State of Florida Department of Management Services

Similar documents
Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

State of Florida Cyber Security Services RFI

Department of Management Services. Request for Information

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring and Restoration Services

GEARS Cyber-Security Services

NASA OFFICE OF INSPECTOR GENERAL

IT-CNP, Inc. Capability Statement

Corporate Overview. MindPoint Group, LLC 8078 Edinburgh Drive, Springfield, VA Office: Fax:

Statement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education

Testimony of Dan Nutkis CEO of HITRUST Alliance. Before the Oversight and Government Reform Committee, Subcommittee on Information Technology

STREAM Cyber Security

Professional Services Overview

Chairman Johnson, Ranking Member Carper, and Members of the committee:

STATEMENT OF. Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

2015 CEO & Board University Cybersecurity on the Rise. Matthew J. Putvinski, CPA, CISA, CISSP

Written Testimony. Dr. Andy Ozment. Assistant Secretary for Cybersecurity and Communications. U.S. Department of Homeland Security.

DHS. CMSI Webinar Series

Florida Department of Management Services Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services RFI

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

Developing a Mature Security Operations Center

CGI Cyber Risk Advisory and Management Services for Insurers

Vendor Risk Management Financial Organizations

Vendor Management. Outsourcing Technology Services

White Paper THE FIVE STEPS TO MANAGING THIRD-PARTY RISK. By James Christiansen, VP, Information Risk Management

Cyber Security. John Leek Chief Strategist

Middle Class Economics: Cybersecurity Updated August 7, 2015

Cyber security: Are Australian CEOs sleepwalking or a step ahead? kpmg.com.au

CYBER SECURITY TRAINING SAFE AND SECURE

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

El Camino College Homeland Security Spring 2016 Courses

STATEMENT OF SYLVIA BURNS CHIEF INFORMATION OFFICER U.S. DEPARTMENT OF THE INTERIOR BEFORE THE

Address C-level Cybersecurity issues to enable and secure Digital transformation

Preemptive security solutions for healthcare

VENDOR RISK MANAGEMENT UPDATE- ARE YOU AT RISK? Larry L. Llirán, CISA, CISM December 10, 2015 ISACA Puerto Rico Symposium

Five-Year Strategic Plan

SOLUTION BRIEF. Next Generation APT Defense for Healthcare

Cybersecurity: Mission integration to protect your assets

Cybersecurity for Nonprofits: How to Protect Your Organization's Data While Still Fulfilling Your Mission. June 25, 2015

April 8, Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899

MANAGEMENT AND SYSTEMS

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Deputy Chief Financial Officer Peggy Sherry. And. Chief Information Security Officer Robert West. U.S. Department of Homeland Security.

Big 4 Information Security Forum

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

Personal Security Practices of the CAO

Report on CAP Cybersecurity November 5, 2015

How To Protect Your Network From Attack From A Network Security Threat

DHS, National Cyber Security Division Overview

Cyber Security & Compliance Briefing

Amit Garg BERKELEY RESEARCH GROUP, LLC 1800 M Street, N.W. 2 nd Floor Washington, D.C Direct: agarg@thinkbrg.

Legislative Language

U.S. Securities and Exchange Commission

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper

CyberSecurity Solutions. Delivering

TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

GAO. INFORMATION SECURITY Persistent Weaknesses Highlight Need for Further Improvement

NIST Cybersecurity Framework Impacting Your Company? April 24, 2014 Presented By Sheila FitzPatrick, NetApp Jeff Greene, Symantec Andy Serwin, MoFo

The Attacker s Target: The Small Business

Oil & Gas Cybersecurity

Tata Communications Security Outsourcing. A Must-have for Entry into the Global Economy.

MICHIGAN AUDIT REPORT OFFICE OF THE AUDITOR GENERAL THOMAS H. MCTAVISH, C.P.A. AUDITOR GENERAL

Purpose. Service Model SaaS (Applications) PaaS (APIs) IaaS (Virtualization) Use Case 1: Public Use Case 2: Use Case 3: Public.

No. 33 February 19, The President

An SBA Certified 8(a) business Clarendon Blvd. Arlington, VA

CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

The Computerworld Honors Program

Priority III: A National Cyberspace Security Awareness and Training Program

Cybersecurity The role of Internal Audit

E-Learning Compliance Training Library of Online Courses

NASCIO 2015 State IT Recognition Awards

Secure by design: taking a strategic approach to cybersecurity

i Network, Inc Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time.

Beyond passwords: Protect the mobile enterprise with smarter security solutions

September 28, MEMORANDUM FOR. MR. ANTONY BLINKEN Deputy Assistant to the President and National Security Advisor to the Vice President

(BDT) BDT/POL/CYB/Circular

The President issued an Executive Order Improving Critical Infrastructure Cybersecurity, on February 2013.

Bellevue University Cybersecurity Programs & Courses

A 6-Step How-To Guide to Contracting for Cloud Services Includes a 137-Element Contracting Checklist

WRITTEN TESTIMONY BEFORE THE HEARING ON FEBRUARY 4, 2014 TESTIMONY OF JOHN MULLIGAN TARGET

Transcription:

September 3, 2015 State of Florida Attn: Joel Atkinson Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services 350 Seventh Avenue 10th Floor New York, New York 10001 P: 212.481.6868 Toll Free: 877.QED.NATL F: 212.481.0414 www.qednational.com

Table of Contents 1. Introduction... 1 2. Background... 1 Overview... 1 Summary of Relevant Experience... 1 Management Team... 1 Awards... 3 Certifications... 4 3. Contact Information... 4 Key Contacts... 4 4. Service Offerings (as per section IV of Cyber-Security RFI)... 5 5. Conclusion... 5-0- 9/3/2015

1. Introduction The State of Florida - Department of Managed Services is seeking to identify vendors that are able to provide assessment and remediation services in the event of a Cyber-Security incident and provide identity protection, identity monitoring and identity restoration services. The following provides information necessary for QED National to be listed as a vendor capable of providing such services to the State of Florida under GSA Schedule 70. 2. Background Overview is a privately held New York corporation that provides IT Consulting, Solutions and Staffing Services to the public and private sectors. Founded in 1993 by President, Colleen Molter, holds a GSA Schedule 70 contract (#GS-35-F378AA), is registered with the State of Florida, and is highly experienced in Cyber- Security Assessment and Remediation Services. The superior quality of s services and staff has been recognized by clients and the industry over the years. Inc. Magazine named one of Inc. 5000 s Fastest Growing Private Companies for seven consecutive years (2009-2015); The Competitive Edge awarded the 2014 Women Business Enterprise (WBE) Award of Excellence; and CIO Review named one of the Top 20 Most Promising Government Technology Consulting Companies in the US. Summary of Relevant Experience has over 22 years experience as a provider of IT consulting services and solutions. Our reputation for integrity, high-quality and overall value has earned us contracts with Fortune 500 companies such as Financial Services, Audit, Engineering, Energy, Technology firms and numerous State and Local government entities (e.g., Transportation, Health and Human Services, Education, Construction, Criminal Justice, and Environmental Protection agencies). With extensive expertise in all aspects of Information Technology, Information & Cyber-Security, Governance, Risk & Compliance, Project & Program Management, and Enterprise Architecture, has been awarded over 70 contracts totaling in excess of $27 Million over the last three years. For these contracts, over 180 consultants have been deployed, with approximately 80% for State and Local government entities. Specific Cyber and Information Security Services recently provided by include: Information Security Risk Assessments Vulnerability Assessments Application Security Assessments Incident Response Investigations for Malware and Advanced Persistent Threats Implementation of Data Loss Prevention Solutions Monitoring Networks for Security Anomalies Implementation Encryption Solutions Management Team The Management Team will diligently apply its experience and expertise in Information Technology and Information Security to ensure successful delivery of Cyber-Security assessment and remediation services to the State of Florida. Professional biographies of the Management Team are provided below. -1-9/3/2015

Colleen Molter President & Founder Ms. Molter, an NYU Polytechnic Electrical Engineering graduate, has been providing technology solutions to government agencies and Fortune 500 firms for more than 25 years as a Technology Manager and Entrepreneur. Colleen s work history, prior to starting in 1993, includes nine years of Information Technology management consulting, seven years experience teaching computer science and electrical engineering in the university system at both the graduate and undergraduate levels and eight years experience working for IBM as a systems engineer, data systems specialist and manager. Her industry experience includes servicing large financial and governmental institutions with centralized and distributed IT installations and her skills in strong facilitation, project management, development and execution of technology systems design have provided the base for the growth and success of. Colleen has always been at the forefront of providing sound technology solutions and professionals to her clients and, as a result, has been recognized by such organizations as Inc. Magazine and CIO Review among others for business and technology leadership. Colleen s broad experience as a C-Level Strategist, Executive Manager and Entrepreneur provide her team, clients and community the leadership to consistently deliver with the highest level of quality and integrity. She has received numerous awards for her accomplishments as a businesswoman and advocate for women in business, including recognition for her achievements by the US Small Business Administration, the Women s Presidents Organization, and Women in Technology International. Fred Seim Account Executive Fred is the Account Executive and Engagement Manager for State and Local Government as well as Education (SLED) business activities in which is engaged in the State of Florida. Fred has 29 plus years combined experience in Program and Engagement Management in support of large clients with the US Treasury, US Secret Service (now DHS), US Customs Service, (now DHS ICE), Bureau of the Public Debt, the Federal Aviation Administration (FAA) and most recently the City of New York. It is s position that the importance of this engagement, as well as, the critical importance of Cyber-Security to the State of Florida government operations and public infrastructure warrants this level of management experience and commitment. Fred s security experience includes design and implementation of a security and access control system for the US Treasury for a special national security campus. Following that project, Fred was the PM for the design and implementation of the FAA s FAR 107.14 compliant anti-terrorist and intrusion detection system for the International Arrivals Terminal (T5) at ORD and was a member of the security design and oversight team for three of the other eleven FAA-designated Class X US airports. Additionally, Fred led the consulting team responsible for developing and executing annual pre-audit activities at USCS (now, DHS ICE) for compliance of the agency to OMB circulars A-123 and A-130. More recently, Fred led the PM/QA consulting team responsible for the security assessment and accreditation for numerous NYC enterprise-wide systems implementations (e.g., NYC.gov, 3-1-1 Customer Service, NYCServ, and NYCAPS). Anthony Concolino Managing Director Anthony (Tony) leads the company's Solution-based Consulting Practice areas which include Information/Cyber- Security, Data Center Solutions, Information Technology Management, and GRC (Governance, Risk and Compliance). As a senior Information Technology professional with over 30 years of experience, Tony s innovative style helped advance the use of enterprise technology in the banking and brokerage industry and most recently in the public sector. Prior to joining, Tony managed large organizations at Citigroup, where, as COO for Capital Markets and Corporate Infrastructure Services, he led efforts to improve security, service and business continuity in IT Operations, Risk Management and Application Development while driving down costs as part of a multiyear, multi-billion dollar transformation program. Earlier in his career, Tony delivered world-class brokerage and trading technology products serving large global Wall Street firms. Tony has also advised several startup companies building Cloud, Virtualization, Big Data, DevOps, Cyber-Security and Digital Marketing technologies. -2-9/3/2015

Russell Kiernan Director of Management Consulting and Cyber / Information Security Services Mr. Kiernan oversees the delivery of IT Management Consulting and Information Security Services at QED National. With over 20 years of IT experience, Russell understands the business needs of s client base and transposes them into capabilities. He is highly skilled in a number of management and technology disciplines including Cyber / Information Security, GRC (Governance, Risk and Compliance), Program and Project Management, and Enterprise Architecture. Russell has extensive experience in global financial institutions such as Citigroup, Bank of America Merrill Lynch, Marsh & McLennan, Smith Barney and Broadridge where he managed Risk & Control Management, Information Security, Application Development, Program and Project Management, Enterprise Architecture, Process Engineering, and Financial Management functions. Russell s accomplishments include: authoring of Software Development Process Standards for organizations with up to a $1B annual application development and implementation budget; authoring of various Information Security Standards and Processes, implementation of Enterprise Software Solutions; definition and rollout of comprehensive project and SDLC processes (which addressed both functional and non-functional requirements such as Security and Enterprise Architecture reviews) and supporting Project Management Information System; definition and ongoing management of global Project Portfolios and associated budgets; definition of project performance and quality review processes; initial implementation and ongoing management of global Risk and Compliance Self Assessments (including Application and Security Assessments); and successful management of all Federal Regulatory, External Audit, and Independent Audit inspections for auditable entities. Barry Pardee Industry Expert Barry is a Senior Information Technology professional with over 30 years of expertise in IT Sales, Project Management, IT consulting and management. He has a broad background in successfully working with various commercial organizations, as well as federal and non-federal government agencies. As a civilian Senior Field Engineer, he worked on key Air Force R&D systems including early Arpanet security development, starting in 1976, distributed computing (cloud) the first Intrusion Detection System and many more leading edge security systems throughout his career. In the past 23 years as a senior Project and Program Manager, Barry has successfully managed multi-million dollar IT projects/programs for Kodak, General Electric and what is now NYS Information Technology Services. He has been a trusted security partner to large commercial and government clients including Global Foundries, Pitney Bowes, GE Global Research, GE Energy, NYS agencies, NYS Governor s Office (through several administrations) and the NYS Division of Homeland Security and Emergency Services. More recently, Barry has helped, alongside a top security consultant hired from the White House, to design and manage the delivery of many IT security assessments for large New York government agencies including the State Police, Criminal Justice Services, Integrated Justice Advisory Board agencies, Department of Transportation, Division of the Budget and the Energy Research and Development Authority. Barry has also been active in the Cloud Security Alliance and is acknowledged for contributions in the Cloud Standards Customer Council publication, Security for Cloud Computing. Awards As a result of our excellent service, professionalism, and leadership, consistently garners the highest accolades and awards. Such awards include: Awards Seven Consecutive Years: Inc. 500 5000 Fastest Growing Private Companies, 2009-2015 Women Business Enterprise (WBE) Award of Excellence, Competitive Edge, 2014 Top 20 Most Promising Government Technology Consulting Companies in the US, CIO Review, 2013 Top 50 Women Owned Business in New York, DiversityBusiness.com, 2013 Enterprising Women of the Year Award, Enterprising Women Magazine, 2011-3- 9/3/2015

Certifications is a Small, Disadvantaged and Women-Owned Business Enterprise certified and accredited by various esteemed organizations. These certifications allow to obtain and perform business within organizations that require such credentials. These certifications include: Certifications Women's Business Enterprise National Council (for US Small Business Administration) - Woman Owned Small Business (WOSB) US Department of Transportation - DBE Women's Business Enterprise National Council - WBE 3. Contact Information The address of s headquarters is as follows: Corporate Headquarters 350 Seventh Ave, 10 th Floor New York, NY 10001 Key Contacts Fred Seim, s Account Executive for the State of Florida, will coordinate s efforts to ensure the highest quality services. Russell Kiernan, s Director of Management Consulting and Information Security Services, will coordinate Cyber / Information Security resources to ensure the success of all Cyber-Security engagements for the State of Florida. Contact information is included below. Key Contacts Primary Contact Fred Seim Account Executive (347) 907-1076 fseim@qednational.com Secondary Contact Russell Kiernan Director, Management Consulting and Information Security Services x111 rkiernan@qednational.com -4-9/3/2015

4. Service Offerings (as per section IV of Cyber-Security RFI) The table below lists all services identified in the RFI and indicates s capability to provide these services. 1) Pre-Incident Services: Cyber-Security Service a) Incident Response Agreements Terms and conditions in place ahead of time to allow for quicker response in the event of a cyber-security incident. b) Assessments Evaluate a State Agency s current state of information security and cybersecurity incident response capability. Capability c) Preparation Provide guidance on requirements and best practices. d) Developing Cyber-Security Incident Response Plans Develop or assist in development of written State Agency plans for incident response in the event of a cyber-security incident. e) Training Provide training for State Agency staff from basic user awareness to technical education. 2) Post-Incident Services: a) Breach Services Toll-free Hotline Provide a scalable, resilient call center for incident response information to State Agencies. b) Investigation/Clean-up Conduct rapid evaluation of incidents, lead investigations and provide remediation services to restore State Agency operations to pre-incident levels. c) Incident response Provide guidance or technical staff to assist State Agencies in response to an incident. d) Mitigation Plans Assist State Agency staff in development of mitigation plans based on investigation and incident response. Assist State Agency staff with incident mitigation activities. e) Identity Monitoring, Protection, and Restoration Provide identity monitoring, protection, and restoration services to any individuals potentially affected by a cyber-security incident. * will utilize the services of our pre-qualified partners in these areas. 5. Conclusion, via partner companies*, via partner companies*, via partner companies* With the increasing volume and complexity of cyber threats, understands the importance of having robust comprehensive Cyber-Security and Cyber Risk Management programs that are up to the challenge. We are grateful for the opportunity to be considered for inclusion on the list of vendors capable of providing these critical Cyber-Security services to the State of Florida. Please contact Fred Seim or Russell Kiernan directly should any additional information be required. Thank you for your kind consideration. -5-9/3/2015

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information