Loren Data's SAM Daily™

fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF MAY 19, 2010 FBO #3098
SOURCES SOUGHT

D -- IT Security Services

Notice Date
5/17/2010
 
Notice Type
Sources Sought
 
NAICS
541519 — Other Computer Related Services
 
Contracting Office
Department of Health and Human Services, National Institutes of Health, National Library of Medicine, 6707 Democracy Blvd., Suite 105, Bethesda, Maryland, 20894, United States
 
ZIP Code
20894
 
Solicitation Number
NLM-RFQ-10-118-RDB-KDR
 
Archive Date
6/8/2010
 
Point of Contact
Rico Batte, Phone: 301-496-6546, Karen D Riggs, Phone: 301 496-6546
 
E-Mail Address
rb468p@nih.gov, kr33v@nih.gov
(rb468p@nih.gov, kr33v@nih.gov)
 
Small Business Set-Aside
N/A
 
Description
The National Institutes of Health, Office of the Chief Information Officer, OCIO, is seeking capability statements from qualified organizations (NAICS 541519, small business size standard is $25 million) with experience in providing enterprise level information security program support. This notice is not a Request for Proposals. This is a sources sought notice only. The purpose of this sources sought notice is to gain knowledge of potential qualified sources and their size classification as a Small Business, Veteran-owned small business, HUBZone small, small disadvantaged business, 8(a), Service Disabled Veteran Owned, Veteran Owned, and Women-Owned Business relative to the NAICS code. Requirements/Tasks Areas: The requirements and tasks to be performed include, but are not limited to, providing information security support and management services at an enterprise level to the National Institutes of Health in the following task areas: 1) expert-level security forensics analysis, security risk assessment, system auditing and security planning; 2) incident identification, monitoring, management, response, and reporting capability; 3) expert-level support for Oracle and MS SQL Server database design and administration; 4) support and guidance through the information security risk management process including risk assessment, system certification & accreditation, and POA&M tracking; 5) support for vulnerability scanning, real-time situational awareness and wireless security; 6) technical writing and strategic and technical planning; 7) support to the agency CIO for the budgeting and financial management process for agency information systems, projects, and organizations; 8) support to the agency CIO by performing IT/information management and program analysis tasks in areas including, but not limited to, IT governance, legislative, regulatory and policy analysis and program planning; and 9) administrative support to agency executives including the agency CIO, Deputy CIO, and Chief Information Security Officer. Information Requested: Submitted information should be relevant and specific in the task areas under consideration, on each of the following qualifications: The Corporate capability statement(s) must: • Demonstrate prior experience and expertise in assisting with the implementation and management of a Federal, agency-level, information security program consisting of all nine (9) tasks described above. • Document the ability and experience in providing information security service to a large Federal organization > 30,000 staff (employees and contractors) at multiple sites across a metropolitan area, in multiple states, and possibly outside of the continental United States. • Document and demonstrate an understanding of how information security impacts an organization comprised of both scientific research and administrative components. • In any capability statements submitted, the organization must demonstrate and document past experience in the last 3 years in the above nine (9) tasks. Documentation may include, but not be limited to references, i.e., names, titles, telephone numbers and any other information serving to document the organization's capability. The Corporate capability statement(s) must address the area of key personnel: • Address how the organization plans to fill the following four mission critical positions. Note: this requirement is not limited to these four positions. Organizations are advised that should a Request for Proposals (RFP) be issued, the government anticipates seeing a complete staffing solution to meet the entire needs of this requirement. The four mission critical positions are: 1) Program Manager/Project Manager; 2) Subject Matter Expert (SME) in security forensics analysis, security risk assessment and auditing; 3) SME in Oracle and MS SQL Server database design and administration; 4) SME experienced in providing expert support of the type to be provided to the agency CIO in #8 above. Any personnel considered for the four critical positions above should meet and/or exceed the following minimally accepted criteria. o Program Manager/Project Manager. Qualifications: A bachelor's degree in Computer Science, Information Systems, or Engineering. This position requires a minimum of 15 years experience, of which at least 10 years must be specialized. Specialized experience must be related to IT security. General experience should be in IT. With a Masters degree in the fields described above: 12 years experience, of which at least 10 years must be specialized. With a Ph.D. in the fields described above: 10 years experience, of which 10 years must be specialized. The Program Manager/Project Manager must also have documented experience managing a project staff of more than twelve persons, the majority of whom have a technical background and perform information security-related tasks; o SME/ expert in computer forensic analysis, security risk assessment, security auditing and security planning; Qualifications: A bachelor's degree in Computer Science, Information Systems, or Engineering. This position requires a minimum of 15 years experience, of which at least 10 years must be specialized. Specialized experience must be related to IT security. General experience should be in IT. With a Masters degreein the fields described above: 12 years experience, of which at least 10 years must be specialized. With a Ph.D.in the fields described above, 10 years experience, of which 10 years must be specialized. o SME/expert-level in Oracle and MS SQL Server database design and administration; Qualifications: Specialized experience would include advanced Database design and analysis, administration, application programming and would include database design and administration with Oracle and other products on Solaris, Linux, and Windows. All general experience should be in IT. With additional education beyond High School in Computer Science, Information Systems, or Engineering, a minimum of 20 years experience, of which 15 must be specialized. With a Bachelor's degree in Computer Science, Information Systems, or Engineering, this position requires a minimum of 15 years experience, of which at least 10 years must be specialized. With a Master's degree Computer Science, Information Systems, or Engineering, a minimum of 12 years general experience, of which at least 10 must be specialized. With a Ph.D. degree in Computer Science, Information Systems, or Engineering, a minimum of 10 years experience, of which 10 years must be specialized. o SME having knowledge of and experience in providing senior-level management support for IT/information management and program analysis tasks in areas including but not limited to IT governance, legislative, regulatory and policy analysis and program planning (Requirement/Task 8 above). Qualifications: A bachelor's degree in management, communications, language, or related. This position requires a minimum of 15 years experience, of which at least 5 years must he specialized. Specialized experience must be related to IT policy, budget, and management. General experience should be in general Federal policy and administrative management. Your responses will assist the Government in selecting the appropriate acquisition mechanism. The page limit is 25 pages (font size 10 or larger). Responses to this sources sought notice shall include the organization's name, address, point of contact, size of business pursuant to the North American Industrial Classification Code (NAICS) and must address all the technical information requested. Additionally, the response must provide answers to the following questions: • Is your organization a small business under the NAICS code? • Does your firm qualify as a small disadvantaged small business? • If disadvantaged, specify if your firm is certified under section 8(a) of the Small Business Act. • Are you considered a certified HUBZone firm? • Are you considered a woman-owned or operated business? • Are you a certified Service-Disabled Veteran Owned or Veteran Owned business? Corporate capability statements must meet all requirements stated in this notice to be considered responsive. This notice is for information and planning purposes only and does not commit the Government to any contractual agreement. This is not a request for proposals. The Government does not intend to award a contract based on responses under this announcement nor otherwise pay for preparing any information sent or the Government's use of the information. Any proprietary information should be so marked. Interested organizations presenting a capability statement in response to this sources sought notice must identify their size status. The organization may include any other specific and relevant information that would improve our consideration and evaluation of the information provided. Please submit written capability statements by 5:00 pm on May 24, 2010. Information Requested: Sources having the ability to provide the professional services described above shall provide clear and comprehensive information supporting their experience and past performance information. An offeror's response shall not exceed 25 pages. Any questions can be submitted to Rico Batte, Contracting Officer, via email message at Rico.Batte@nih.gov and a copy to Karen Miller, Contracting Officer at kr33v@nih.gov. All information received will be considered as part of a competitive acquisition. Responses are due by 5:00 p.m. local prevailing time on Monday, May 24, 2010. This requirement is being processed for the Office of the CIO, NIH by the National Library of Medicine.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/HHS/NIH/OAM/NLM-RFQ-10-118-RDB-KDR/listing.html)
 
Place of Performance
Address: Office of the Chief Information Officer, Bethesda, Maryland, 20892, United States
Zip Code: 20892
 
Record
SN02151061-W 20100519/100517234259-18481aee0d663626a808c17488e4c548 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)

FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.