Framework for Information Systems and Organizations A System

Download the presentation in this Video & Learn more here:

http://securitycompliance.thinktific.com

This is an overview of NIST 800-37 Revision 2. I discuss the changes, the sources and Cybersecurity Framework.

NIST Special Publication 800-37, Revision 2
Risk Management Framework for Security and Privacy
Initial Public Draft: May 2018
Final Public Draft: July 2018
Final Publication: October 2018

NIST 37-800 Rev 2:
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r1.pdf

Executive Order:
https://www.whitehouse.gov/presidential-actions/presidential-executive-order-strengthening-cybersecurity-federal-networks-critical-infrastructure/

OMB:
https://www.whitehouse.gov/sites/whitehouse.gov/files/omb/memoranda/2017/M-17-25.pdf

Cybersecurity Framework:
https://www.nist.gov/sites/default/files/documents/cyberframework/cybersecurity-framework-021214.pdf

NIST SP 800-53 (Revision 5):
https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/draft

Source of Changes:
President’s Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Office of Management and Budget Memorandum M-17-25 – next-generation Risk Management Framework (RMF) for systems and organizations
NIST SP 800-53 Revision 5 Coordination

Filed Under: cyberspace workforce, DIARMF, information system compliance, NIST Security Framework, risk management Tagged With: 800-37, NIST 800 37 Revision 2, risk management framework, Risk Management Framework for Information Systems and Organizations A System, rmf

Risk Management Framework NIST SP 800-18 System Security Plan intro

August 22, 2016 by Bruce Brown Leave a Comment

This is an introduction to the NIST Special Publication 800-18, System Security Plan. We walk through why you need a System Security Plan and some of the main elements of the System Security Plan.

#SSP, #NIST,#systemsecurity,#security,#rmf

 

Filed Under: cyberspace workforce, diarmf - implement, diarmf - select, NIST Security Framework, risk management Tagged With: nist 800-18, ssaa, ssp, system security plan

IT Security Career Risk Management Framework

July 18, 2016 by Bruce Brown Leave a Comment

So you want to get into Information Technology? Well what do you want to do in IT because there are many different branches of it. I would suggest going into IT security, specifically, Risk Management Framework. It is a very specialized field.

You will need to know the fundamental of IT security. The basics on what goes into securing important data and their hardware. You will also need to have at least a little knowledge of technology and its history. You will need to know a LOT about NIST SP 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems”. You will need to dive into NIST SP 800-53, “Security and Privacy Controls for Federal Information Systems and Organizations”.

Since not many people want to do this work, or even know about it, there is not much competition. They are always looking for qualified people to do it. What you will need is a 4 year degree (preferably in something technical), an IT certification in security (Security+, ISC2 CAP, CISSP, CASP, CISM,CISA) and a lot of knowledge on NIST 800-37.

 

Filed Under: cyberspace workforce, DIARMF, Information Assurance, NIST Security Framework, risk jobs, roles Tagged With: risk management framework, rmf

dodd 8140 cyberspace workforce management

January 11, 2016 by Bruce Brown Leave a Comment

What is the DoD Directive 8140?
DoD 8140, Cyberspace workforce will supersede DoD 8570 as the guide for selecting the personnel with the correct certifications, skills and experience.

Where is the DoDD 8140.01, Cyberworkforce going?
8140 manual may mirror an ongoing initiative that has a lot more categories. Those high level categories would be under a National Initiative for Cybersecurity Education (NICE) framework:

Security Provision, Maintain and Operate, Protect & Defend, Analyze, operate & collect, Oversight & Development and Investigate.

These categories are broken down further into a sum total of 31 tasks. It was supposed to be released in 2013, but there is actually no telling when it will come out.

http://diarmfs.com
niccs.us-cert.gov

Filed Under: cyberspace workforce, NIST Security Framework, risk management, Risk Management For DoD IT, roles Tagged With: 8140, 8570, cyber workforce, cyberworkforce, dod 8570, dodd 8140, dodd 8140 cyberspace workforce, National Initiative for Cybersecurity Education, NICCS, NICE, rmf

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Interim pages omitted …
  • Go to page 5
  • Go to Next Page »

Primary Sidebar

search

Learn to Make 6 Figures in CyberSecurity

Cyber Security How to make up to 6 Figures
6 figures in Cyber Security

This course explains how I have been able to consistently make 6 figures doing cyber security. There is a method that I have used during my development in cyber security. I am presenting that method to you.

View Course

Teleworking - IT Remote Work
Teleworking – IT Remote Work

Teleworking is something I have been doing for the last 5 years. This is how I did it.

Find Teleworking IT Jobs

View Course

RMF ISSO Foundations Training
RMF ISSO Foundations Training

RMF ISSO Foundations

I was an Information System Security Officer (ISSO) doing Risk Management Framework (NIST SP 800-37) for over a decade. I am a Cybersecurity veteran and I can explain (in plain English) what you DO in the Risk Management Framework process as an ISSO.

View Course

NIST SP 800-37 Presentation
NIST SP 800-37 Presentation

View Course

login

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Posts

  • ConvoCourses podcast: Cyber Security day to day activity
  • ConvoCourses podcast – Cyber Security Therapy Sessions
  • ConvoCourses podcast: privacy protection overview resume review
  • Listing Lab work on Cybersecurity Resume
  • My Security Control Assessor Course

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Comments

  • horloge on SCAP Compliance Checker SCC)
  • 218 Information assurance Success Criteria – ITSECURITYSURVIVAL.COM on Information Assurance Vulnerability Alert
  • Disa Help Desk | VinHomesData.com on STIG Update – DISA has released the Oracle Java Runtime Environment (JRE) 8 STIG Version 1
  • Bruce Brown on DIARMF – Continuous Monitoring
  • dpresbit on DIARMF – Continuous Monitoring

Tags

8140 8570 ArcSight c&a CISSP colorado cyber cybersecurity cyber security denver DIACAP DIARMF diarmf - implement disa DISA STIG dodd 8140 dodd 8140 cyberspace workforce HBSS IA implement implementation info assurance information assurance information security ISSO job jobs Linux mcafee nist nist risk management framework nist risk management framework 800-37 podcast risk risk assessment risk management risk management framework rmf security SIEM STIG stigs unix VMWare windows

Copyright © 2021 · Author Pro on Genesis Framework · WordPress · Log in