SynoTek, LLC

Guardrails for Cloud Platforms / Compliance as Code

We assist organizations in meeting compliance requirements by developing Compliance as Code (Guardrails) for cloud environments to automate compliance enforcement through prevention (automatically enforce compliance), detection (alerting when non-compliance occurs), and remediation (making immediate changes when non-compliance occurs). We also help in intergratating your GRC tools to automated compliance monitoring and assessment.

Certified and Experienced

Experience
CISO for a FedRAMP Authorized Cloud Service Provider.
Information Security System Manager for ISSLoB for Department of Interior (Contractor)
ISSO for Department of Commerce (Contractor)
Performing security assessments and auditing of Federal government information systems.

Frameworks and requirements include:
Federal Government (also applies to Local and State Government and Contracting companies):
NIST Cybersecurity Framework
NIST Risk Management Framework (RMF) - NIST SP-800-37
Security and Privacy Controls for Federal Information Systems and Organizations - NIST SP 800-53
Information System Continuous Monitoring (ISCM) - NIST SP 800-137
Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations - NIST SP 800-171
DoD SRG IL2, DoD SRG IL4, and DoD SRG IL5 - Defense Information Systems Agency (DISA)
Privacy Governance
Privacy Shield as required by Federal Trade Commission (FTC)
General Data Protection Regulation (GDPR)
Health Information
Health Information Privacy and Accountability Act (HIPAA) Security Rule - Health and Human Services (HHS)
Health Information Technology for Economic and Clinical Health Act (HITECH) - Health and Human Services (HHS)
CMS MARS-E
Law Enforcement
Criminal Justice Information Services (CJIS) - Federal Bureau of Investigations (FBI)

Certifications
C|CISO - Certified Chief Information Officer - EC Council
CISSP-ISSMP - Certified Information System Security Professional - Information System Security Management Professional - (ISC)2
CGRC - Certified Governance, Risk, and Compliance - (ISC(2
CISA - Certified Information System Auditor - ISACA
PMP - Project Management Professional - PMI
ITIL Foundation - AXELOS
Microsoft - Microsoft Certified Azure Fundamentals (AZ-900)

Personal data is collected by SYNOTEK, LLC and processed regarding prospective and current clients and employees/agents of those clients for the purpose of rendering professional services to SYNOTEK, LLC’s clients. Personal data may be processed in limited circumstances pertaining to the general public in order to respond to requests for information submitted via SYNOTEK, LLC’s website. Should such a request be received from the general public, SYNOTEK, LLC will use the personal data voluntarily provided via the website to reply providing the requested information or communication to the individual making the request.

SynoTek, LLC Privacy and Cookie Policy per FTC Privacy Shield

Policy and Cookie Policy - FTC Privacy Shield

SynoTek, LLC

SynoTek, LLC

Make Success A Reality

Guardrails for Cloud Platforms / Compliance as Code