Cyber Security Services

Cyber Security

Our team knows the objective is to protect your valuable information and property from theft, corruption, natural disasters, or unauthorized activity while allowing the information and property to remain accessible and productive to its intended users. GAMA-1 takes a proactive approach to IT security and risk management that our customers have grown to depend on and trust.

Our team of certified professionals provides security guidance and information assurance services to Federal customers throughout the System Development Lifecycle (SDLC) including each layer of the infrastructure and applications. We work with our customers allowing them to meet security compliance requirements; as well as protect their information and property while maintaining reliable access.

Each of our cyber security and information assurance services follows our best practice approach including a comprehensive risk management process.

  • Information Assurance Services
  • Assessment and Authorization (A&A)
  • Federal Information Security Management Act (FISMA) Compliance & Audit Reviews
  • HSPD-12 Support and Services 
  • Risk and vulnerability Assessment and Reviews
  • Evaluation of various technologies and products
  • Provide security architectural considerations and recommendations
  • Develop, document and maintain IT processes methods and tools
  • Develop mitigation recommendations (as part of the risk management process)
  • Develop, update and review IT security policy, procedures, standards, and guidance consistent with Departmental and Federal requirements.
  • Develop, update, and review IT security plans, plan of actions and milestones (POA&Ms), configuration management plans, contingency plans, incident response plans, rules of behavior.
  • Conduct vulnerability scans and Penetration testing

Our Experience

Cyber Program Experience: As a trusted NOAA partner, GAMA-1 provides end-to-end Cybersecurity and Information Assurance Services for five Program Offices and all systems within the National Weather Service (NWS) Annual Assessments (A&A) contracts. Through GAMA-1’s NWS contract, we manage and develop an IT security program and operational environment which involves assessing, analyzing, monitoring, and mitigating risks.

For FY2019 our Information Security Assessment and Accreditation (A&A) Specialist support an enterprise-wide service performing 19 standardized, reliable, and high-quality annual assessments for all the NWS FISMA high, and moderate systems, to include 13 penetration tests for 5 high, 8 moderate FISMA systems. We comply with NOAA’s Risk Management Framework (RMF), FISMA, DOC, and NOAA, IT standards and security policies. GAMA-1 ensures consistency of our product and service, which is key to our customer satisfaction the A&A team conduct assessment findings reviews to assure that the Finding, Vulnerability, Threat, Threat Agent, Existing Safeguards, Consequence, and Recommended Mitigation tasks, procedures, and processes are executed exactly as intended every time. Our 30+ CISSP certified professionals ensure that all 25 high, moderate, and low NWS FISMA systems maintain continuous quality for system security plans, IT security policies and procedures, corrective action plans (POA&Ms); and all other core system documentation located in CSAM.

We facilitate planning for business continuity/disaster recovery, certifying and accrediting systems, security technical assessments, monitoring security, reporting and responding to incidents, and taking corrective actions. Our Security engineers work with the CISOs, ITSOs, and ISSOs to successfully manage and architect IT security services across the agency. We ensure secure operations for IT infrastructure, networks, applications, databases, equipment, and assets. We perform required system security scans to assess vulnerabilities and to ensure the proper “hardening” to protect against potential threats. We have worked with our customers to address the ever-expanding IT Security threat landscape. We institute security programs that provide the controls and a solid basis of proven security measures from industry best-practices, such as ensuring that applications identify and follow security requirements; implementing multi-layered perimeter defense; hardening internal resources; securing Personal Identifiable Information (PII); and instituting HSPD-12 within an effective security risk management structure.

Join Our Team

Download Information

NWS/OCIO - I wanted to let you know how much the Alaska Region appreciated your team (GAMA-1), and how they conducted the A&A Review. Andrew and his team were consummate professionals there to provide meaningful assistance and feedback to solve problems. I received extremely positive feedback from the Alaska Region participants regarding the team and their performance. This is a testimony to both yours and Andrew's leadership, and the quality and competence of the individuals on the A&A team. Thank you (GAMA-1) for the proactive, professional attitude you brought to the Alaska Region A&A to improve our IT security posture.” 
~ Carven Scott - Regional Director