Cyber Security SME

Wits Solutions Inc. (WITS) is a SBA certified 8(a) company with headquarters in the metropolitan Washington D.C. area. WITS has been providing bestinclass solutions in professional IT and administrative consulting to various Federal State Local and commercial customers. At WITS we believe in working not for our clients but with them. This is why right from the beginning; our analysts and solutionbuilders work closely with our clients to ensure that the project outcomes continue to deliver value long into the future.

Job Description:

Position

Part Time Position

Highly Adaptive Cybersecurity Services (HACS)

High Value Asset (HVA)

• Assessment HVA Assessments include Risk and Vulnerability Assessment (RVA) which assesses threats and vulnerabilities determines deviations from acceptable configurations enterprise or local policy assesses the level of risk and develops and/or recommends appropriate mitigation countermeasures in operational and nonoperational situations.
• The services offered in the RVA subcategory include Network Mapping Vulnerability Scanning Phishing Assessment Wireless Assessment Web Application Assessment Operating System Security Assessment (OSSA) Database Assessment and Penetration Testing. Security Architecture Review (SAR) evaluates a subset of the agencys HVA security posture to determine whether the agency has properly architected its cybersecurity solutions and ensures that agency leadership fully understands the risks inherent in the implemented cybersecurity solution.
• The SAR process utilizes inperson interviews documentation reviews and leading practice evaluations of the HVA environment and supporting systems. SAR provides a holistic analysis of how an HVAs individual security components integrate and operate including how data is protected during operations.
• The SAR uses the Risk Management Framework (RMF) when designing and implementing the seven (7) tenets of Zero Trust Architecture (ZTA) by describing how the steps in the RMF map to similar steps described in NIST Special Publication (SP) 80207 Zero Trust Architecture.
• Systems Security Engineering (SSE) identifies security vulnerabilities and minimizes or contains risks associated with these vulnerabilities spanning the Systems Development Life Cycle.
• SSE focuses on but is not limited to the following security areas: perimeter security network security endpoint security application security physical security and data security.

Risk and Vulnerability Assessment (RVA) RVA

• Assesses threats and vulnerabilities determines deviations from acceptable configurations enterprise or local policy assesses the level of risk and develops and/or recommends appropriate mitigation countermeasures in operational and nonoperational situations.
• The services offered in the RVA subcategory include Network Mapping Vulnerability Scanning Phishing Assessment Wireless Assessment Web Application Assessment Operating System Security Assessment (OSSA) Database Assessment and Penetration Testing.

Cyber Hunt

• Cyber Hunt activities respond to crises or urgent situations within the pertinent domain to mitigate immediate and potential threats. Cyber Hunts start with the premise that threat actors known to target some organizations in a specific industry or with specific systems are likely to also target other organizations in the same industry or with the same systems.

Incident Response

• Incident Response services help organizations impacted by a cybersecurity compromise determine the extent of the incident remove the adversary from their systems and restore their networks to a more secure state.

Penetration Testing

• Penetration Testing is security testing in which assessors mimic realworld attacks to identify methods for circumventing the security features of an application system or network.