GSA Contract Holder Government Cybersecurity Solutions



Scarlett Cybersecurity exists to simplify cybersecurity solutions for government institutions, save taxpayer resources, foster community trust, and facilitate innovation. We enable the federal government and state & local government to focus on their core objectives by providing the latest technology with transformational results. 

The need for managed cybersecurity and IT services has never been greater. Multiple economic and social factors make hiring experienced security personnel an unrealistic proposition.

By utilizing the MAS Information Technology, public organizations are able to obtain IT and cybersecurity services. In order to view these available services, visit the website Services located within this schedule are pre-negotiated, compliant, and extensive.

By utilizing the Special Item Number (SIN) system, purchasers are able to sort the available services by category. For more information, read our blog post about the benefits of utilizing GSA services.

Our Experience

  • 22 years in operation with certifications in all major areas of network support technology
  • All products and services are TAA compliant
  • NAICS Code: 541512 – Computer Systems Design Services
  • Small Business according to U.S. Small Business Administration

Capabilities Overview

Founded and built by Information Technology Auditors, The Scarlett Group is unique. Our governance, controls, processes, security and approach are next-level. Unlike our competitors, we take an auditor’s view, not a break/ fix or product perspective. We are true trusted partners.

With offices in Jacksonville, Florida, and Raleigh, North Carolina, our dynamic has been the Southeast. However, over the years, we have engaged clients ranging from Portland, ME, New York City, and Austin, Texas - among others. Our reach is nation-wide in the United States.

Our firm operates under the highest standards of business practices and validate the best-in-class solutions provided to the clients.


  • Information Technology and Cybersecurity Services


  • 8FME5


  • 012530744


  • Type 2 SOC 1 Accreditation

GSA SIN Listings

  • 518210C
  • 54151S
  • Ancillary

Primary Industry Certifications:

  • CISA
  • GCFA
  • Type 2 SOC 1 Accredited 

Primary Services:

  • Information Technology
  • Cybersecurity
  • IT and Cybersecurity Audits
  • IT and Cybersecurity Consultation
  • Managed and Co-Managed IT Helpdesk Services
  • Managed and Co-Managed Cybersecurity Services
  • Cloud
  • Cloud Migration Services
  • IT Solution Implementation
  • Compliance

Set Asides:

  • Small Business
  • SBA Certified Small Disadvantaged Business


GSA Labor Categories



Labor CategorySINDescription
Incident Responder54151HACSCybersecurity expert trained in Incident Response techniques. Executes pre-defined incident response plan. Perform the five steps of Incident Response: Scope, Contain, Eradicate, Recover, and Post-Incident. Works with clients to determine root cause of incidents and prevent future threats. Utilizes advanced security tools and techniques to prevent future incidents.
Security Analyst54151HACSResponds to security threats and alerts by analyzing details and triaging events. Setup new alerting solutions and policies. Determine and escalate high-level threats. Remediate security issues and assist in Incident Response investigations when needed. 
Security Engineer54151HACSPrimary escalation point for security analyst. Implements solutions offered by consultants and clients. Thorough cybersecurity experience allow for more in-depth solution utilization and issue remediation. Configures advanced security features within existing toolsets.
Vulnerability Tester54151HACSWorks with clients to scope potential security vulnerabilities utilizing technical evaluation techniques and scans. Provides execute summaries and reports based on findings.  Can be engaged for a wide scope of tasks ranging from individual application testing to network-wide vulnerability evaluations.
Project Manager54151SThe IT Project Manager is responsible for the management of IT projects: translates SOWs into project phases & tasks, budgets hours, ensures others execute project tasks within budget and on time; troubleshoots any arising issues; coordinates meetings between clients, technicians and / or vendors; reports project progress and potential problems to management. 
IT Consultant54151SRecommends actions and provides roadmaps to assist with IT decisions. Provides clients with on-demand communication and advice for strategic IT planning. Engaged alongside client resources or as a standalone asset. Consolidates IT strategy and provides planning for future projects. Specific duties vary by engagement.
Lead IT Consultant54151SActs as a substitute or augmentation to current IT leadership. Provides extensive strategic leadership and advises client leadership. Engaged alongside client resources or as an integrated and independent member of current client staff. Duties vary by engagement but encompass a much larger scope than "IT Consultant".
Network Engineer54151SPerforms proactive network tasks. Deploys solutions into environments that are used by clients and internal technicians. Maintains toolset and patches systems. Monitors network health and remediates networking issues.
Lead Network Engineer54151SPerforms advanced networking tasks and develops networking solutions for clients. Responsible for evaluating networks and determining health. Deploys and configures monitoring solutions. Works with clients to determine desired state and architect solutions.
NOC Technician 254151SPerform similar functions as NOC Technician 1 but with emphasis on internal experience and external education. Acts as the primary escalation point for NOC technician 1 and provides advanced issue resolution for more complex issues.
NOC Technician 354151SNOC Technician 3 is an independent role focused on architectural changes and severe network issue remediation. These technicians receive escalations from NOC Technicians 2 that require extensive experience and specialization to remediate.
Business Analyst54151SResponsible for providing business process evaluation and updates for clients. Analyzes current practices and recommends options based on client parameters, Subject Matter Expert on systems and processes, policies.  Consolidates IT and personnel resources in order to streamline inefficiencies and improve productivity.
Auditor54151SAuditors utilize a preset evaluation format to conduct objective assessments of client systems. The assessment is then used to provide recommendations. Auditors are experienced in managing the evaluation process and generating the executive report based on the current format. Executes Comprehensive IT Assessments, Cybersecurity Assessments, and Disaster Recovery and Business Continuity Assessments.
Lead Auditor54151SPerforms all duties of "Auditor" with the addition of being responsible for creating assessment criteria and providing advanced assessment recommendations. Creates custom assessments based on client requests.
Cloud Consultant518210CCloud technology expert who assists clients with all aspects of cloud strategy. Capable of assisting with migration, upgrades, planning, and strategy for clients with on-premise, hybrid, or cloud systems. Recommend and implement SaaS, PaaS, or IaaS solutions as needed. Work with internal and external staff to manage projects associated with cloud strategy. Continual evaluation of cloud technologies and solutions.
Cloud Engineer518210CEngineer with advanced experience in cloud technologies. Performs complex cloud strategy tasks including deploying cloud servers, configuring hybrid environments, domain migrations, and more. Assists with advanced cloud architectural design and issue remediation.  Develops documentation, user manuals for cloud architecture. 
Cloud Technician518210CTechnician with experience in cloud technologies. Focused on cloud implementation, migration, and maintenance. Assists clients with tasks associated with cloud implementation and migration projects. Experience with common SaaS technologies for user technical support. Direct contact point for user cloud issue remediation and training.
NOC Technician 1ANCILLARYNOC Technicians function as first responders to network and user issues and perform direct customer support. Responsible for triaging network events and escalating events that exceed complexity requirements or event severity.

Federal Government Cybersecurity Solutions

Scarlett Cybersecurity provides a wide array of government cybersecurity solutions centered around creating a comprehensive security stack.

These solutions work best when combined into a comprehensive security stack, but some can be offered à la carte if desired.

It is recommended that clients utilize a comprehensive cybersecurity audit to determine specific needs before committing to a solution.

Managed Cybersecurity for Government

We specialize in fully managed, “Complete IT” solutions by acting as the Managed Service Provider for clients. Outsourced IT saves on manpower costs and leverages skills that are in short supply.

Scarlett Managed SecurityA fully managed security solution with implementation based on client needs and expectations.
Security Awareness TrainingTraining sessions designed to test users and provide actionable reports. Simulated phishing attacks test training effectiveness.
Vulnerability TestingExtensive network scans with annotated reports that provide insight into network health and security gaps.
Managed AVManaged AV with custom alerting and issue resolution.
Managed PatchingManaged monitoring and patching of devices to ensure updates are implemented in a timely manner.
SIEM/SOCCentralized logging and alerting. Used for network visibility and compliance. Provides 24/7/365 customized alerting and reporting.

Managed Endpoint Protection Solutions

We offer services and products that keep endpoints safe with an emphasis on being lightweight and unobtrusive.

Application WhitelistingManaged application that provides the ability to control what runs in the environment and what users can install.
Endpoint Detection and ResponseEDR is an endpoint protection solution designed to be a full replacement for AV.  Network isolation, rollbacks, IR forensics, and machine learning are some of the flagship features.
Anti-Virus/Anti-MalwareAV for endpoint defense. Centrally managed options available.

Managed Government Network Security Solutions

Current trends in cybersecurity have placed a greater emphasis on network awareness, threat detection, and threat intelligence. Scarlett Cybersecurity offers a wide variety of products that will help secure your computer network and the data on it.

Data Loss Prevention SolutionsDLP solutions classify and protect confidential and critical information in order to prevent end users from accidentally or maliciously sharing data that could put the organization at risk.
OpenDNSDNS resolution with built-in security features that helps prevent malicious or undesired traffic from resolving.
Single-Sign-On (SSO)Implement SSO solution to enable use of a single set of credentials for most services.
Multi-Factor AuthenticationImplement MFA solutions to provide enhanced authentication security.

Professional IT Services and Solutions

The Professional IT Services and Solutions category provided by Scarlett Cybersecurity encompasses all offerings focused on improving the IT operational readiness of an organization.

Our cyber security services are split into “Professional” and “Cybersecurity.” There is invariably some overlap, especially with fully managed solutions. 

Managed Government Computer Security Solutions

We specialize in fully-managed, “Complete IT” solutions by acting as the Managed Service Provider for clients or working in tandem with current IT staff. 

Scarlett Managed IT ServicesFully outsourced IT and security managed by Scarlett Cybersecurity. Specific services are be determined on a per-client basis.
Co-Managed IT ServicesScarlett Cybersecurity will design a managed solution based on your business needs, existing IT expertise, geography, regulatory requirements and current business applications.
Disaster Recovery as a Service (DRaaS)DRaaS is an enhanced backup solution. It is fully managed by Scarlett Cybersecurity. DRaaS provides managed, rapid network recovery from catastrophic events.
Hardware MonitoringMonitored hardware health with proactive notifications.

Government IT Solutions

We utilize our trained staff to implement IT solutions that help clients solve specific issues. Our team will provide guidance, materials, and labor where needed.  

Cloud HostingBrokered cloud migration and hosting
File Sync and ShareFile Sync and Share enables organizations to securely synchronize and share documents, photos, videos and files from multiple devices with employees, and external customers and partners.
Hardware RefreshUpdating or purchasing TAA compliant hardware solutions
Office 365Office 365 implementation, migration, management, and purchasing

Consultation Services

Scarlett Cybersecurity’s Consulting Team is led by ISACA Certified Auditors. These services provide information to clients as a trusted partner. Specific services are offered to assist in the realization of large projects.

We are highly specialized in “Virtual CIO”, Cloud Strategy, and IT Governance consultation.

Virtual CIOA virtual CIO is an outsourced specialist who acts as an overall IT strategy partner for client. This service can augment existing IT leadership or act in an advisory capacity.
Governance ConsultingIT governance is a framework that provides a structure for organizations to ensure that IT investments support business objectives. Our Governance Consultants often augment an organization’s current staff. 
DRBC ConsultingConsultants assist in the creation of a DRBC plan with consideration for infrastructure, applications, staff, data, and IT availability. They will design and recommend options to accomplish disaster readiness.
Cloud Strategy ConsultingTasks focused on migrating a client to the cloud. Consultants formulate a strategy based on requirements from client. Hybrid solutions available.
Workflow ConsultingBusiness process mapping focused on providing an objective picture into procedural improvement opportunities.
Compliance ConsultingConsulting focused exclusively on achieving compliance. Examples include HIPAA, HITRUST, NIST, PCI DSS, GDPR.
RFP ServicesEvaluating and selecting new IT solutions within guidelines. Assistance can be provided at any point in the purchasing process.

IT Audits and Assessments

Scarlett Cybersecurity was founded and built by certified Information Technology Auditors. The assessments listed below are commonly used to provide objective metrics and gain insight into the current network posture.

Our assessments can be utilized as a standalone deliverable or as a precursor to more significant projects.   

Comprehensive IT AssessmentPerformed by our ISACA Certified Auditors, this is a comprehensive report on the status of your entire IT infrastructure (security included).
Cybersecurity AssessmentIn-depth security analysis performed by our ISACA Certified Auditors. Includes extensive report with recommendations.
Disaster Recovery | Business Continuity AssessmentIn-depth disaster readiness analysis performed by our ISACA Certified Auditors. Includes extensive report with recommendations.