Notice ID: 20146850
CBP requires a knowledgeable, experienced, and innovative contractor teaming partner to transition security operations from its current state to an improved state that aligns with the framework of Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, Executive Order (EO) 13800. This includes reducing meantime to detection, incident recovery and establishing and reporting applicable metrics. This teaming partner is required to have a strong understanding and proficiency with cloud-based security technologies, architecture, and computing. The contractor teaming partner must also be experienced in collecting, searching, monitoring, and analyzing machine-generated big data.
The scope of this requirement encompasses contractor support to enable CBP to detect, respond, mitigate, and report to CBP SOC management on Information Technology (IT) security threats involving CBP networks and data. The scope includes support activities related to identification (e.g., asset inventory) and recovery (e.g., incident recovery) process execution. Services shall be provided through monitoring, intrusion detection, and protective security services to CBP information systems, including local area networks/wide area networks (LAN/WAN), public facing websites, wireless, mobile/cellular, cloud, security devices, servers, and workstations. The core services to be rendered include 24 hours per day, 7 days per week, 365 days per year (24x7x365) network monitoring for security events and security event analysis, access controls, remote access controls, computer security incident response and management, and Software tool integration.
The scope of this task order includes continuing the Security Operations Support Services work of the incumbent contractor in accordance with the Government’s and contractor’s processes, procedures, and schedule to successfully perform the following tasks:
- Program Management / Project Management.
- Cyber Defense Forensics (CDF) Support.
- Attack Sensing & Warning (AS&W) Support.
- Cyber Incident Response Team (CIRT) Support.
- Cyber Threat Intelligence (CTI) Support.
- Cyber Risk Management (CRM) Support.
- Security Modernization (SecMod) Support.
- Vulnerability Assessment (VA) Support.
- Security Engineering and Sustainment (SES) Support.
- Enterprise Logging Solution (ELS) Support.
- Development Security Operations (DevSecOps) Support (Optional).
- Information System Security Officer (ISSO) Support.
- Cyber Threat Hunting (CTH) Support.
- Operations Enhancement (OE) Support.
- Office of Professional Responsibility Cyber Investigations (CI) Support; and
- Security Technology & Policy (STP) Support
The period of performance will consist of nine (9) months of Base Period (09/24/2024 – 06/23/2025).
Not Yet a Premium Partner/Sponsor? Learn more about the OS AI Premium Corporate and Individual Plans here. Plans start at $295 annually.