DOS Sources Sought: Information Systems Security Services Support

Notice ID:  19AQMM240508RFI

The purpose of this notice is to request information regarding the availability of capable firms to support the requirements of the U.S. Department of State (DOS), Bureau of Overseas Buildings Operations (OBO), for Information System Security services (i.e., Cyber Security, Cloud Platform Security, Assessments & Authorization (A&), Information/Operations Security, Operational Technology Security (OT-Security), and Communication Security (COMSEC).

The scope of this effort encompasses technical, data analytics, cyber security, and cloud support for OBO/IRM and specifies the required capabilities but does not direct how those capabilities are to be completed.  This flexibility is intended to enable the Contractor to leverage their expert knowledge and propose creative solutions.  The Contractor shall provide qualified and appropriately1 cleared defined by the Staffing Plan (Secret at a minimum) personnel and other resources necessary to support OBO/IRM and its function as defined in 1 FAM2 283.1-3.   The contractor shall provide personnel that have the necessary knowledge and skills consistent with the NICE3 framework.

The Department’s Enterprise networks span approximately 275 diplomatic facilities in 175 countries, and 150 domestic offices. OBO/IRM applications scales across all the Department facilities. The size of the OBO’s network responsibilities and footprint will change accordingly, and the Contractor shall provide support in securing all of the OBO’s IT equities regardless of the environment (e.g. on-premise, offpremise, cloud, third-party hosted, etc.). The Contractor shall provide expertise in all Cloud aspects to include but not limited to architecture, security, monitoring, and contract analysis to best define cloud security control roles & responsibilities. The Contractor may also be required to travel to both CONUS and OCONUS locations, on a cost reimbursement basis, for temporary duty assignments to conduct/support assessments, systems deployment, and other aspects of the OBO/IRM mission.

Lastly, the scope of this acquisition will also include support across four separate environments: DoS OpenNet, DoS ClassNet, Cloud Service Providers (Azure, AWS, ServiceNow, Google, etc.) as well as multiple Cloud Software as a Service (SaaS) Platforms and externally hosted applications. All services will be performed in a hybrid environment with the primary work location being …

Task Management.  The Contractor shall perform activities related to but are not limited to the following:

  • Advise on the effective implementation of programs within the DOS, including integration of cyber security within the broader OBO context
  • Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
  • Support security reviews, identify and document gaps in security architecture, and manage a security risk management plan.
  • Monitor and track program and task performance to ensure on time service delivery.
  • Review and recommend improvements to periodic program reporting quality (substance, format, clarity, frequency, effectiveness) …

The period of performance shall include a one (1) year Base Period and four (4) one (1) year option periods.

Read more here.

Ad



Not Yet a Premium Partner/Sponsor? Learn more about the OS AI Premium Corporate and Individual Plans here. Plans start at $250 annually.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

LEAVE A REPLY

Please enter your comment!
Please enter your name here