Navy Sources Sought: Risk Management Framework Support Services

Notice ID: N0018924RMFSUPPORT

Navy Expeditionary Combat Command (NECC) requires contractor support services for the management and processing of Assessment and Authorization (A&A) of systems and applications used and operated by NECC Training Division (N7) and Echelon IV commands. Support tasks include but not limited to the processing, planning, execution and management of A&A packages within the Risk Management Framework (RMF) system.

This statement of work (SOW) defines Full Time Employee (FTE) Subject Matter Expert (SME) Support services to be procured: Information Systems Security Expert (ISSE) and System Administrator Support technicians. The Contractor shall be responsible for the provision of adequate levels of staffing required to meet functional requirements. The Contractor shall be responsible for training contractor support to 1) meet N7 operational requirements (i.e., contractor personnel should arrive ready to work), 2) meet N7 requirements currently at DOD Information Assurance Technical Level II and computing environment certifications in accordance with (IAW) DoD 8570.01-M, and 3) maintain certifications and complete DOD and DON annual training requirements.

The Contractor shall provide engineering and technical analysis to perform a broad assortment of system certification and accreditation support functions. Services include knowledge and experience related to but not limited to: network/system configuration, design, planning, management, Information Assurance (IA) compliance and Certification & Accreditation requirements.

The Contractor shall provide analysis and guidance for application architectural enhancements including but not limited to: Information Assurance (IA) compliance, high availability, scalability, capacity planning, network design, cable plant and IP management.

The contractor shall provide support to maintain the system, network and application security integrity including development, management and updating the Certification and Accreditation requirements to include the execution and recording results of applicable test and verification requirements.

The contractor shall apply Defense in Depth methodologies to the hardening of all associated networks and systems. In depth knowledge of the Defense Information Systems Agency published Security Technical Information Guidance (STIG) processes and procedures is essential…

More here.

Ad



Not Yet a Premium Partner/Sponsor? Learn more about the OS AI Premium Corporate and Individual Plans here. Plans start at $250 annually.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

LEAVE A REPLY

Please enter your comment!
Please enter your name here