• Skip to main content
  • Skip to primary sidebar

ConvoCourses

Cyber Security Compliance and IT Jobs

  • Cyber Security Training
  • about me.
  • Information Assurance Jobs

security compliance

RMF ISSO Security Controls Docs Updates

November 6, 2021 by Bruce Brown Leave a Comment

Sign up for free at http://convocourses.com for deeper dives.  

Many more videos on https://www.youtube.com/convocourses

short videos at https://www.tiktok.com/@convocourses?lang=en

and https://www.instagram.com/convocourses/

https://www.facebook.com/ConvoCourses-108091850619388

Podcast version of the content:

https://podcasts.apple.com/us/podcast/convocourses/id1500188278

http://www.nist80037rmf.com/google_podcast

Filed Under: convocourses, DIARMF, diarmf - select, security compliance Tagged With: ISSO, IT Security Jobs, rmf, RMF ISSO Security Controls Docs Updates, security controls

Should I get security plus or experience first Q&A

November 6, 2021 by Bruce Brown Leave a Comment

Sign up for free at http://convocourses.com for deeper dives.  

Many more videos on https://www.youtube.com/convocourses

short videos at https://www.tiktok.com/@convocourses?lang=en

and https://www.instagram.com/convocourses/

https://www.facebook.com/ConvoCourses-108091850619388

Podcast version of the content:

https://podcasts.apple.com/us/podcast/convocourses/id1500188278

http://www.nist80037rmf.com/google_podcast

Filed Under: convocourses, IT Certifications, IT Security Jobs, NIST Security Framework, risk management, security compliance Tagged With: IT job, IT jobs for beginners, security, security plus, Should I get security plus or experience first Q&A

ISSO NIST Security Control Family Interpretation

March 27, 2021 by Leave a Comment


The interpretation of baseline controls and enhancements is one of most common question that I get. That’s why I made that other course about it:
https://securitycompliance.thinkific.com/courses/rmf-isso-security-controls-documentation

This course interprets and breaks down NIST security controls. We explain what’s going on in a simple practical way. This is something that I wish somebody would have done for me but as if you’ve been looking out there’s not a lot of people doing this.

Filed Under: Information Assurance, security compliance Tagged With: interpret security control, security controls

RMF ISSO Mentorship and Security Control Course

February 22, 2020 by Leave a Comment


Sign up for free:
http://convocourses.com

Filed Under: certification & accreditation, cyberspace workforce, diarmf - implement, security compliance Tagged With: convocourses, RMF course, security controls

cybersecurity compliance project manager alexandia VA job

February 22, 2020 by Leave a Comment

check out the courses:
http://convocourses.com

Job Title: #Cybersecurity #Compliance Project Manager
Job Location: Alexandria, VA, US
Project Length: Long Term

Clearance Requirement: Active Secret clearance.

Key Role:
Serve as a Task Lead responsible for the creation of a Cybersecurity Governance, Risk, and Compliance (GRC) team assessment program for a DoD organization. Design, develop, and implement the assessment program independently to measure Cyber GRC metrics, determine readiness for audits and inspections based on DoD policies and NIST standards, identify risks, and provide automated remediation plans. Work to improve communication and enhance the organization’s security posture through risk assessment preparation. Perform blind, non-punitive readiness assessments for organizational units to provide a preparatory remediation plan for upcoming inspections. Measure the effectiveness of the GRC programs and provide leadership with an unfiltered view of the organization’s security posture, measuring the balance between its objectives and risk profile. Recommend strategic enhancements and structural improvements for a compliance division.

Basic Qualifications:
10+ years of experience with Cybersecurity.
Ability to design, develop, and manage the implementation of risk assessment process methodology and tools, including eMASS.
Ability to communicate effectively and professionally in a fast-paced client-environment.
BA or BS degree in a Technology, IT, or Cybersecurity field.
DoD 8140 and 8570 IAM level II Certification.

Additional Qualifications:
Experience with GRC and assessment processes.
Experience with DoD 8500 series, NIST SP 800 series, DoD regulations, and instructions, including DoDI 8140-01, DoDI 8530.01, CJCSI 6510.01, and the Risk Management Framework (RMF).
Experience with briefing senior government officials at the General Officer and SES-levels.
PMP Certification.

Direct: 703-653-0218
karthik@param-solutions.com
https://recruiting-as-a-service.param…

https://param-solutions.com/careers

Filed Under: cyberspace workforce, DIARMF Jobs, Information Assurance Jobs, information system compliance, IT Security Jobs, Risk Management For DoD IT, security compliance Tagged With: 8570, and the Risk Management Framework (RMF), CJCSI 6510.01, cybersecurity compliance, dod 8530, DoDI 8140-01, DoDI 8530.01, emass, grc, nist 800, NIST 800-37, NIST 800-53, pmp, program management, security compliance

POAM (an overview) Part 1

April 23, 2019 by Leave a Comment

Check out the courses at: https://securitycompliance.thinkific.com

Here is the POAM template I was looking at:
https://www.fedramp.gov/developing-a-plan-of-actions-milestones/
https://www.fedramp.gov/assets/resources/templates/FedRAMP-POAM-Template.xlsm

PM-4 PLAN OF ACTION AND MILESTONES PROCESS
The organization:
a. Implements a process for ensuring that plans of action and milestones for the security program and associated organizational information systems:

1. Are developed and maintained;

2. Document the remedial information security actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation; and

3. Are reported in accordance with OMB FISMA reporting requirements.

b. Reviews plans of action and milestones for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.

Filed Under: DIARMF, diarmf - implement, information system compliance, security compliance Tagged With: plan of action and milestone, POAM

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to Next Page »

Primary Sidebar

search


This book is an overview of how the NIST SP 800-37 risk management framework works from the perspective of an information system security officer (ISSO).

also available on Amazon!

View Book

NIST RMF 800-37 templates
Free 800-37 templates

The NIST 800 Template download contains a .doc file template and xls templates for POAMs, Federal, State, cloud based and a legacy template as well as resources where you can find more on NIST 800-37 documents for your use.

View Book

Learn to Make 6 Figures in CyberSecurity

Cyber Security How to make up to 6 Figures
6 figures in Cyber Security

This course explains how I have been able to consistently make 6 figures doing cyber security. There is a method that I have used during my development in cyber security. I am presenting that method to you.

View Course

Teleworking - IT Remote Work
Teleworking – IT Remote Work

Teleworking is something I have been doing for the last 5 years. This is how I did it.

Find Teleworking IT Jobs

View Course

RMF ISSO Foundations Training
RMF ISSO Foundations Training

RMF ISSO Foundations

I was an Information System Security Officer (ISSO) doing Risk Management Framework (NIST SP 800-37) for over a decade. I am a Cybersecurity veteran and I can explain (in plain English) what you DO in the Risk Management Framework process as an ISSO.

View Course

NIST SP 800-37 Presentation
NIST SP 800-37 Presentation

View Course

login

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Posts

  • Technical Jobs that allow Telecommuting / Remote Work
  • Access Control Family: AC-5, Separation of Duties
  • Access Control Family: AC-6, Least Privilege
  • Cybersecurity Convocourses: Assessors Point of View
  • Access Control Family: AC-4 Information Flow Enforcement

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Comments

  • http://Www.Finance.Ipt.Pw/ on SRG/STIG Applicability Guide and Collection Tool Update
  • Elsa7 on ConvoCourses podcast: Cyber Security day to day activity
  • Tony on STIG Update – DISA has released the Microsoft SQL Server 2016 STIG Version 1
  • horloge on SCAP Compliance Checker SCC)
  • 218 Information assurance Success Criteria – ITSECURITYSURVIVAL.COM on Information Assurance Vulnerability Alert

Tags

8140 8570 ArcSight c&a CISSP convocourses cyber cybersecurity cyber security DIACAP DIARMF diarmf - implement disa DISA STIG dodd 8140 dodd 8140 cyberspace workforce HBSS IA implement implementation info assurance information assurance information security ISSO it jobs it jobs in usa job jobs Linux mcafee network nist nist risk management framework nist risk management framework 800-37 podcast risk risk assessment risk management risk management framework rmf security STIG stigs unix windows

Copyright © 2022 · Author Pro on Genesis Framework · WordPress · Log in

Posting....