Government IT and Cybersecurity Services

The Scarlett Group is a resource for government leadership and IT departments. We perform a wide array of services ranging from cybersecurity assessments to managed and co-managed IT and cybersecurity solutions. 

The need for managed cybersecurity and IT services has never been greater. Cybercrime targeting government organizations is on the rise. Multiple economic and social factors make hiring experienced cybersecurity personnel an unrealistic option for most organizations. By utilizing the MAS Information Technology, public organizations are able to obtain IT and cybersecurity services. In order to view these available services, visit the website Services located within this schedule are pre-negotiated, compliant, and extensive. By utilizing the Special Item Number (SIN) system, purchasers are able to sort the available services by category.

GSA Quick Facts

  • GSA Contract: 47QTCA21D000A
  • DUNS: 012530744
  • CAGE: 8FME5
  • Services: Information Technology, Cybersecurity, Cloud, Audits, Compliance
  • Set Asides: Small Business, SBA Certified Small Disadvantaged business


GSA Labor Categories

Labor Category SIN Description
Project Manager 54151S The IT Project Manager is responsible for the management of IT projects: translates SOWs into project phases & tasks, budgets hours, ensures others execute project tasks within budget and on time; troubleshoots any arising issues; coordinates meetings between clients, technicians and / or vendors; reports project progress and potential problems to management. 
IT Consultant 54151S Recommends actions and provides roadmaps to assist with IT decisions. Provides clients with on-demand communication and advice for strategic IT planning. Engaged alongside client resources or as a standalone asset. Consolidates IT strategy and provides planning for future projects. Specific duties vary by engagement.
Lead IT Consultant 54151S Acts as a substitute or augmentation to current IT leadership. Provides extensive strategic leadership and advises client leadership. Engaged alongside client resources or as an integrated and independent member of current client staff. Duties vary by engagement but encompass a much larger scope than "IT Consultant".
Network Engineer 54151S Performs proactive network tasks. Deploys solutions into environments that are used by clients and internal technicians. Maintains toolset and patches systems. Monitors network health and remediates networking issues.
Lead Network Engineer 54151S Performs advanced networking tasks and develops networking solutions for clients. Responsible for evaluating networks and determining health. Deploys and configures monitoring solutions. Works with clients to determine desired state and architect solutions.
NOC Technician 2 54151S Perform similar functions as NOC Technician 1 but with emphasis on internal experience and external education. Acts as the primary escalation point for NOC technician 1 and provides advanced issue resolution for more complex issues.
NOC Technician 3 54151S NOC Technician 3 is an independent role focused on architectural changes and severe network issue remediation. These technicians receive escalations from NOC Technicians 2 that require extensive experience and specialization to remediate.
Business Analyst 54151S Responsible for providing business process evaluation and updates for clients. Analyzes current practices and recommends options based on client parameters, Subject Matter Expert on systems and processes, policies.  Consolidates IT and personnel resources in order to streamline inefficiencies and improve productivity.
Auditor 54151S Auditors utilize a preset evaluation format to conduct objective assessments of client systems. The assessment is then used to provide recommendations. Auditors are experienced in managing the evaluation process and generating the executive report based on the current format. Executes Comprehensive IT Assessments, Cybersecurity Assessments, and Disaster Recovery and Business Continuity Assessments.
Lead Auditor 54151S Performs all duties of "Auditor" with the addition of being responsible for creating assessment criteria and providing advanced assessment recommendations. Creates custom assessments based on client requests.
Cloud Consultant 518210C Cloud technology expert who assists clients with all aspects of cloud strategy. Capable of assisting with migration, upgrades, planning, and strategy for clients with on-premise, hybrid, or cloud systems. Recommend and implement SaaS, PaaS, or IaaS solutions as needed. Work with internal and external staff to manage projects associated with cloud strategy. Continual evaluation of cloud technologies and solutions.
Cloud Engineer 518210C Engineer with advanced experience in cloud technologies. Performs complex cloud strategy tasks including deploying cloud servers, configuring hybrid environments, domain migrations, and more. Assists with advanced cloud architectural design and issue remediation.  Develops documentation, user manuals for cloud architecture. 
Cloud Technician 518210C Technician with experience in cloud technologies. Focused on cloud implementation, migration, and maintenance. Assists clients with tasks associated with cloud implementation and migration projects. Experience with common SaaS technologies for user technical support. Direct contact point for user cloud issue remediation and training.
Incident Responder 54151HACS Cybersecurity expert trained in Incident Response techniques. Executes pre-defined incident response plan. Perform the five steps of Incident Response: Scope, Contain, Eradicate, Recover, and Post-Incident. Works with clients to determine root cause of incidents and prevent future threats. Utilizes advanced security tools and techniques to prevent future incidents.
Security Analyst 54151HACS Responds to security threats and alerts by analyzing details and triaging events. Setup new alerting solutions and policies. Determine and escalate high-level threats. Remediate security issues and assist in Incident Response investigations when needed.
Security Engineer 54151HACS Primary escalation point for security analyst. Implements solutions offered by consultants and clients. Thorough cybersecurity experience allow for more in-depth solution utilization and issue remediation. Configures advanced security features within existing toolsets.
Vulnerability Tester 54151HACS Works with clients to scope potential security vulnerabilities utilizing technical evaluation techniques and scans. Provides execute summaries and reports based on findings. Can be engaged for a wide scope of tasks ranging from individual application testing to network-wide vulnerability evaluations.
NOC Technician 1 ANCILLARY NOC Technicians function as first responders to network and user issues and perform direct customer support. Responsible for triaging network events and escalating events that exceed complexity requirements or event severity.

Cybersecurity Solutions

Our GSA contract is listed under our sister organization, Scarlett Cybersecurity. Scarlett Cybersecurity provides a wide array of government IT and cybersecurity solutions centered around creating a comprehensive IT and securitystack. These solutions work best when combined into a comprehensive security stack, but some can be offered à la carte if desired. It is recommended that clients utilize a comprehensive cybersecurity audit to determine specific needs before committing to a solution.

Managed Cybersecurity for Government

We specialize in fully managed, “Complete IT” solutions by acting as the Managed Service Provider for clients. Outsourced IT saves on manpower costs and leverages skills that are in short supply.

Service Description
Scarlett Managed Security A fully managed security solution with implementation based on client needs and expectations.
Security Awareness Training Training sessions designed to test users and provide actionable reports. Simulated phishing attacks test training effectiveness.
Vulnerability Testing Extensive network scans with annotated reports that provide insight into network health and security gaps.
Managed AV Managed AV with custom alerting and issue resolution.
Managed Patching Managed monitoring and patching of devices to ensure updates are implemented in a timely manner.
SIEM/SOC Centralized logging and alerting. Used for network visibility and compliance. Provides 24/7/365 customized alerting and reporting.

Managed Endpoint Protection Solutions

We offer services and products that keep endpoints safe with an emphasis on being lightweight and unobtrusive.

Service Description
Application Whitelisting Managed application that provides the ability to control what runs in the environment and what users can install.
Endpoint Detection and Response EDR is an endpoint protection solution designed to be a full replacement for AV.  Network isolation, rollbacks, IR forensics, and machine learning are some of the flagship features.
Anti-Virus/Anti-Malware AV for endpoint defense. Centrally managed options available.

Managed Government Network Security Solutions

Current trends in cybersecurity have placed a greater emphasis on network awareness, threat detection, and threat intelligence. Scarlett Cybersecurity offers a wide variety of products that will help secure your computer network and the data on it.

Service Description
Data Loss Prevention Solutions DLP solutions classify and protect confidential and critical information in order to prevent end users from accidentally or maliciously sharing data that could put the organization at risk.
OpenDNS DNS resolution with built-in security features that helps prevent malicious or undesired traffic from resolving.
Single-Sign-On (SSO) Implement SSO solution to enable use of a single set of credentials for most services.
Multi-Factor Authentication Implement MFA solutions to provide enhanced authentication security.

Professional IT Services and Solutions

The Professional IT Services and Solutions category provided by Scarlett Cybersecurity encompasses all offerings focused on improving the IT operational readiness of an organization. Our services are split into “Professional” and “Cybersecurity.” There is invariably some overlap, especially with fully managed solutions. 

Managed Government Computer Security Solutions

We specialize in fully-managed, “Complete IT” solutions by acting as the Managed Service Provider for clients or working in tandem with current IT staff. 

Service Description
Scarlett Managed IT Services Fully outsourced IT and security managed by Scarlett Cybersecurity. Specific services are be determined on a per-client basis.
Co-Managed IT Services Scarlett Cybersecurity will design a managed solution based on your business needs, existing IT expertise, geography, regulatory requirements and current business applications.
Disaster Recovery as a Service (DRaaS) DRaaS is an enhanced backup solution. It is fully managed by Scarlett Cybersecurity. DRaaS provides managed, rapid network recovery from catastrophic events.
Hardware Monitoring Monitored hardware health with proactive notifications.

Government IT Solutions

We utilize our trained staff to implement IT solutions that help clients solve specific issues. Our team will provide guidance, materials, and labor where needed.  

Service Description
Cloud Hosting Brokered cloud migration and hosting
File Sync and Share File Sync and Share enables organizations to securely synchronize and share documents, photos, videos and files from multiple devices with employees, and external customers and partners.
Hardware Refresh Updating or purchasing TAA compliant hardware solutions
Office 365 Office 365 implementation, migration, management, and purchasing

Consultation Services 

Scarlett Cybersecurity’s Consulting Team is led by ISACA Certified Auditors. These services provide information to clients as a trusted partner. Specific services are offered to assist in the realization of large projects. We are highly specialized in “Virtual CIO”, Cloud Strategy, and IT Governance consultation.

Service Description
Virtual CIO A virtual CIO is an outsourced specialist who acts as an overall IT strategy partner for client. This service can augment existing IT leadership or act in an advisory capacity.
Governance Consulting IT governance is a framework that provides a structure for organizations to ensure that IT investments support business objectives. Our Governance Consultants often augment an organization’s current staff. 
DRBC Consulting Consultants assist in the creation of a DRBC plan with consideration for infrastructure, applications, staff, data, and IT availability. They will design and recommend options to accomplish disaster readiness.
Cloud Strategy Consulting Tasks focused on migrating a client to the cloud. Consultants formulate a strategy based on requirements from client. Hybrid solutions available.
Workflow Consulting Business process mapping focused on providing an objective picture into procedural improvement opportunities.
Compliance Consulting Consulting focused exclusively on achieving compliance. Examples include HIPAA, HITRUST, NIST, PCI DSS, GDPR.
RFP Services Evaluating and selecting new IT solutions within guidelines. Assistance can be provided at any point in the purchasing process.

IT Audits and Assessments

Scarlett Cybersecurity was founded and built by certified Information Technology Auditors. The assessments listed below are commonly used to provide objective metrics and gain insight into the current network posture. Our assessments can be utilized as a standalone deliverable or as a precursor to more significant projects.   

Service Description
Comprehensive IT Assessment Performed by our ISACA Certified Auditors, this is a comprehensive report on the status of your entire IT infrastructure (security included).
Cybersecurity Assessment In-depth security analysis performed by our ISACA Certified Auditors. Includes extensive report with recommendations.
Disaster Recovery | Business Continuity Assessment In-depth disaster readiness analysis performed by our ISACA Certified Auditors. Includes extensive report with recommendations.