Our Security Professionals are unique in that they have provided Certification and Accreditation (C&A) and Assessment and Authorization (A&A) services to General Computing Environments with Global Information Grid connected systems as well as Weapons, Launch Range Instrumentation, and Industrial Control Systems (ICS).
We understand the intricacies of those systems. We will develop and implement Systems Security Strategies and plans that identify, mitigate, monitor, report, and fix vulnerabilities of target systems.
Black Rock personnel are experts in applicable federal laws, Executive Orders, and Industry standards, including those outlined in the Federal Information Security Management Act (FISMA) and the Risk Management Framework (RMF) Instructions and Special Publications.
Black Rock can assist federal, state, and private organizations with the security accreditation process (A&A) mandated for many federal and outsourced information systems.
• Develop A&A packages for major applications, general support systems, and minor applications
• Conduct risk assessments and common control selection
• Develop strategic security plans and programs
• Develop cyber security strategies, roadmaps, training, and execution plans for transition to the RMF for senior leadership, risk executives, and stakeholders
• Provide full spectrum FISMA and privacy program support to Federal Agencies and commercial customers
• Develop full range cybersecurity / RMF training and certification programs for Federal Agencies and commercial customers (including management and train-the-trainer courses)
• Develop, integrate, test, and manage real time continuous monitoring plans, and capabilities for enterprise and specialized information systems
• Design, develop, configure, and maintain enterprise Security Operation Centers (SOC), enterprise Identity Management Solutions, and Security Content Automation Protocol (SCAP) solutions
• Develop, integrate, implement, and execute security architectures and support to the System Development Life Cycle (SDLC)