About Us

Why JCC-5 Is Your Preferred Cyber Defense Vendor, Today and Tomorrow...

Jalil Cyber Consultants (JCC-5) is a veteran-minority-owned small business with over 30 years of experience, committed to delivering “Military Grade” focus to the Cyber frontier.

Our objective is to provide elite cybersecurity specialists an opportunity to continue to serve their country as the world progressively becomes more integrated with cyberspace. Because of this infinite expansion we specialize in Cybersecurity, Information Technology, Telecommunications, Information Assurance, and Satellite Communications.

Our workforce is comprised of 95% military veterans and federal government contractors who have several years of experience within the industry. JCC-5 also has extensive experience servicing client projects of all data classification levels (Classified and Non-Classified).

Cybersecurity Services

Our mission is to provide the most advanced and comprehensive suite of information security services to businesses, governments and educational institutions. Our suite of services incorporate Cybersecurity Strategy, Identification & Remediation of Threats, Risk Management, Incident Response, Security Design & Architecture, Computer Network Defense, Cloud Solutions as well as a compilation of administrative control reviews and technical security testing methodologies designed to identify the resiliency and efficiency of technology in the environment.

Cyber Security Program Essentials (Program Development)*

Whether starting a Cybersecurity program from the ground up or desiring to benchmark and enhance your organization’s current Cybersecurity Program, leverage the experience and expertise of our program development specialists to deploy effective operational capabilities designed to proactively prevent, detect, and respond to cyber threats targeting your organization. The Cybersecurity development program focuses on developing the following program essentials:

  • Program Maturity
  • Strategy
  • Business Enablement
  • Identity & Access Management
  • Event Monitoring
  • Event Management
  • Cyber Insurance
  • Incident Response
  • Threat Management
  • Governance
  • Tools & Technology
  • Process & Proceedures
  • Strategic Staffing

Risk and Vulnerability Assessment

Cybersecurity is a constant race between attackers searching for weaknesses to exploit and defenders working to discover and secure them, first. Leverage our Risk & Vulnerability Assessments designed to evaluate the overall security posture of the enterprise by identifying and quantifying vulnerabilities in the environment on a one-time, ad-hoc, or continuous basis.

Performing consistent systematic vulnerability assessments is critically important to understanding and quantifying the level of risks facing your organization. Our Risk & Vulnerability Assessment service offerings include but are not limited to:

  • Network Mapping
  • Vulnerability Scanning
  • Wireless Network Assessment
  • Penetration Testing
  • Phishing and Social Engineering Assessments
  • Web Application Assessment
  • Operating System Security Assessment
  • Database Assessment
  • Internal & External Network Assessments

Threat Hunting & Incident Response

This service is designed to proactively assist clients in the discovery and response to cyber security incidents and events through the implementation of purpose-built capabilities. Allow our threat hunters to validate your detection effectiveness with targeted threat hunting exercises to find and eradicate hidden threats and detection gaps. Or leverage our advisory services to test your incident response readiness via IR Simulation or Live Table-Top Exercises.

   Assess Eliminate Mitigate Restore Normal Function State   

Security Design & Architecture

Security Design & Architecture Assessments are intended to evaluate the implementation of security technologies, identify potential gaps in the architecture and subsequently provide remediation plans and/or strategic architectural roadmaps designed to help clients align business risk to security objectives.

Risk Management Framework

We provide full-lifecycle NIST Risk Management Framework (RMF) process support for Federal systems, applications, and common control programs, in accordance with Federal Information Security Modernization Act (FISMA) requirements. Our teams have extensive experience in guiding new system acquisitions and development efforts from initiation to Authorization to Operate (ATO), including supporting stakeholders in the design and implementation of appropriate IT security and controls, and serving as independent assessors. We also perform more targeted security impact analyses and assessments for changes to existing systems.

Cloud Computing Solutions

JCC-5 understands that transitioning to the cloud is a cost effective, yet complex undertaking. Our solutions allow clients to migrate their applications and data centers to FedRAMP Cloud Service Providers (CSP) while leveraging agile approaches designed to account for application, infrastructure and operations maturity, as well as organizational demands and expectations. Resulting in efficiencies related to cost, productivity, and return on investment while increasing security.

Penetration Testing

Penetration testing, or pen-testing, is the evaluation of IT infrastructure’s security posture by safely attempting to detect and exploit vulnerabilities within a network or on an individual system. Penetration tests are typically performed utilizing both manual and automated technologies to systematically compromise or validate the security of servers, endpoints, web applications, wireless networks, network devices, mobile devices and other potential points of exposure.

External Resiliency Testing (ERT)

External Resiliency Testing takes the approach of an anonymous attacker on the internet (traditional hacker, script kiddie, etc.) on the outside of the organizations perimeter defenses.

  • Phase I: Establish Rules of Engagement
  • Phase II: Target Reconnaissance
  • Phase III: Planning & Preparation
  • Phase IV: Perimeter Breach
  • Phase V: Analysis & Reporting

Wireless Resiliency Testing (WRT)

Wireless Resiliency Testing takes the approach of an anonymous attacker in the proximity of the wireless LAN (traditional hacker, script kiddie, etc.) on the outside of the organizations perimeter defenses

  • Phase I: Establish Rules of Engagement
  • Phase II: Wireless Evaluation
  • Phase III: Wireless Testing
  • Phase IV: Analysis & Reporting

Internal Resiliency Testing (IRT)

Internal Resiliency Testing takes the approach of an attacker (insider threat, 3rd party, etc.) that has already successfully penetrated the perimeter defense of the organization and is operating on the internal network.

  • Phase I: Establish Rules of Engagement
  • Phase II: Lateral Movement
  • Phase III: Analysis & Reporting

Applications Resiliency Testing (ART)

Application Resiliency Testing analyzes the state of your applications to identify vulnerabilities and potential consequences of exploitation followed by concise improvement recommendations.

  • Phase I: Establish Rules of Engagement
  • Phase II: Application Testing
  • Phase III: Analysis & Reporting

Professional Services

On-demand subject matter expert (SME) staffing to assist with remediation efforts, program development and/or common I.T. and security projects. It is quite common for organizations to find it difficult to address the challenges of staffing skilled security professionals possessing the expertise necessary to comply with varying compliance regulations, while simultaneously securing the organization from internal and external threats.

Fully understanding this challenge, our Professional Services are uniquely positioned to help resolve resource limitations by augmenting client staff with senior security consultants. By working in tandem with JCC-5 we can help to expedite and complete various projects and initiatives. This delivery model allows your organization to leverage skilled resources without the hassle of hiring, training and/or backfilling permanent staff members.

Regulatory Compliance Management

In the Era of compliance audits & investigations it has become increasingly important for privacy and security programs to not only comply with, but also demonstrate compliance with federal requirements and government regulations. Contact us to explore how we can assist with your compliance needs.

Program & Project Management

Implementing initiatives to deliver critical business benefits requires a structured and disciplined approach. Leverage experienced program/project managers to ensure successful delivery of large and small scale IT transformations.

Virtual Chief Information Security Officer (vCISO)

Many organizations recognize the need for Executive-Level Leadership & Representation as the cornerstone of a comprehensive information security program. However, many organizations are not quite ready to hire a full-time CISO or have not fully defined what a successful CISO’s responsibilities would involve within their organization. The organizations that are prepared for a CISO, are then faced with the challenges of identifying qualified candidates during a time where it is increasingly difficult and expensive to attract, recruit and retain qualified resources.

To close the strategic leadership gap, we have designed the vCISO role to facilitate the strategic guidance and knowledge a traditional CISO would provide a security program. The vCISO service enables our clients to inherit the many benefits an experienced, certified information security practitioner would provide on an advisory level or as an interim, part-time or full-time staffing engagement.

Information Technology Professional Services

All companies (commercial, federal, state, and local) leverage technology to gain a competitive advantage, but even the most stable and patched IT systems can develop problems that require IT support. JCC-5 offers affordable, next-gen solutions to boost performance and efficiency in the following areas:

  • Telecommunications & Network Management
  • IT Facility Operations & Maintenance
  • Automated Information System Design & Integration
  • Programming Services
  • Information Assurance
  • IT Systems Development/Analysis Services
  • Desktop Management
  • Data Conversions
  • Backup & Security Services

Government Services

JCC-5 is a FISMA compliant company offering an assortment of specialized I.T. & Cybersecurity services designed to maintain underlying critical infrastructure as well as defend our Nation’s way of life, economic vitality, and national security from sophisticated cyber criminals and nation-state threat actors.

  • Jalil-Cyber-Consultants, LLC
  • CAGE: 7ZSA1
  • DUNS: 026203210
  • NAICS: 541511, 541512, 541513, 541519, 611420

Contact Us

Please contact us for more information about JCC-5 services

Careers

For the foreseeable future there will continue to be security concerns that need to be addressed. Join our team of brilliant and inspiring Cybersecurity minds as an innovator, thought leader, and trusted advisor to provide the most effective cyber defense services to our clients.

To Apply:

Please send your resume that includes a summary of your qualifications at the top of the resume to Careers@JCC-5.com.

Equal Opportunity Employer
Jalil-Cyber-Consultants, LLC is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.