Cloud Controls Matrix

Back to discussions
Expand all | Collapse all

Looking for Team Leader - CCM to CSF Mapping project

  • 1.  Looking for Team Leader - CCM to CSF Mapping project

    Posted Sep 12, 2022 08:28:00 AM
    Edited by Lefteris Skoutaris Sep 13, 2022 08:32:50 AM

    Dear members,

    CSA and the CCM WG are looking to fill a "team leader" position for a CCMv4 - NIST CSF v1.1 mapping project that is going to kick-off at some point at the end of September.

    The CCM WG is interested in conducting a mapping and gap analysis exercise between the latest CCM v4.0. and the current NIST CSF v1.1. This project, when completed, will enable organizations to identify equivalent requirements (overlaps) between the two standards, but also CCM control requirements that are missing (deltas) in the CSF.

    Purpose:

    To lead the teams of experts conducting the mapping in order to make sure that both the CCM & CSF controls & their control objectives are correctly interpreted and well mapped by the group of experts (who will be assigned to conduct the mapping).

    Team Leader responsibilities:

    • Delegate responsibilities to a group of experts conducting the mapping.
    • Use the CCM WG mapping methodology and objectives to guide the work of the experts.
    • Involve all experts in the decision making in the scope of the mapping project.
    • Judge items in or out of project scope for the group.
    • Ensure mapping's correctness, consistency and completeness.

    What we're looking for in a team leader:

    • 7+ years of experience in cloud security
    • Extended theoretical and practical knowledge of both CCM V4 and NIST CSF.
    • Recorded experience in the implementation/assessment of both CCMv4 and NIST CSF control frameworks
    • Experience in managing similar groups, committees, and/or conferences
    • Previous participation or technical contributions in related communities
    • Ability to satisfy the time commitment

    CCM WG meetings cadence:

    • CCM WG has 2 call sessions, one is weekly, the other biweekly.
    • Team leader is needed to attend at least our biweekly calls to guide the group, reply to inquiries, refine the mapping, check on progress. 

    Project duration:

    The overall project duration is going to be approx. 3-4 months.

    Support:

    All other managerial/administrative tasks related to the project will be handled by the CCM WG Program manager.

    Candidates are kindly invited to also provide a short bio and how it relates to the team leader position.

    Candidates will then be chosen by the CCM WG leadership team (i.e., the co-chairs of the WG).

    Anyone that satisfies the above criteria is welcome to share their interest until September 23rd by sending an email to me ([email protected]).

    Best regards,

    ------------------------------
    Eleftherios Skoutaris
    Program Manager
    Cloud Security Alliance
    ------------------------------