Cyber Security Compliance and IT Jobs
Sign up for free at http://convocourses.com for deeper dives.
Many more videos on https://www.youtube.com/convocourses
short videos at https://www.tiktok.com/@convocourses?lang=en
and https://www.instagram.com/convocourses/
Podcast version of the content:
check out the course:
http://convocourses.com
Check out the job:
Job Details:
Job title: Data Security Analyst (0000076025)
Location: Denver, #Colorado(80203)
Estimated Duration: 01/13/2020 – 09/30/2020
Job Description:
Reports to the Director of Security Risk and Compliance or Delegate to perform activities for the oversight of the risk and compliance program.
Perform activities to reduce vulnerabilities for the overall enterprise risk management program.
Performs duties to facilitate confidentiality, integrity, and availability of systems to protect data from unauthorized users.
May require a bachelor’s degree in area of specialty and at least 5 years or more of risk management, experience working in a complex environment, and assessment of internal controls.
Has knowledge of commonly-used concepts, practices, and procedures in accordance with the #NIST #RMF (risk management framework).
The specialized individual must have previous experience with implementing an enterprise risk management (ERM) framework and applicable certifications such as CISSP, CISA, or CISM.
In addition, experience working with a Governance Risk and Compliance tool is highly desired, but not a must-have.
This individual should be a self-starter, able to provide consultative advice and able to work autonomously.
Thanks,
Have a wonderful day!!
Maddy |Technical Recruiter | Email: v.madhuri@softpath.net
Direct: 678 783 7352| Ext. 522 | Softpath System LLC | 3985 Steve Reynolds Blvd | Bldg C Norcross GA 30093 www.softpath.net
Linkedin: https://www.linkedin.com/in/maddy-johnson-270220136/
Securing and managing agency mobile apps.
WEBINAR, THU 11/10, Complimentary, CPEs
This important video webinar will explore how mobile apps
rapidly expand in agency networks and how agency experts
limit security risks while they manage mobile Web devices
to drive agency productivity and mission achievement.
REGISTRATION AND INFO
https://goto.webcasts.com/
ALTERNATE REGISTRATION LINK: www.FedInsider.com
WEBINAR TOPIC
The Framework for Mobile Security in Government
DATE: THU 11/10
TIME: 2:00 PM ET / 11:00 AM PT
DURATION: 1 hour
CPE: 1 CPE from the George Washington University,
Center for Excellence in Public Leadership
COST: Complimentary
SPEAKERS
– JON JOHNSON, Enterprise Mobility Team Manager, GSA
– VINCENT SRITAPAN, Program Manager, Cyber Security
Division, DHS Science and Technology (S&T) Directorate
– JOSHUA FRANKLIN, Information Security Engineer, NIST
– JOHNNY OVERCAST, Director of Government Sales, Samsung
Electronics America
– TOM TEMIN, Host and Managing Editor, The Federal Drive,
Federal News Radio 1500 AM
PRESENTED BY: WTOP, Federal News Radio, FedInsider News,
and The George Washington University Center for
Excellence in Public Leadership
*** OTHER GOVT-INDUSTRY CPE CREDIT EVENTS IN THE SERIES ***
Visit www.fedinsider.com
CART services provided for captioning for all webinars.
Looking forward to meeting you online!
Peg Hosky, President
Email: peg@hosky.com
Phone: 202-237-0300
www.FedInsider.com
LinkedIn: www.linkedin.com/in/peghosky
Twitter: @peghosky
FedInsider News
3811 Massachusetts Avenue NW
Washington DC 20016
F10-171912
Position: Vendor Risk Manage.
Location: Montvale, NJ
Employment Type : Full Time.
Technical/Functional Skills – MUST HAVE SKILLS:-
FISAP vendor risk assessment program execution.
ISO 27002 Domain audit/assessments.
Critical Vendor Risk Assessments .
Vendor Risk Management Program Leadership.
CISA, CISSP, or other Risk certification preferred.
Technical/Functional Skills -Good To HAVE SKILLS:-
Project management; people management;
client relationship management; excellent oral and written English communications
skilled with MS-PowerPoint; MS-Word; MS-Excel.
Driven to achieve high delivery quality and effectiveness.
Roles & Responsibilities:-
· Annual vendor risk assessment compliance program leadership.
· Vendor Risk Assessment Planning & Scheduling.
· Vendor reconnaissance and updates with owners.
· Questionnaire updates and initiation .
· Manage offshore resource(s), and their activities, results.
· Assessment Quality Assurance.
· Establish and track/validate program metrics.
· Vendor interactions and Issues management.
· High Risk Vendor Assessments & Interactions .
· Process Improvement .
· VRM Best Practices Alignment.
· Weekly, Quarterly, Ad-Hoc Reporting.
Thanks And Regards,
Ajit Rai
Ventures Unlimited Inc.
309 Fellowship Road, East Gate Center, Suite 200
Mount Laurel , New Jersey 08054.
Desk: 856-842-1988 Ext 230
Job Responsibilities/ Duties:
• Develop, consult, implement controls and documentation for the security of the system. This includes: outlining system operating environment, overall mission, physical diagrams, hardware and software inventories, configuration management, type of data processed, user organizations, security classifications, operating modes, interconnections to other systems/networks, security personnel, and other associated responsibilities.
• Oversee, develop, improve and maintain the overall security posture of the system; that includes: Information System Security Plans, Risk Ratings, Contingency Plans, Security Assessments, and Contingency Plan Tests and other associated documentation.
• Participate in the development or revision of security controls of the system and local operating procedures that are based upon regulatory, policy and industry requirements.
• Act as a consultant to system owners for the security of the system and system documentation. For example, security incident reports, equipment/software inventories, operating instructions, technical vulnerability reports, and contingency plans
• Provide expertise in classified and unclassified ratings to customers.
• Work closely with technical teams for successful Certification & Accreditation of the system that leads to ATO
• Attend ISSO training courses and sessions as required
• Perform interpretations of monthly vulnerability scan results of assigned systems
Required Training:
Senior Level IT Security Certifications (CCDP, CCNP Security, CISSP, CISM, etc.)
Education/Equivalent Training Required: Bachelor’s Degree or equivalent experience will be evaluated
Unique/Additional /Experience (Position Specifics):
Expert knowledge of FISMA and NIST Special Publications
Experience implementing, assessing and managing security controls for federal IT systems
Expert knowledge of IT security best practices
Expert knowledge of current IT security threats
Broad knowledge of IT technologies and operations
Ability to develop good working relationships with customers, colleagues and other stakeholders.
Excellent verbal and written communication skills
Ability to handle and prioritize multiple simultaneous systems, projects and other assignments.
Experience leading information security teams
Knowledge of HIPAA, FedRAMP, PCI, ISO and other standards
Location(s): District of Columbia (Metro Area),
Department: IT Security
Keywords: Certification and Accreditation, C&A, A&A, SA&A, FISMA, compliance, information assurance, ISSO, AISO, ISO, IASO and ISSM
Comments: US Citizen, US Government Suitability Determination and DoE Q Security Clearance is a Plus
|
Position Title
|
SECURITY ANALYST (INFORMATION SECURITY COMPLIANCE)
|
|
Position Id
|
6521-1
|
|
Agency
|
Department of Administration
|
|
Duration
|
4 Months
|
|
Work Location
|
Admin – 4430 Broad River Rd., Columbia, SC, 29210
|
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
• SIMULTANEOUSLY MANAGE MULTIPLE INFOSEC WORK EFFORTS
• STRONG SCHEDULE MANAGEMENT AND RESOURCE PLANNING SKILLS
• ABILITY TO WORK AT A HIGH-VOLUME AND FAST PACE
• STRONG COLLABORATOR AND STRONG ABILITY TO MEET DEADLINES
• MANAGE REGULATORY COMPLIANCE PROJECTS
• ABILITY TO IDENTIFY, MAP, AND RE-EINGINEER BUSINESS PROCESSES
REQUIRED EDUCATION/CERTIFICATIONS:
10+ YEARS OF EXPERIENCE IN INFORMATION SECURITY AND COMPLIANCE EXPERIENCE
REQUIRED CERTIFICATIONS: CISA OR CISSP OR CISM OR GSLC OR EQUIVALENT.