Past Performance

Cloud/Enterprise Cyber Security Solutions

Enterprise Cloud Architecture

Systems Engineering, Integration and Administration Support for Enterprise application implementation and maintenance.

  • Develop CONOPS for new capabilities
  • Design/Implement prototype(s) of HW/SW/NW/Applications
  • Develop detailed project mission schedules
  • Provide end-to-end cyber mitigation strategies
  • Support project related control gates (PRB, AERB, Status Update, and so on)
  • Develop/Implement application workflows
  • Develop/Install/Support end-to-end project architecture (DEV/Test/Production)
  • Design and implement project related access flows
  • Design and implement IaaS for bare-metal and Cloud based technologies
  • Automate provisioning services (OS, Application, Custom Scripts)
  • Develop standard operation procedures in support of mission systems
  • Support the design and implementation of Cyber, Cloud, Analytic, Reporting, and other mission critical needs
  • Provide expert consulting in support of Linux and Windows based enterprise solutions
  • Support insider threat analysis solutions

Global Intelligence Support

Cyber/FISMA Compliance

  • Assist customer projects through the security approval process
  • Support includes architectural review, documentation review, and vulnerability testing
  • Provide security review and approval for customer requests including system access, equipment moves, software acquisition, and PKI certificates
  • Distribute vulnerability announcements to customer base and verify patch management status
  • Implement a continuous monitoring system based on the Tenable suite of products: SecurityCenter, Nessus, Passive Vulnerability Scanner, and Log Correlation Engine

ISSM Support

  • Review, analyze, and determine system access privilege requests for all unique enterprise systems
  • Establish and maintain access records for enterprise systems to ensure access requirements are current and necessary

Enterprise Data Protection Services

As the Prime Contractor for an Intelligence Community customer, Dowless & Associates provided over 10 years of security engineering and support services. That work continues today through a consolidated contract as a key subcontractor.

Our support services include:

Engineering Activities
  • Public Key and Key Management Infrastructures
    • User key management
    • Key management for Data Center Encryption Appliances
    • Encryption Key Repository (GOTS development & implementation)
  • Implementation of software file and media encryption technologies
  • Evaluation and implementation of multiple encryption technologies to satisfy specific requirements
  • Integration of encryption technologies into COTS application
Supporting Activities
  • Planning, Implementation, and Management
  • Risk Assessments and Analysis
  • Security Policy Development
  • Certification and Accreditation
  • Product migration
  • Documentation and training
  • User support
Commercial Encryption Product Market Research, Evaluation, and Reporting
  • Data Center encryption appliances with rich policy management capabilities
  • Provided suggestions for vendors for product enhancement

Enterprise Operational Security Support

Dowless was subcontracted to provide Project Security Consulting Support to detect, analyze, and mitigate hostile attacks against the customer’s Enterprise networks. In this role, our security engineers performed the following activities:
  • Conducted systems security test and evaluation of candidate Enterprise Core Products and Data Protection Products
  • Developed implementation guidance and standards for implementation of Enterprise Security Policy
  • Developed and maintained Special Access Required (SAR) security applications used to detect vulnerabilities within the Enterprise Infrastructure
  • Developed and delivered mandatory Security Training Programs for all customer Systems Administrators
  • Developed a new program for Customer Security Waiver Approvals and Access Requests

Information Systems Integration Services

Dowless & Associates is the Prime Contractor to conduct operations and maintenance (O&M) for a collection of three automated declassifications systems. Our team of small and large businesses is managed in “single badge” environment and is consistently recognized for outstanding performance through award fees in excess of 96%.
 
Our team supports:
 
Software/Systems Operations & Maintenance
  • Software design, development and maintenance support
  • Systems and Application Integration
  • Systems Data Ingest Management
  • System, Application, and Data Performance Tuning
  • Integration and deployment of new system and application services
Customer Support Services
  • Tier 1 & Tier 3 Help Desk support
  • Development and delivery of user training
Program Management
  • Managed four subcontractor large companies
  • Developed management processes and procedures specifically for this effort to ensure communication and coordination with a host of corporate support organizations
  • Validated requests, assigned module releases, updated programs, and deployed changes

Mission-Oriented Business Services

Our support includes staff support to the SES-level Chief Information Officer (CIO):
 
Software design, development and maintenance support
  • Research, write, edit and prepare the CIO speeches for internal and external events
  • Media relations to include scheduling radio interviews, writing and submitting articles and awards packages to trade magazines, and maintaining a social media presence
  • Event Planning and execution
  • Compile, write and edit the weekly CIO Significant Activity Reports
Strategic level enterprise management support to the Intelligence Community IT Enterprise (IC DTE)
  • Work with representatives across the IC to identify existing systems, systems interfaces, processes and procedures
  • Identify common capabilities and methodologies for receiving and sending service ticket requests between agencies

Integrated Training

We develop customized, participant-centric training programs custom and commercial software programs
  • Security Education & Training
  • Conduct Training Needs Analysis
  • Develop course curriculum
  • Create user documentation that is understandable, usable and unique
  • Develop Intranet and Internet accessible training modules
  • Develop media-rich, interactive training delivered via CBT, WBT, or On-line Collaborative Learning Environments