close

DIACAP

cyberspace workforceDIACAPDIARMFDIARMF Jobsrisk jobs

Cyber security Engineer in Monterey CA

Monterey Bay Aquarium Backview
This is Nicholas associated with 22nd Century Technologies, Inc.,(TSCTI) assessed at CMMI Level 3 is one of fastest growing IT services and solutions company with innovative approach to provide IT services and solutions to Federal, State, Local agencies and commercial clients. Incorporated in 1997, TSCTI has its corporate headquartered in New Jersey and has presence in 33 other states across the U.S including Public sector practice headquarter in DC Metro area. Find more about us at www.tscti.com
We have a position for you to work as Cyber security Engineer in Monterey CA. Please review below the full job and let us know if interested I will love to call you as per your convenience and would discuss this position in detail so that we can go ahead and submit your resume.
Please send me the updated copy of your detailed resume.
You can reach me at 908-765-0002 ext. 307 for any questions, I’m available today till 6 PM EST
Title:                                     Cyber security Engineer
Location:                             Monterey, CA
Duration:                             Full Time
Client:                                  Defense Language Institute
Certification : Security+
Duties may include:
•             Support an Information Systems Security, Education, Training, and Awareness Program.
•             support implementation and enforcement of Information Security Policies and Procedures.
•             Review and update all Information Systems Security Plans/SSPs and support certification and accreditation efforts.
•             Provide technical support in the areas of vulnerability assessment, risk assessment, and security implementation.
Technical Skills:
HBSS
ACAS
STIG
Retina, MacAfee
DIACAP
Thanks & Regards,
Nicholas Johnson
Team Lead
read more
certification & accreditationDIACAPDIARMFDIARMF ProcessRisk Management For DoD IT

DIACAP vs DoD RMF for IT vs NIST RMF

no thumb

There are differences between the old DIACAP (being phased out), DoD RMF for IT and NIST RMF. What is “DIACAP”? It stands for Department of Defense Information Assurance Certification & Accreditation Process and it is based on the old DoDI 8510.01 and DoD 8500 documents. The process was designed to make absolutely sure federal systems have security on them.

With the constant exponential evolution of information technology this process has had to change to keep up with the times. DIACAP is being replaced with DoD Risk Management Framework for Information Technology (DoD RMF for IT). This process has more granularity, more detailed, more frequent and covers many new technology that was not covered by DIACAP. DoD RMF for IT is actually based fundamentally on NIST SP 800-37, Risk Management Framework.

 

 

read more
DIACAPdiarmf - select

Risk Management Framework NIST 800-37 Step 2: Select security controls intro

no thumb

This is a quick introduction to Step 2 of the Risk Management Framework NIST 800-37 process. Step 2 involves selection of NIST Special Publication 800-53 security controls. There are (3) main tasks that you must do in this step:

1) Select the applicable baseline controls. Selection of baseline controls is based on system categorization.

2) Tailor the Security Controls to the system. Not all security controls can be used because they may break your system. And in some cases they are simply not applicable. There are also Common Controls, Hybrid controls, and system specific controls.

3) Document the Security Controls. You must document the selected security controls in a system security plan and have the security controls reviewed.

read more
certification & accreditationDIACAPDIARMF

Risk Management Framework NIST 800 Step 1 Categorization

no thumb

This is an introduction to Step 1, Categorization of the NIST SP 800-37, Risk Management Framework process. Categorization consists of three primary steps:
1) Determining the Security Categorization of the information system. This is done by breaking down the primary information types on the system. You can get great guidance on this from FIPS 199 and NIST SP 800-60 (Volume I-II).
2) Create a System Description. This is really the first step to creating a System Security Plan and it leads to registering the systems.
3) Register the system. This means that you need to advertise the the system to all the stakeholders of the system in the organization. Organizations usually have a method of doing this with a database that can be seen by upper-level management.

 

 

 

read more
certification & accreditationDIACAPDIARMFInformation AssuranceRisk Management For DoD IT

What is Risk Management Framework NIST 800 37

diarmfs cyber security

Risk Management is being aware of and taking actions to prepare for probable unfavorable outcomes.

Risk Management Framework is a process the implement risk management in an organization.

There are (6) steps to the RMF:
1. Categorize
2. Select
3. Implement
4. Assess
5. Authorize
6. Continuous Monitoring

More on the Risk Management Framework Steps here:

risk management framework steps

read more
certification & accreditationcyberspace workforceDIARMF JobsInformation Assurance Jobsrisk jobs

Information Security Certification and Accreditation (C&A) specialist

22nd Century Staffing Inc. (TSCSI)
Please review the job description below and let me know if this position is of interest to you. If it’s not a good fit for you currently, I’d still appreciate the opportunity to cultivate a working relationship with you. In getting to know you better, and in understanding your short-term and long-term career goals, it will certainly be a mutually beneficial relationship moving  forward.
Title:                            Information Security Certification and Accreditation (C&A) specialist
Location:                     Raleigh, NC
Duration:                    6 Months
Job Description:
The client seeks an Information Security Certification and Accreditation (C&A) specialist to perform C&A evaluations across multiple applications, ensuring continual compliance with federal and agency standards
Required Skills:
  • Experience with the Information Resource Security Certification and Accreditation (C&A) processes
  • Must be certified in at least one of the following:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Authorization Professional (CAP)
  • Certified Security Analyst (CSA)
  • Certified Information Security Manager (CISM)
  • Experience with assessing business system for sensitivity and criticality
  • Experience with recommending security requirements, based on generally accepted industry practices
  • Additional Provisions
  • Pass both a client mandated clearance process to include drug screening, criminal history check and credit check.
  • Once candidate’s resume is approved and interview passed, the agency is responsible for providing drug screening. Failure to submit the drug screening results will delay the security clearance process.
  • If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.
read more
1 2 3
Page 1 of 3