Cyber Security

Information Security Program Management

  • Development, implementation, administration, and maintenance of Information Security governance (policies, processes, and procedures) and compliance documentation.
  • Establishment and maintenance of organized, current, and accessible information security data repositories to include but not limited to:
    • Organizational information security policy & procedures documents
    • Regulatory compliance documents
    • FISMA/FedRAMP Assessment and Authorization packages
    • System Security plans
    • Security & Privacy assessments
    • IT Business Continuity & Disaster recovery plans
    • Incident Response plans, Awareness & Training
    • Access and Authorization forms
    • Change management documentation
    • Risk evaluation and mitigation documentation
Keyboard with security button - computer security concept

Information Security Risk Assessments

  • Implementation, administration, and maintenance of technologies associated with technical and non-technical information security risk assessments include:
    • Security information
    • Event management
    • Automated vulnerability detection systems
  • Planning, conducting, and documenting security risks assessments involving technical and non- technical security elements for a variety of complex IT systems.

Information Security Operations

  • Implementation, administration, and maintenance of firewalls
  • Intrusion detection/prevention systems
  • Network segmentation systems
  • Content filtering systems
  • Anti-Spam and Anti-Malware systems
  • Virtual private networking systems
  • Secure file transfer systems
  • Identity & access control systems
  • Vulnerability scanning systems
  • Security log aggregation & analysis systems
  • Cryptographic systems