You will get a NIST-based security program developed and deployed
Blue C.
You will get a NIST-based security program developed and deployed
Blue C.
Gap Assessment
This assessment is a building block for your security program.
- Delivery Time 30 days
- Small Company Size
- Medium Company Size
- Large Company Size
30 days
delivery —
Oct 14, 2024
Revisions may occur after this date.
Upwork Payment Protection
Fund the project upfront. Blue gets paid once you are satisfied with the work.
Project details
OUR BACKGROUND & EXPERTISE
• Security Industry Knowledge
Our principals have on average over 20 years’ experience in IT, information security, risk management, and domain specialty areas to include governance, architecture, engineering, and leadership.
• Business Subject Matter Expertise
DOD trained and federally appointed staff for challenges that face today’s business landscape in the role of an IT security auditor and certification agent for complex third-party systems with more than $800 million in annual capital (CAPEX) and operational expenses (OPEX).
• Innovative Strategy & Outcomes
Our approach is innovative in terms of assessing the current requirements, then designing a straightforward plan for successful outcomes based on the current state and unique challenges.
• Expert Certifications & Credentials
•Certified Information Systems Security Professional (CISSP)
•Certified Information Systems Security Engineering Professional (ISSEP)
•Certified Information Security Manager (CISM)
•Certified in Governance of Enterprise IT (CGEIT)
• Security Industry Knowledge
Our principals have on average over 20 years’ experience in IT, information security, risk management, and domain specialty areas to include governance, architecture, engineering, and leadership.
• Business Subject Matter Expertise
DOD trained and federally appointed staff for challenges that face today’s business landscape in the role of an IT security auditor and certification agent for complex third-party systems with more than $800 million in annual capital (CAPEX) and operational expenses (OPEX).
• Innovative Strategy & Outcomes
Our approach is innovative in terms of assessing the current requirements, then designing a straightforward plan for successful outcomes based on the current state and unique challenges.
• Expert Certifications & Credentials
•Certified Information Systems Security Professional (CISSP)
•Certified Information Systems Security Engineering Professional (ISSEP)
•Certified Information Security Manager (CISM)
•Certified in Governance of Enterprise IT (CGEIT)
Cybersecurity Expertise
Data Protection, Risk Assessment, Gap AnalysisCybersecurity Regulation
CMMC, ISO, HIPAA, NIST Cybersecurity Framework, SOC 2What's included
Service Tiers |
Starter
$12,000
|
Standard
$36,000
|
Advanced
$50,000
|
---|---|---|---|
Delivery Time | 30 days | 70 days | 1 day |
Small Company Size | |||
Medium Company Size | |||
Large Company Size |
Optional add-ons
You can add these on the next page.
Additional Hours
+$175About Blue
A Computerworld 100 Leader | US Vet | vCISO | CMMC | NIST RMF | CMS
Richardson, United States - 6:29 pm local time
-implement GRC objectives, controls, and leading governance frameworks;
-develop cyber risk management policy, process, and standards;
-engineer enterprise security programs and system security plans;
-assess, audit, and identify cybersecurity risks;
-determine cyber risk management priorities;
-coordinate remediation actions and plans;
-manage continuous diagnostics; and
-administer vendor relations.
A strategic change agent and innovative problem solver in fast-paced and fluid environments. A team leader, continually mentoring and empowering staff through vision, training, guidance, and motivation. Professional certifications plus in-depth expertise in the following cybersecurity and risk management domains: Digital Information Security Governance; Systems Security Engineering, Risk Assessment (Audit); Cyber Risk Management, Compliance, and Continuous Quality Assurance. Specialization in developing quality based management systems using NIST, ISO, FIPS, CERT/CC, IATF, and IEEE standards resulting in efficient and cost-saving cyber risk management programs, policy, process, and capabilities.
Specialties include: FISMA, RMF, CJIS, HIPAA, CMS ARS, FFIEC,
SOX, GLBA, PCI DSS, IRS 1075, Information Assurance Technical
Framework (IATF), Systems Security Engineering (ISSE) Process,
IEEE 12207, ISO 15288, NIST 800-18, NIST 800-34, NIST 800-39,
NIST 800-53, NIST 800-160, and ISO 27001:2013 Lead Auditor.
Other credentials:
-NSA/CNSS: 4012, 4015, and 4016
-NSA INFOSEC Evaluation Methodology (NSA IEM)
-NSA INFOSEC Assessment Methodology (NSA IAM)
-Federal / US Navy Fully Qualified Certification Agent #I-0140
Steps for completing your project
After purchasing the project, send requirements so Blue can start the project.
Delivery time starts when Blue receives requirements from you.
Blue works on your project following the steps below.
Revisions may occur after the delivery date.
Step 1
The client purchases the project and sends requirements.
Step 2
The project is planned and executed via the project plan shared with the client.