• Skip to main content
  • Skip to primary sidebar

ConvoCourses

Cyber Security Compliance and IT Jobs

  • Cyber Security Training
  • about me.
  • Information Assurance Jobs

8570

Convocourses Cybersecurity Workforce

September 6, 2020 by Leave a Comment

Here is what you need to know about the Cybersecurity workforce.

Audio ONLY:
http://www.nist80037rmf.com/wp-content/uploads/2020/09/Cybersecurity-Convocourses-the-cybersecurity-work-force.mp3

http://www.nist80037rmf.com/wp-content/uploads/2020/09/Cybersecurity-Convocourses-the-cybersecurity-work-force.mp3

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Google Podcasts | Pandora | iHeartRadio | Stitcher | TuneIn | Deezer | RSS

Filed Under: convocourses, cyberspace workforce, podcast Tagged With: 8140, 8570, cyberspace workforce, workforce

ConvoCourse PodCast: Security Awareness Training

August 28, 2020 by Leave a Comment

This is an intro to NIST AT security controls (Security Awareness Training for an organization). To see a deeper dive into this and other NIST security controls check out http://convocourses.com

Filed Under: convocourses, podcast Tagged With: 8140, 8570, AT, awareness training, NIST security awareness training

cybersecurity compliance project manager alexandia VA job

February 22, 2020 by Leave a Comment

check out the courses:
http://convocourses.com

Job Title: #Cybersecurity #Compliance Project Manager
Job Location: Alexandria, VA, US
Project Length: Long Term

Clearance Requirement: Active Secret clearance.

Key Role:
Serve as a Task Lead responsible for the creation of a Cybersecurity Governance, Risk, and Compliance (GRC) team assessment program for a DoD organization. Design, develop, and implement the assessment program independently to measure Cyber GRC metrics, determine readiness for audits and inspections based on DoD policies and NIST standards, identify risks, and provide automated remediation plans. Work to improve communication and enhance the organization’s security posture through risk assessment preparation. Perform blind, non-punitive readiness assessments for organizational units to provide a preparatory remediation plan for upcoming inspections. Measure the effectiveness of the GRC programs and provide leadership with an unfiltered view of the organization’s security posture, measuring the balance between its objectives and risk profile. Recommend strategic enhancements and structural improvements for a compliance division.

Basic Qualifications:
10+ years of experience with Cybersecurity.
Ability to design, develop, and manage the implementation of risk assessment process methodology and tools, including eMASS.
Ability to communicate effectively and professionally in a fast-paced client-environment.
BA or BS degree in a Technology, IT, or Cybersecurity field.
DoD 8140 and 8570 IAM level II Certification.

Additional Qualifications:
Experience with GRC and assessment processes.
Experience with DoD 8500 series, NIST SP 800 series, DoD regulations, and instructions, including DoDI 8140-01, DoDI 8530.01, CJCSI 6510.01, and the Risk Management Framework (RMF).
Experience with briefing senior government officials at the General Officer and SES-levels.
PMP Certification.

Direct: 703-653-0218
karthik@param-solutions.com
https://recruiting-as-a-service.param…

https://param-solutions.com/careers

Filed Under: cyberspace workforce, DIARMF Jobs, Information Assurance Jobs, information system compliance, IT Security Jobs, Risk Management For DoD IT, security compliance Tagged With: 8570, and the Risk Management Framework (RMF), CJCSI 6510.01, cybersecurity compliance, dod 8530, DoDI 8140-01, DoDI 8530.01, emass, grc, nist 800, NIST 800-37, NIST 800-53, pmp, program management, security compliance

information assurance engineer maryland Aberdeen

April 16, 2019 by Leave a Comment

check me out on:
https://securitycompliance.thinkific.com

the Job:
Job Title: Information Assurance Engineer
Location: Aberdeen, MD
Position Type: Full Time

Clearance: Minimum Interim Secret

Must Have IAT Level 3 Certification.

Job Description:
Provides security engineering designs and implementation in all aspects of Information Assurance and Information Security (InfoSec) Engineering.
Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security designs; implements security designs in hardware, software, data, and procedures;
verifies security requirements; performs system certification and accreditation planning and testing and liaison activities, and supports secure systems operations and maintenance.
Mandatory Skills:
Demonstrated experience performing IA activities in support of software and system requirements, design, development, testing and sustainment
Experience with employment of IA requirements, policies, and processes to include authorization and accreditation as part of the RMF process
Experience with risk and vulnerability assessments and mitigation
Demonstrated ability to provide guidance on Intelligence Community (IC) Cyber/IA regulations and requirements to senior customers, senior LM leaders, and the program engineering staff
Experience with Security Information and Event Management (SIEM) correlation tools, Scanning (Nessus), and Host Based
Security System (HBSS)
Please provide the following information
Rate Expectation:
Full Name:
Contact No:
Alternate contact (if any):
Email address:
Current Location:
Relocation:
Availability:
Visa status

Kindly share your detailed resume at zoeyw@etalentnetwork.com

If you are qualified and interested in making a change or know of a friend who might have the required qualifications, please call me ASAP at (877) 733-3555 Ext.267, even if we have spoken recently about a different position. If you do respond via e-mail please include a daytime phone number so I can reach you. In considering candidates, time is of the essence, so please respond ASAP. Thank you.

Sincerely yours,
ZoeyWest
E TalentNetwork

Home


8251 Greensboro Drive, Suite 250
McLeanVA
zoeyw@etalentnetwork.com
(877) 733-3555 Ext.267

Filed Under: cyberspace workforce, Information Assurance, Information Assurance Jobs, information system compliance, IT Security Jobs, risk jobs, Risk Management For DoD IT, security compliance Tagged With: 8570, cyber, cybersecurity, HBSS, IA, IAT, information assurance, information assurance engineer, infosec, maryland, nessus, Risk Management Framework (RMF) for DoD Information Technology (IT), rmf, security engineer, SEIM, SIEM

dodd 8140 cyberspace workforce management

January 11, 2016 by Bruce Brown Leave a Comment

What is the DoD Directive 8140?
DoD 8140, Cyberspace workforce will supersede DoD 8570 as the guide for selecting the personnel with the correct certifications, skills and experience.

Where is the DoDD 8140.01, Cyberworkforce going?
8140 manual may mirror an ongoing initiative that has a lot more categories. Those high level categories would be under a National Initiative for Cybersecurity Education (NICE) framework:

Security Provision, Maintain and Operate, Protect & Defend, Analyze, operate & collect, Oversight & Development and Investigate.

These categories are broken down further into a sum total of 31 tasks. It was supposed to be released in 2013, but there is actually no telling when it will come out.

http://diarmfs.com
niccs.us-cert.gov

Filed Under: cyberspace workforce, NIST Security Framework, risk management, Risk Management For DoD IT, roles Tagged With: 8140, 8570, cyber workforce, cyberworkforce, dod 8570, dodd 8140, dodd 8140 cyberspace workforce, National Initiative for Cybersecurity Education, NICCS, NICE, rmf

DoDD Cyberspace Workforce Management 11 Aug 2015

September 23, 2015 by Bruce Brown Leave a Comment

The Department of Defense finally released the Directive for Cyberspace workforce management on 11 Aug 2015.  This means that the DODI (instruction) is not far behind.  The instruction will be more in the weeds.  It is where the “magic happens”.  Directives are very high level policy that gives instructions their power to exist.

Cyberspace Workforce Management – http://www.dtic.mil/whs/directives/corres/pdf/814001_2015_dodd.pdf

The Cyberspace Workforce Management directive does the following:

  • Reissues and renumbers DoD Directive (DoDD) 8570.01 (Reference (a)) to update and expand established policies and assigned responsibilities for managing the DoD cyberspace workforce.
  • Authorizes establishment of a DoD cyberspace workforce management council to ensure that the requirements of this directive are met.
  • Unifies the overall cyberspace workforce and establishes specific workforce elements (cyberspace effects, cybersecurity, and cyberspace information technology (IT)) to align, manage and standardize cyberspace work roles, baseline qualifications, and training requirements.

Cyberspace Workforce Applies to:

  • Office of the Secretary of Defense (OSD)
  • Military Departments (Army, Navy, Air Force, Marines)
  • Office of the Chairman of the Joint Chiefs of Staff (CJCS) and the Joint Staff
  • Combatant Commands
  • Office of the Inspector General of the Department of Defense (IG DoD)
  • Defense Agencies
  • Field Activities
  • DoD Components

It is DoD policy does the following:

  • Maintains a total force management perspective to provide qualified cyberspace government civilian and military personnel to identified and authorized positions, augmented where appropriate by contracted services support. These personnel function as an integrated workforce with complementary skill sets to provide an agile, flexible response to DoD requirements.
  • [Make sure] the appropriate mix of military and government civilian positions and contracted support designated to perform cyberspace work roles is determined in accordance with DoD Instruction (DoDI) 1100.22 (Reference (b))
  • Civilian, military, and contracted support personnel assigned to perform cyberspace work roles must meet qualification standards established in supporting issuances, in addition to other existing workforce qualification and training requirements assigned to billets and position requirements (e.g., acquisition, intelligence, communications).
  • DoD Component compliance with this directive is monitored via authoritative manpower and personnel systems as an element of mission readiness and as a management review item.
  • Nothing in this directive replaces or infringes the responsibilities, functions, or authorities of the DoD Component heads or other OSD officials as prescribed by law or Executive order, assigned in chartering DoDDs, or detailed in other DoD policy issuances or, as applicable, in Director of National Intelligence policy issuances.
  • All authorized users of DoD IT receive initial cybersecurity and information assurance awareness orientation as a condition of access, and thereafter must complete annual cybersecurity and information assurance refresher awareness.

8570_to_8140_01_2015_dodd

Filed Under: cyberspace workforce, Risk Management For DoD IT Tagged With: 8140, 8570, cyber workforce, cyberwork, dodd 8140, dodd 8140 cyberspace workforce, workforce

  • Go to page 1
  • Go to page 2
  • Go to Next Page »

Primary Sidebar

search


This book is an overview of how the NIST SP 800-37 risk management framework works from the perspective of an information system security officer (ISSO).

also available on Amazon!

View Book

NIST RMF 800-37 templates
Free 800-37 templates

The NIST 800 Template download contains a .doc file template and xls templates for POAMs, Federal, State, cloud based and a legacy template as well as resources where you can find more on NIST 800-37 documents for your use.

View Book

Learn to Make 6 Figures in CyberSecurity

Cyber Security How to make up to 6 Figures
6 figures in Cyber Security

This course explains how I have been able to consistently make 6 figures doing cyber security. There is a method that I have used during my development in cyber security. I am presenting that method to you.

View Course

Teleworking - IT Remote Work
Teleworking – IT Remote Work

Teleworking is something I have been doing for the last 5 years. This is how I did it.

Find Teleworking IT Jobs

View Course

RMF ISSO Foundations Training
RMF ISSO Foundations Training

RMF ISSO Foundations

I was an Information System Security Officer (ISSO) doing Risk Management Framework (NIST SP 800-37) for over a decade. I am a Cybersecurity veteran and I can explain (in plain English) what you DO in the Risk Management Framework process as an ISSO.

View Course

NIST SP 800-37 Presentation
NIST SP 800-37 Presentation

View Course

login

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Posts

  • Technical Jobs that allow Telecommuting / Remote Work
  • Access Control Family: AC-5, Separation of Duties
  • Access Control Family: AC-6, Least Privilege
  • Cybersecurity Convocourses: Assessors Point of View
  • Access Control Family: AC-4 Information Flow Enforcement

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Comments

  • http://Www.Finance.Ipt.Pw/ on SRG/STIG Applicability Guide and Collection Tool Update
  • Elsa7 on ConvoCourses podcast: Cyber Security day to day activity
  • Tony on STIG Update – DISA has released the Microsoft SQL Server 2016 STIG Version 1
  • horloge on SCAP Compliance Checker SCC)
  • 218 Information assurance Success Criteria – ITSECURITYSURVIVAL.COM on Information Assurance Vulnerability Alert

Tags

8140 8570 ArcSight c&a CISSP convocourses cyber cybersecurity cyber security DIACAP DIARMF diarmf - implement disa DISA STIG dodd 8140 dodd 8140 cyberspace workforce HBSS IA implement implementation info assurance information assurance information security ISSO it jobs it jobs in usa job jobs Linux mcafee network nist nist risk management framework nist risk management framework 800-37 podcast risk risk assessment risk management risk management framework rmf security STIG stigs unix windows

Copyright © 2022 · Author Pro on Genesis Framework · WordPress · Log in

Posting....