Cyber Security Compliance and IT Jobs
The interpretation of baseline controls and enhancements is one of most common question that I get. That’s why I made that other course about it:
https://securitycompliance.thinkific.com/courses/rmf-isso-security-controls-documentation
This course interprets and breaks down NIST security controls. We explain what’s going on in a simple practical way. This is something that I wish somebody would have done for me but as if you’ve been looking out there’s not a lot of people doing this.
Sign up for free:
http://convocourses.com
check out the courses:
http://convocourses.com
Job Title: #Cybersecurity #Compliance Project Manager
Job Location: Alexandria, VA, US
Project Length: Long Term
Clearance Requirement: Active Secret clearance.
Key Role:
Serve as a Task Lead responsible for the creation of a Cybersecurity Governance, Risk, and Compliance (GRC) team assessment program for a DoD organization. Design, develop, and implement the assessment program independently to measure Cyber GRC metrics, determine readiness for audits and inspections based on DoD policies and NIST standards, identify risks, and provide automated remediation plans. Work to improve communication and enhance the organization’s security posture through risk assessment preparation. Perform blind, non-punitive readiness assessments for organizational units to provide a preparatory remediation plan for upcoming inspections. Measure the effectiveness of the GRC programs and provide leadership with an unfiltered view of the organization’s security posture, measuring the balance between its objectives and risk profile. Recommend strategic enhancements and structural improvements for a compliance division.
Basic Qualifications:
10+ years of experience with Cybersecurity.
Ability to design, develop, and manage the implementation of risk assessment process methodology and tools, including eMASS.
Ability to communicate effectively and professionally in a fast-paced client-environment.
BA or BS degree in a Technology, IT, or Cybersecurity field.
DoD 8140 and 8570 IAM level II Certification.
Additional Qualifications:
Experience with GRC and assessment processes.
Experience with DoD 8500 series, NIST SP 800 series, DoD regulations, and instructions, including DoDI 8140-01, DoDI 8530.01, CJCSI 6510.01, and the Risk Management Framework (RMF).
Experience with briefing senior government officials at the General Officer and SES-levels.
PMP Certification.
Direct: 703-653-0218
karthik@param-solutions.com
https://recruiting-as-a-service.param…
https://param-solutions.com/careers
Check out the courses at: https://securitycompliance.thinkific.com
Here is the POAM template I was looking at:
https://www.fedramp.gov/developing-a-plan-of-actions-milestones/
https://www.fedramp.gov/assets/resources/templates/FedRAMP-POAM-Template.xlsm
PM-4 PLAN OF ACTION AND MILESTONES PROCESS
The organization:
a. Implements a process for ensuring that plans of action and milestones for the security program and associated organizational information systems:
1. Are developed and maintained;
2. Document the remedial information security actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation; and
3. Are reported in accordance with OMB FISMA reporting requirements.
b. Reviews plans of action and milestones for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.
Check out how I am able to get all these offers: https://securitycompliance.thinkific.com
More on that #splunk job: Sr Advanced Splunk / IT Security Specialist https://careers-gdms.icims.com/jobs/35104/job
POC: quan.nguyen@gd-ms.com 443-755-8136 (O)
Bachelor’s degree in a related specialized area or equivalent is required plus a minimum of 8 years of relevant experience; or Master’s degree plus a minimum of 6 years of relevant experience.
Knowledge Skills and Abilities: Senior Splunk Administrator Advanced knowledge of backend operating systems to implement, maintain, configure, and remediate issues (UNIX/Linux/Windows) Knowledge of operating systems and networking. Understanding of SIEM & logging fundamentals. Understanding of SOC Monitor and Response fundamentals. Experience in any type of SIEM – Splunk, Arcsight, Log Rhythm, etc. Experience with implementation of SIEM products and tools. Understanding of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc. Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix Knowledge of applications, databases, middleware to address security threats against the same. Proficient in preparation of reports, dashboards and documentation Excellent communication and leadership skills Ability to handle high pressure situations with key stakeholders Good Analytical skills, problem solving and Interpersonal skills Working knowledge and experience with MS office with proficiency in Excel Preferred degree types and experience: The leading candidate will have a Bachelor’s Degree in Computer Science, a related field, or equivalent experience. with a minimum of 5 years of experience in a SOC, or an Associates Degree in Computer Science, Information Systems, Cyber Security, or related discipline with a minimum of 7 years of experience in a SOC. Strong candidates will have previous experience working with users; possess a talent for problem-solving as well as organization and time management skills.
Desired Certifications: CISSP, Network +, Security + (or other applicable certifications)
check me out on:
https://securitycompliance.thinkific.com
the Job:
Job Title: Information Assurance Engineer
Location: Aberdeen, MD
Position Type: Full Time
Clearance: Minimum Interim Secret
Must Have IAT Level 3 Certification.
Job Description:
Provides security engineering designs and implementation in all aspects of Information Assurance and Information Security (InfoSec) Engineering.
Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security designs; implements security designs in hardware, software, data, and procedures;
verifies security requirements; performs system certification and accreditation planning and testing and liaison activities, and supports secure systems operations and maintenance.
Mandatory Skills:
Demonstrated experience performing IA activities in support of software and system requirements, design, development, testing and sustainment
Experience with employment of IA requirements, policies, and processes to include authorization and accreditation as part of the RMF process
Experience with risk and vulnerability assessments and mitigation
Demonstrated ability to provide guidance on Intelligence Community (IC) Cyber/IA regulations and requirements to senior customers, senior LM leaders, and the program engineering staff
Experience with Security Information and Event Management (SIEM) correlation tools, Scanning (Nessus), and Host Based
Security System (HBSS)
Please provide the following information
Rate Expectation:
Full Name:
Contact No:
Alternate contact (if any):
Email address:
Current Location:
Relocation:
Availability:
Visa status
Kindly share your detailed resume at zoeyw@etalentnetwork.com
If you are qualified and interested in making a change or know of a friend who might have the required qualifications, please call me ASAP at (877) 733-3555 Ext.267, even if we have spoken recently about a different position. If you do respond via e-mail please include a daytime phone number so I can reach you. In considering candidates, time is of the essence, so please respond ASAP. Thank you.
Sincerely yours,
ZoeyWest
E TalentNetwork
8251 Greensboro Drive, Suite 250
McLeanVA
zoeyw@etalentnetwork.com
(877) 733-3555 Ext.267