risk management framework

ConvoCourses Podcast: RMF ISSO Assignment SSP

January 30, 2022 by cyberaware2 Leave a Comment

RMF ISSO Assignment https://securitycompliance.thinkific.com/courses/rmf-isso-assignments-101

https://securitycompliance.thinkific.com/courses/cybersecurity

check out our courses at:
http://convocourses.com

0:00 Convocourses screen
4:29 Convocoures Big Thank you
6:11 Free Training on NIST 800-37 on Convocourses
8:11 New to the ISSO no technical background Where do I get training
19:11 CISSO vs ISSO RMF convoCourses
31:49 Have I Ever Resubmitted a Resume I have already applied for
34:30 ISSO or Cybersecurity Analyst (which should I do)
41:30 ISSO Assignment – System Description for SSP
47:30 From ISSO to SCA (my opinion)
59:52 Remote Work From Home Since 2015
01:05:00 Post Your Cybersecurity Course on Convocourses
01:11:14 Can I Become an ISSO with No Experience
01:20:49 ISSM vs ISSO roles
01:45:46 Do I Need a Masters Degree or CISSP for ISSO
01:32:04 Convocourses podcast
01:33:21 IT position for Working Remote
01:47:17 Looking for SCA Courses and Reading Comments
01:50:00 Resume Marketing for Cybersecurity IT
01:53:52 Thank you Convocourses

Podcast: Play in new window | Download

Things to read for Risk Management Framework

November 12, 2021 by Bruce Brown Leave a Comment

Many more videos on https://www.youtube.com/convocoursesshort videos at https://www.tiktok.com/@convocourses?lang=enand https://www.instagram.com/convocourseqs/https://www.facebook.com/ConvoCourses-108091850619388Podcast version of the content:https://podcasts.apple.com/us/podcast/convocourses/id1500188278 http://www.nist80037rmf.com/google_podcast

Depend on Stakeholders during Risk Management Framework

November 6, 2021 by Bruce Brown Leave a Comment

Many more videos on https://www.youtube.com/convocourses

short videos at https://www.tiktok.com/@convocourses?lang=en

and https://www.instagram.com/convocourses/

https://www.facebook.com/ConvoCourses-108091850619388

Podcast version of the content:

https://podcasts.apple.com/us/podcast/convocourses/id1500188278

http://www.nist80037rmf.com/google_podcast

Which course teaches Risk Management Framework

November 6, 2021 by Bruce Brown Leave a Comment

Many more videos on https://www.youtube.com/convocourses

short videos at https://www.tiktok.com/@convocourses?lang=en

and https://www.instagram.com/convocourses/

https://www.facebook.com/ConvoCourses-108091850619388

Podcast version of the content:

https://podcasts.apple.com/us/podcast/convocourses/id1500188278

http://www.nist80037rmf.com/google_podcast

Cybersecurity IT Job Market and the impact of Covid-19 – RMF vs Risk Assessment

March 30, 2020 by cyberaware2 Leave a Comment

We talk about the Cybersecurity IT Job Market and the impact of Covid-19. We also breakdown the differences between Risk Management Framework and Risk Assessment

Podcast: Play in new window | Download

remote opportunity cybersecurity risk management framework RMF job

January 27, 2020 by cyberaware2 Leave a Comment

check out the Cyber Security & IT Resume course:
https://securitycompliance.thinkific.com/courses/resume-marketing-for-cyber-security-it
Coupon code: resumefeb2020
50% off (expires 29 Feb 2020)

check out the remote work course:
https://securitycompliance.thinkific.com/courses/find-it-remote-work

Check out the job:
Job Title: Cybersecurity Risk Management Framework SME
Location: #RemoteJob (#WorkfromHome)
Duration: 12 Months (Contract-to-Hire)
Job Description:
Active Secret Clearance Required

· KBRwyle is seeking candidates with Risk Management Framework (#RMF) experience to join a team of experienced RMF professionals that supports the Defense Health Agency (DHA).

Position Description:

· Primary responsibility is to perform tasks related to Assessment & Authorization (A&A) and cybersecurity under the Defense Health Agency (DHA) to obtain and maintain Authorizations to Operate (ATOs) for assigned DoD medical systems (i.e., applications, networks, devices). This position will be a part of a team developing recommended courses of action needed to transition current policies and procedures to the DHA RMF-approved processes.

Primary Responsibilities:

· Provide solutions to complex problems that require the regular use of expertise and creativity. Problems are broadly defined and solutions require the continuation of specialized theories and knowledge

· Serve as Subject Matter Expert (SME) on one or more technologies/skills related to A&A activities

· Conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs

· Actively participate in working group meetings to identify, plan, and execute strategies in response to emerging cybersecurity/RMF policies

· Attend and participate in regular A&A status meetings to facilitate progress and address potential issues of RMF system efforts

· Maintain awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes

Day-to-day tasks are contingent on related experience and assigned role, and may include the following:

· Develop, update, and/or review RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports

· Assess system compliance against NIST, DoD, and DHA security requirements to include the NIST 800-53 controls and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)

· Produce evidence as necessary to support compliance status of NIST, DoD, and DHA security requirements

· Work with system administrators, engineers, and developers to create or update system/site policies, procedures, and process guides

Minimum Qualifications:

· BS degree and six (6) years of experience with Cybersecurity / Information Technology, or twelve (12) years of hands-on experience with Cybersecurity / Information Technology

· Demonstrated efficiency and experience in one or more of the following areas:

· RMF package development, including POA&Ms (mitigation statements), Security Plans, Risk Assessments, system/site policies, procedures, and processes, architecture diagrams, and hardware and software inventories

· Assured Compliance Assessment Solution (ACAS) and Host Based Security System (HBSS)

· DISA STIGs/SRGs validation

· NIST 800-53 control validation

· Continuous Monitoring and Risk Scoring (CMRS)

· RMF policy development and strategy implementation

· BIOMED experience (former technician, physician, engineer, etc.) installing, testing, using, maintaining, designing, and/or modifying medical equipment and applications

· Demonstrated experience with Risk Management Framework (experience under DHA a plus)

· Excellent customer service and organization skills

· Excellent oral and written communication skills

· Familiarity with NIST publications

· Active DoD Secret security clearance

· DoD 8570-compliant (CompTIA Security+ certified)

· Ability to obtain OS certification or complete approved related training within 180 days of hire

· Ability to travel up to 25-35%

· Experience with eMASS

360 Mt. Kemble Avenue, Suite 2000 | Morristown, NJ 07960
Office: 973.507.7582 | Fax: 973.998.2599
siddartha.s@artech.com | www.artech.com