HHS OIG RFI: Cyber Range Managed Cloud Services

Notice ID:  140D0424Q0573

The Department of the Interior (DOI), Interior Business Center (IBC), Acquisition Services Directorate (AQD) is issuing this RFI/Sources Sought on behalf of the Department of Health and Human Services (HHS), Office of the Inspector General (OIG), Office of Audit of Services (OAS) for the HHS/OIG Cyber Range Managed Cloud Services.

The Office of Audit Services (OAS), Cybersecurity and Information Technology Audit Division (CITAD) within the HHS-OIG is tasked with auditing the information technology (IT) programs and resources developed and maintained by HHS Operating Divisions (OpDivs) and health care providers. Their work is crucial in detecting and correcting vulnerabilities and weaknesses in computer systems, ensuring an efficient and secure IT environment. To facilitate CITAD’s work, a cloud hosted “Cyber Range” is used for audit support, penetration tests, research, and training.

The objective of this contract action is to procure a Managed Cloud Service Provider (CSP) for proactive and on-demand operations, maintenance, monitoring, cost optimization, and support of the public cloud hosted Cyber Range.  Specifically, the CSP will manage an existing Cyber Range hosted within the Amazon Web Services (AWS) Cloud Environment, and if optional task 10 is executed on, expansion into Microsoft Azure.

Hosting Requirements

The Government requires a Contractor with AWS and Azure certifications and partnerships to effectively manage and monitor OAS CITAD’s Cyber Range using Cloud Managed Service models as necessary. Offerors for the OAS CITAD’s Cyber Range must strictly adhere to all published AWS Service Level Agreements (SLAs) and provide these SLAs to the OIG as appropriate.

For any cloud service solution (e.g., but not limited to: Infrastructure as a Service, Platform as a Service, Software as a Service) deployed or utilized by the Contractor as part of its proposed solution to support the HHS OIG Cyber Range, it must be Federal Risk and Authorization Management Program (FedRAMP) authorized.  The Contractor is obligated to make sure that their proposed solution meets all relevant FedRAMP, Federal Information Security Modernization Act (FISMA), White House, and Cybersecurity and Infrastructure Security Agency (CISA) mandates.

Specifically, the Contractor’s responsibilities encompass comprehensive cloud management services, including provisioning, monitoring, scaling, and maintenance of the HHS OIG Cyber range cloud infrastructure, including but not limited to EC2, S3 Storage, Subnets and network components, Virtual Firewalls, load balancers, etc.; ensuring high availability, security, and compliance …

The anticipated period of Performance of this contract is a base year and nine (9) option years.

Read more here.

Ad



Not Yet a Premium Partner/Sponsor? Learn more about the OS AI Premium Corporate and Individual Plans here. Plans start at $250 annually.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

LEAVE A REPLY

Please enter your comment!
Please enter your name here