Notice ID: 47QFLA24K0007
The objective of this contract is to provide subject matter expertise (SME) in the areas of cloud migration, cybersecurity architecture and engineering specific to the post-migration of the Defense SBIR/STTR Information Portal (DSIP) from its previous host at the Defense Technology Information Center (DTIC) to the current host United States Air Force’s (USAF) Cloud One. Support will be required to continually improve management efficiency, DSIP performance, and the user experience for internal DoD users and small businesses. In support of migration sustainment and sufficiency, a new service in the cloud will be implemented to modernize existing manual processes that support the critical due diligence investigations. This service will be the SBIR/STTR Counterintelligence Database (SCD).
The scope of this contract is limited to the level of effort required to deliver continued cybersecurity support and system authorization services in support DSIP within its cloud hosted environment, AF Cloud One, Amazon Web Services (AWS) Impact Level 4 (IL4). This includes support to the development, security, and operations (DevSecOps) Pipeline to continuously deliver secure DSIP Modules developed in AWS Impact Level 2 (IL2) by the DSIP applications development and delivery team, REI Systems, Inc., to AWS IL4. Support includes cybersecurity architecture and engineering design; continued new technology and application integration; policy documentation; and process improvements. Services required include:
- SME support to sustain the System Authorization and Cybersecurity of applications and services operated in support of the Defense SBIR/STTR Program.
- DSIP hosted in USAF Cloud One AWS
- SCD hosted on Naval LIFT Secret Internet Protocol Router Network (SIPRNet) Software as a Service (SaaS)
- USAF Office of Commercial & Economic Development (OCEA) commercial services
- Coordination of Defense SBIR/STTR Program efforts with USAF Cloud One; Naval LIFT, USAF OCEA.
- Design/development/delivery/management of Defensive Cyberspace Operations (in partnership with USAF managed services; Naval LIFT’s High Performance Computing Center).
- Continued delivery, management, and support for integrated HOCKEYPUK™ Cybersecurity Solutions which integrates National Information Assurance Partnership (NIAP) certified hardware virtual private network (VPN) solutions with zero clients and a zero-trust cloud native access point to force all application development and delivery to occur in the cloud, from the cloud.Continued implementation, technology refresh, and support for HOCKEYPUK™ Cybersecurity Solutions from end users/developers to AWS IL2 & IL4, DSIP’s hosting environment.
- Continuous Authority to Operation (ATO)/Risk Management Framework (RMF) documentation development, delivery and coordination (IATT) to ATO support) including creation and delivery of necessary artifacts to support all Defense SBIR/STTR Program System Authorizations in accordance with Department of Defense Instruction (DoDI) 8510.01 (DoD Risk Management Framework). This includes coordination and adoption of inherited security controls offered from the Program’s systems hosting environments (USAF Cloud One AWS, Naval LIFT’s SaaS, etc.) …
The period of performance will consist of a 1-year base period and one 1-year option period.
Want to get involved with OS AI? - A small number of Sponsorship Opportunities are now available here. Starting at $500.