How Solid is Your Security?




Know for Certain
with Tangible Security

Cyber Assessments | Product Security | Consulting

Learn More


Get Our Weekly Newsletter for Top 10 Cybersecurity Trends & News Stories Subscribe >

DHS EAGLE II Contract Overview

 
Enterprise Acquisition Gateway for Leading Edge Solutions II (EAGLE II) is a Department of Homeland Security (DHS) contract vehicle to obtain IT services and solutions. Tangible was awarded Functional Category 1 – IT Service Delivery on Small Business track.

Tangible Security Quality Control Program

To prevent and remove quality problems while serving Federal agencies, Tangible Security leverages the Capability Maturity Model Integration (CMMI) framework (version 1.3) from Carnegie Mellon University. It consists of appraisal surveys, issue identification, continuous risk planning, corrective action tracking, periodic reporting, and process improvement training.

Based on EAGLE II FC1 SOW performance requirements and surveillance requirements, Tangible Security’s EAGLE II Program Manager (PM) and Quality Control Manager (QCM) develop and establish:
  • Quality metrics
  • Service delivery summaries with performance objectives
Quality control planning and auditing employs CMMI-derived checklists by function and output. Audits/inspections are planned monthly. The QCM and EAGLE II PM define and document EAGLE II-specific processes and plans, with the QCM ensuring conformance to CMMI practices. Tangible Security’s COO must approve the Quality Assurance Process and Plan prepared by the QCM.

We employ quality evaluation methods at both contract and task order levels, which requires production of a quality assurance surveillance plan for each task order that Tangible Security supports. The QCM employs the following quality evaluation methods and others, which vary per task order:
  • Customer satisfaction surveys
  • Third party assessments (independent)
  • Peer reviews
  • Unannounced reviews (scheduled)
  • Assess team members comprehension of requirements
  • Planned sampling and process validation
  • Quality control sampling and process validation
  • Incidental inspections
The quality assurance program tailored to the EAGLE II contract and task orders executes along the following periodic cycle:
  • Requirements analysis
  • Identify risks and risk mitigations
  • Define and schedule QA activities and methods
  • Observe, measure, review
  • Analyze and summarize findings
  • If non-compliances are found:
    • Assess impact
    • Analyze causes
    • Assign corrective actions
    • Capture corrective actions in tracking system
  • Review status of previously assigned corrective actions
  • Compile, sign, and distribute audit report
The QCM reports the above monthly, as well as supplemental reports when circumstances necessitate them. These reports must be reviewed by Tangible Security’s Chief Operating Officer (COO), EAGLE II PM, and task order PMs.

Tangible Security's Federal Services:

  • Assessment & Authorization (A&A)(formerly Certification & Accreditation)
  • Authority to Operate (ATO)
  • Ongoing/Proactive Risk Management and Compliance Assessments (FISMA, SP 800-37/53/53A/137, FPKI)
  • Cyber Security Engineering
  • Information Systems Security Engineering
  • Information Assurance Operations Engineering and Analyses
  • Acquisition & Program Management
  • High Assurance PKI Systems
  • Requirement Analysis & Documentation
  • Systems Development & Integration
  • Build/Buy Analysis
  • Vulnerability Scanning
  • Enterprise Penetration Testing
  • Commercial Security Products Evaluation
  • Independent Product Assurance Testing
  • Secure Development Lifecycle (SDLC) Consulting
  • SIEM Implementation, Monitoring, and Management

EAGLE II Task Orders under this Contract

As we receive EAGLE II task orders, we will list them here and they will also be listed at DHS

DHS Past Performance (Last Three Years)

Tangible is new to DHS. However, we have relevant past performance in the defense, intelligence, Federal Civilian, and commercial sectors.

EAGLE II Points of Contact

Customer Satisfaction
William Malone
This email address is being protected from spambots. You need JavaScript enabled to view it.
703.992.7045
IDIQ Contracts
Khanh Ho-Si
This email address is being protected from spambots. You need JavaScript enabled to view it.
800.913.9901, x3026
Teaming Coordinator
Jeff Kramer
This email address is being protected from spambots. You need JavaScript enabled to view it.
800.913.9901, x3056

As a cyber security firm with a decade of proven expertise in technology-enabled solutions for the Federal government, Tangible is at the forefront of key components of cyber security, serving the needs of the frontline warfighter and others:

  • Supporting the management and securing of high volume Public Key Infrastructure (PKI) implementations
  • Integrating innovative Identity and Access Management (IAM) technologies into large-scale eco-systems
  • Supporting and maintaining complex security environments
  • Facilitating compliance with government regulatory mandates and guidelines

Our professional services in cyber security frequently lead us to develop high value software solutions.

For instance, our unique expertise justified our award of a sole source contract with the Defense Information Systems Agency (DISA) to support the DoD Visitor capability.
DoD Visitor, which Tangible developed and has maintained since its inception, provides users possessing a valid Common Access Card (CAC) temporary access to Non-classified Internet Protocol Router Network (NIPRNET) devices when they are away from their home domain. NIPRNET is arguably the largest private network in the world.
As another service related to the world of defense, Tangible can assist both government agencies and product manufacturers with completing the DoD Information Assurance Certification and Accreditation Process (DIACAP).
Other examples of our work are seen within some of the most security conscious organizations within the Federal government, particularly the DoD. Consequently, Tangible receives regular briefings on cyber security trends as well as delivers papers and briefings to industry peers. This has enabled us to derive unique insights into product development opportunities.

The increasing national discussion concerning what must be done to properly manage cyber security efforts reads like a summary of Tangible’s capabilities and focus.

  • Acquisition and Program Management—economic analyses
  • Information Assurance (IA) Operations Engineering—testing and evaluation management support
  • IA Infrastructure Systems Engineering—requirements analysis and design as well as integration into existing infrastructure
  • Information Systems Security Engineering—DoD-style secure systems engineering, with certification and accreditation of final solutions
  • IA Technical and Policy Analysis—research that informs future directions in cyber security policy and procedures
White House policy makers recognize that, above all else, there is a fundamental need to acquire the best possible information about the state of our networks and the capabilities and intentions of our cyber adversaries. Critical cyber security information must be made available to and usable by everyone who needs it. Our experts are recognized as leaders in their fields, their books on ethical hacking and Secure Information and Event Management (SIEM) implementation are widely used as source and training materials. Our advanced techniques and software solutions have been honed on the front lines to defend against internal and external threats to organizational assets and economic viability. The President has referred to exactly these types of sophisticated attacks in his comments on cyber security.

Working at the forefront of cybersecurity, Tangible is committed to strengthening our nation’s defenses and its critical infrastructures.

We have Served Federal Clients for Over a Decade

Department of Homeland Security
Federal Bureau of Investigations
Department of Energy
Department of Defense
Government Services Administration
National Security Agency
Department of Health and Human Services
Department of Justice

By providing private sector cybersecurity services as well, we are able to bring commercial best practices to the Federal government.

  • Adeptly Facing Real Problems—Tangible is unique in an otherwise me-too environment. We go beyond the standard body of cyber security knowledge by constantly practicing the skills and exercising the perspective of cyber adversaries so we can provide practical, realistic, and prioritized insights and remedies.
  • Taking a Collaborative Approach—As a trusted advisor to our clients, we seek to address real world issues by helping to set priorities for future activities. Our cyber assessments and penetration testing services employ the hackers’ perspective to expose the real risks of acting or failing to act, and identify what must be addressed first. We also help embed security at every stage of information processing, transmission, storage, and access.
  • Providing a Prescient Perspective—We survey the ever-changing and often-invisible threat landscape to provide proactive cybersecurity. Our executives and Subject Matter Experts (SMEs) are recognized as leaders in their fields. They author numerous books on ethical enterprise hacking and Security Information and Event Management (SIEM) implementation.
Tangible helps the federal government secure high volume, strong authentication implementations by:
  • Integrating innovative Identity and Access Management (IAM) technologies into large-scale eco-systems
  • Conducting ongoing/proactive risk management assessments
  • Facilitating compliance with government regulatory mandates and guidelines
  • Developing compelling software solutions to persistent IAM industry problems