Security Engineering and Management

What We Do

G2SF leverages market leading cybersecurity tools, technologies, and techniques to proactively monitor, track, report and ultimately prevent unauthorized access to agency infrastructures including networks, systems, applications, databases, and information. We research, design, develop, implement and manage processes, procedures, architectures, and best practices to detect, defend against, immediately respond to, and quickly resolve in/outsider security threats and incidents. We accept responsibility for keeping the agency safe.

Key services include:

  • What We Do
  • Security Management Services and Security Operations Center (SOC) Management
  • Security Assessment, Design, Development, and Implementation
  • Data Loss Prevention (DLP) and identifying Agency PII and Sensitive Data (CUI, PII, HIPAA, etc.)
  • Cloud Access Service Brokers (CASB) and Computer and Mobile Device Forensics
  • VPN, Cryptography and Data at Rest Encryption Services
  • Next Generation Anti-Virus, Malware, and Sandbox Operations
  • Security Incident and Event Management Services with External Party Management
  • Enterprise Logging, Audit Reduction and Accountability Services
  • Security Weakness, Threat Detection, Vulnerability and Compliance Scanning
  • Micro-Segmentation and Zero Trust Model Design and Implementation
  • Risk Management Framework, Information Assurance, Certification and Accreditation (C&A)
  • Business Continuity Planning, Continuity of Operations, Disaster Recover Design and Operations

Sample Certifications

ISO 9001:2015
ISO 20000-1:2011
ISO 27001:2013
CompTIA Security +
CompTIA A+
CompTIA Network +

Where We Do Security

US Nuclear Regulatory Commission

In support of the OCIO, G2SF currently provides comprehensive security services including security operations center management; information assurance; identity, credential, and access management; network operations management, and account management.

US House of Representatives

G2SF currently provides identity, credential, and access management support as well as computer and mobile device forensics.

United States Marine Corps

G2SF currently provides information assurance, security and software engineering and DoD Risk Management Framework RMF services for the Corps suite of ITSM information system.

Why Us?

  • Demonstrated evidence of providing superior service and improving an agency’s overall security posture (See 12/2018 GAO Security Report to Congressional Committees –pg. 22)
  • Highly qualified security professionals with numerous certifications and decades of experience using a wide variety of technologies
  • Ability to close gaps between current security operations and operations based on standards, requirements, best practices and compliance/risk management frameworks
  • Ability to leverage other corporate capabilities to improve an organization’s overall security posture (e.g. IT Service Management, Mobility and Engineering)

Our Differentiator

G2SF views Security as a Service. Many firms state that, however, as an ITSM company we actually have the process expertise and technical acumen to link disparate processes and technologies to deliver integrated security solutions addressing historically recognized issues. Three examples of where this applies would be:

  • POAM and vulnerability management
  • Cyber Threat Intel and Asset Management
  • CDM and Event Management

We take a holistic view that links typically siloed security areas with overall enterprise management allowing for full visibility, transparency and reporting at both tactical and strategic levels.