Information System Security Officer Training.
- Buy now
- Learn more
Module 1: Introduction

Promo Video (REGISTER TO WATCH PREVIEW)
Intro
Who is an ISSO?
Job Environment
Qualifications
Things you should know
Responsibilities and daily tasks prt1
Responsibilities and daily tasks prt2
Responsibilities and daily tasks prt3
RMF Rev. 2
RMF Continued: Prepare
Prepare
Categorize
Select
Implement
Assess
Authorize
Monitor
Summary
RMF (Driver's License Analogy)
Blank ISSO Resume Template to complete.docx
Module One Quiz
How to Use the Blank Resume Template
Blank ISSO Resume Template to complete.docx
Module 2: Cybersecurity Basics

What is Cybersecurity?
The CIA Triad: The 3 Pillars of Security
Integrity
Availability
Separation of Duties
Job Rotation and Mandatory Leave
Risk Management Framework (RMF)
Common Roles and Responsibilities
Top Down Approach
Control Frameworks
Due Care and Due Diligence
Compliance
Privacy
Privacy Continued
European Union Privacy Laws
GDPR
Computer Crime
MOM
How Data Breaches Occur
Threats: Virus, Trojan, Logic bomb, Worm, Bot, Rootkit, Spyware, Spam
BIA
Business Continuity Plan (BCP)
Disaster Recovery Sites
Threat Modeling
OWASP
DoS and DDoS Attacks
Man-in-the Middle Attacks
Social Engineering
Types of Social Engineering
Types of security controls
RAT and Backdoor
Adware
Keylogger
Data Protection
Wireless Security
Ports
OS Hardening
Multifactor Authentication
Identifying Authentication Factors
Mobile Security
Social Media
What is Networking?
Networking
Quiz
Module 3: Duties

Attending Meetings
Types of Meetings
Conducting PTAs and PIA
Lab: Completing a PTA
Incident Response
Scenario_Incident Response
Questions to ask
Responding Back
Data Calls
Change Management
Developing ISAs
ISA Walk-through
Developing MOU/MOA (MEMORANDUM OF UNDERSTANDING or AGREEMENT)
Reviewing and Developing Contingency Plan Documentation
Contingency Plan (ISCP) Intro
SIA (Security Impact Analysis)
SIA Walkthrough
Security Controls
NIST 800-53 Rev 5
Site for viewing Security Controls
AC Controls
AC-3
NIST Control Families
Developing an SSP part 1
Developing an SSP part 2
FedRAMP-Overview.pdf
Module 4: Risk Management Framework (RMF)

RMF
RMF Rev2 Part1
Prepare (New Phase)
RMF Analogy (Building a House)
Prepare Analogy
Categorize Analogy
Select Analogy
Implement Analogy
Assess Analogy
Authorize Analogy
Monitor Analogy
RMF House Analogy House Summary
Driver's License Analogy
Main Roles and their Objectives
RMF Phases and Roles in Real World
Prepare Phase
Categorize Phase
How to categorize an information system
Kickoff
Case Study Kickoff Meeting
Kickoff Walkthrough
SDLC
Class Project Categorize LCM
Class Project Categorize LCM Walkthrough
Entering System Categorization in SSP
SAP (Security Assessment Plan)
Selecting Controls Class Project LCM
Selecting Common Controls
Selecting Common controls continued (Hybrid Controls)
Implementing Security Controls
Upload Artifacts and Contact Assessor
Assess Security Controls
Evidence Review Tips
Reviewing Security Controls Artifacts
2 Main Roles and thier Objectives.
System Information XYZ system
ISSO and SCA Duties in a Nutshell
A to Z break down Prepare to Implementation
A to Z break down Assessment to Monitor
Quiz (Categorize Information System)
Select Phase Tasks
Selecting security Controls: What is a Security Control?
Select Phase Types of Controls Management Technical and Operational
Select Phase Common control System Specific Control and Hybrid Control
Select Phase: NIST 800-53 and FIPS 200
Select Phase NIST Website and SSP Templates
Select Phase: NIST Control Families
Select Phase: Low, Moderate, High and Enhancements
Select Phase Tailoring
Baseline and Benchmark
Implement 1
Implement Documenting Implementation Statements
Assess Tasks
Assess SAP 2
Assess Evidence Review Tips
Conducting the assessment
Assessment Using the SAP worksheet
Assess Phase: Entering Assessment Observations
Assess SAP 1
Assess Phase: SAR
Assess Phase: Documenting the Findings in the SAR
Assess Phase: Remediation Actions
Assess Phase: POA&M Report
Assess Phase: Documenting Plan of Action and Milestones POA&Ms
Authorize Phase
Monitor Phase
Monitor Phase Part 2
NIST 800-37 Rev 2 (Free)
Module 5: Finding a Job

Finding a Job
Finding a Job with no Experience
Job Search Sites
Job Search Sites Indeed
Job Search Sites Glassdoor
Job Market
Background Investigation
Module 6: Interview Questions and Tips

Tips on finding a Job
The Interview
Things to do before you go for an Interview
Interview process
Interview Tips 1st Call
Interview Questions PDF
Interview Questions
ISSO Salary Indeed
Interview Tips 2nd Call
Interview Tips: In-person interview
Interview Tips: Skype interview
Negotiating your Salary.
Researching your Salary
Company Reviews, Salaries on Glassdoor.
Module 7: Things You Should do in Your First Week

Things You Should do in Your First Week
Module 8: 7 Step Playbook to Get Hired

7 Step Playbook to Get Hired in Cybersecurity
7 Step Playbook to Get Hired in Cybersecurity
Module 9: Resources: Templates, Forms, Guides, Cheat Sheets

NIST.SP.800-53r5
NIST.SP.800-18r1
Templates
NIST.FIPS.199
nistspecialpublication800-137
nistspecialpublication800-64r2
nist.sp.800-53ar4
POA&M Template
Security Controls Assessor Resume Template
nist.sp.800-37r1
ATO Letter Template
Cybersecurity Links to free online Resources
FAQ Monitor Phase
FAQ Categorize Phase
FAQ Select Phase
Career Advice Pocket Guide
ATO Process Cheat Sheet.pdf
Resume_John Doe_ISSO_.docx
Module 10: A Day in the Life of an ISSO

ISSO Tips
https://www.youtube.com/watch?v=wKv1zXazblc&t=70s
Module 11: CGRC Certification Exam Prep

CGRC Exam Outline and Exam Requirements
How to Pass The CGRC Part 1
How To Pass The CGRC Exam Part 2
CGRC-Exam-Outline.pdf
Exam Prep Questions
Module 12: Developing Your Resume

Developing Your Resume.
Developing Your Resume part 2
Resume_John Doe_ISSO_.docx
Resume Template For Security Control Assessor
Resume Roles and Responsibilities list.pdf
Using The Roles and Responsibilities List to Update your Resume
ASK a QUESTION

Ask a Question
Asking a question Guidelines Part 1
Asking a question Guidelines Part 2
FAQ (Frequently Asked Questions)
Outro
Q&A

Live Q&A Session 7/14/21
Zoom Q&A Session
Coaching Session 3-30-22

Information System Security Officer Training.

Get the skills needed to land a Cybersecurity GRC job, from Novice to Pro. No technical skills needed. It is all self-paced which means you can start anytime. includes: Resume prep Resume Template Interview prep Salary negotiation CGRC bootcamp Hands on exercises (not technical) Forms, templates/resources Certificate of completion Chat box to ask questions Monthly live via Zoom sessions