Working with you to provide exactly what you need for mission success

Security Architecture / Engineering

IoT devices and cyber physical systems (CPS) offer unparalleled efficiencies and opportunities in multiple industries, from energy, to transportation, healthcare, and other critical infrastructure sectors. However, these devices and systems, without proper security and privacy controls integrated throughout the development lifecycle, can introduce serious financial and even safety risks to consumers, and reputational and financial risk to those bringing such devices and systems to market. Security architecture and engineering provides a structured approach to efficiently and effectively managing these risks.

Vulnerability, Threat, and Risk Assessments

Regular system and environment assessments from internal and external perspectives and access points enables proactive hardening and risk mitigation. Assessments can include vulnerability scanning, multiple levels of penetration testing to include social engineering tests, and mock exercises.

Software Assurance

While the periphery of systems and environments have traditionally been the focus of security hardening, as insider threats expand, the importance of developing secure applications within the core of these environments grows in significance. Whether the software is in its inception phase, or already deployed and operational, software assurance enables risk mitigation and protection against multiple attack vectors.

Security Training and Education Courses

An educated workforce is an effective workforce, and this is particularly true with security training and education. Whether the focus is on physical, technical, or operations security, the outcome is an informed workforce that is less susceptible to insider threats and attack vectors designed to exploit human factors.

Program Security

Personnel, Information, Operations, Physical, and Information Systems Security and Counterintelligence support activities for federal programs enables situational awareness throughout the lifecycle of each program.


Strategic planning and expert advice that incorporates multidisciplinary perspectives empowers well informed, risk-based business and management decisions and investments.

  • 541690 – Other Scientific and Technical Consulting Services (primary)
  • 541199 – All Other Legal Services
  • 541519 – Other Computer Related Services
  • 541611 – Administrative Management and General Management Consulting Services
  • 541618 – Other Management Consulting Services
  • 541990 – All Other Professional, Scientific, and Technical Services
  • 561499 – All Other Business Support Services
  • 561612 – Security Guards and Patrol Services
  • 561621 – Security Systems Services (except Locksmiths)
  • 611430 – Professional and Management Development Training
  • 541930 – Translation and Interpretation Services
  • —Federal Civilian Law Enforcement Client – Telecommunications Cybersecurity
  • Federal Defense Client – Physical, Program, and Personnel Security; All-Source Intelligence; Risk Management Framework Support (Steps One through Six)
  • Federal Defense Client – Risk Management Framework Implementation (Steps One through Three)
  • Federal Civilian Client  – Risk Management Framework Step Six Continuous Monitoring Independent Assessments
  • Multiple Federal Clients – Risk Management Framework, Basic Program Security, Information Security Continuous Monitoring, and Windows 10 Audit Training
  • State of Maryland Clients – Cybersecurity Framework Assessment; Consulting
  • New York State Clients – RMF Vulnerability Scanning and Assessments
  • Commercial Clients – General Consulting; Security Policy Development for Telecommunications Company; DFARS/NIST SP 800-171 Assessments