Cyber & Security Operations

Cyber & Security Operations

Value Statement

Establishing security, privacy, and data protection across the IT continuum and advancing expertise by helping customers obtain timely and comprehensive ATOs.

Security Assessment & Authorization

Provide guidance to CISOs and ISSOs in analysis of organizational and Agency-based security requirements and risk mitigation strategies.
Support the development of security artifacts (PIAs, BCCPs, SSPs) and the management of security activities (assessments and audits)

Information Systems Security

  • Secure architecture design
  • Secure system configuration
  • Penetration Testing
  • Vulnerability assistance
  • Continuous monitoring
  • Risk Management Frameworks
  • SOC Operations
  • Agile team support
  • Cloud Security
  • Ecosystem Security
  • Policy and planning

Privacy Support

  • Privacy Impact Assessment (PIA) development
  • Support development of security and privacy aspects of agreements, such as MOUs, DUAs, and contracts

Security Training & Guidance

  • Develop and deliver security training and guidance for general security awareness
  • Organizational and system-specific security procedures
  • Security role-based training for ISSOs, developers, managers and system maintainers

Emergency Preparedness

  • Support incident management from identification to resolution
  • Establish and documents incident response and disaster recovery procedures

Dark Web Services

  • Dark Web Analysis and Reconnaissance
  • Dark Web Data Marking and Tracking
  • Dark Web Training and Senior Briefings

Lifecycle Support

  • Secure System Design Life Cycle (SDLC)
  • HHS Enterprise Performance Life Cycle (EPLC)
  • CMS Expedited Life Cycle (XLC)
  • SecOps
  • Advanced Threat Protection
  • Continuous Monitoring/CDM
  • Continuous Validation
  • Cloud security and containers