Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF JUNE 05, 2015 FBO #4942
SOURCES SOUGHT

D -- The Department of Justice (DOJ), Cyber Security Services (CSS) is issuing this Sources Sought to identify qualified and responsible vendors who possess the experience and resources to provide cyber security operations support to the Department of Justice.

Notice Date
6/3/2015
 
Notice Type
Sources Sought
 
NAICS
541618 — Other Management Consulting Services
 
Contracting Office
Department of Justice, Offices/Boards/Divisions, Procurement Services Staff (PSS), Two Constitution Square, 145 N Street, N.E., Suite 8E.300, Washington, District of Columbia, 20530, United States
 
ZIP Code
20530
 
Solicitation Number
DJJU-15-RFQ-JSOC
 
Archive Date
6/18/2015
 
Point of Contact
Gregory L Newsom, Phone: 2023071962
 
E-Mail Address
gregory.l.newsom@usdoj.gov
(gregory.l.newsom@usdoj.gov)
 
Small Business Set-Aside
N/A
 
Description
This Sources Sought is released pursuant to the Federal Acquisition Regulations (FAR) Part 10 Market Research. The information collected through the process is considered to be market research as described by FAR 2.101 and in accordance with FAR 10.002. This is NOT a Request for Proposal (RFP), and nothing shall be construed herein or through the Sources Sought process to commit or obligate the Government to further action. In addition, vendors responding to this request for information shall bear all risks and expenses of any resources used to provide the requested information. The submission of capability information in response to this market survey is purely voluntary. The Department of Justice (DOJ), Cyber Security Services (CSS) is issuing this Sources Sought to identify qualified and responsible vendors who possess the experience and resources to provide cyber security operations support to the Department of Justice. Background: The JSOC is the central organization for IT security operations in the DOJ. The JSOC is responsible for continually monitoring, detecting, and responding to security incidents that may occur on DOJ networks, IT services, and systems on a 24/7/365 basis. The JSOC provides Computer Network Defense (CND) services to the DOJ Enterprise by monitoring the network and answering phone calls and emails about cyber operations to; respond to, analyze, and manage the response to cyber incidents affecting DOJ information and information systems in accordance with the DOJ incident response plan (IRP). This capability includes working with security operations centers of other government agencies (OGAs), as well as DOJ information systems security officers (ISSOs), Chief Security Officers (CSOs), System Owners, and other stakeholders to assure information sharing and timely incident response and reporting. Scope of Contract: The contractor will use Standard Operating Procedures (SOPs) provided by DOJ to provide Vulnerability Assessment and Penetration Testing (VAPT), and develop/provide an integrated cyber response. Vulnerability assessments are crucial to securing the Federal Information Processing Standard (FIPS) 199 defined confidentiality, integrity, and availability (CIA) impact value of information processed on DOJ information systems. Vulnerability assessments seek to limit the vulnerability of information systems to adversary actions and to prevent the interference of information flow. Vulnerabilities are considered any process, policy, procedure, hardware or software exploit, or network design flaw that can degrade an organization's ability to secure the CIA of information. Specific contract tasks will include: Task 1: Program Management Support Program management shall be provided to support all of the monitoring, analytical, prevention, assessment, and any collateral efforts of the tasks. Task 2: Defensive Posture Assessment The Contractor shall perform a detailed assessment of the defensive posture of the DOJ network environment. Task 3: Cyber Threat Intelligence The contractor shall provide Intelligence Support to the JSOC in order to keep team members and JSOC Federal Staff aware of the cyber threats that may be directed at the Department. The contractor shall prepare Intelligence reports that include actors/intrusion sets that are targeting DOJ, attack platforms (ie. rootkits, trojans, and other tools used to compromise IT systems, establish persistence, and perform exploitation of IT systems), and cyber activity across the Federal Government and DoD. Task 4: Cyber Threat Analytics/Cyber Hunt Team The contractor shall produce analysis that assist DOJ in identifying compromised hosts, how they may have been compromised, and what indicators exist. These indicators shall then be used to identify other potential hosts within the Enterprise that may also be compromised. The Contractor shall develop plans to identify compromised hosts, assesses possible lateral movement, identify compromised accounts being used and other information necessary to contain and eradicate an advanced attacker Task 5: Cloud Security Monitoring/Cloud Security Analytics The contractor shall produce analysis that assist DOJ in monitoring cloud based environments for signs of intrusion, misuse, misconfiguration, and other cyber security items of interest. This task shall integrate this capability into the JSOC operations and allow the JSOC to perform incident response tasks within the DOJ network whether that is DOJ's own internal network or hosted within cloud infrastructure (this includes SaaS, PaaS, and IaaS) Instructions for Submission of Responses. Interested firms who consider themselves qualified to perform the above-listed services are invited to submit a response to this Sources Sought Notice by Wednesday June 17, 2014 at 1:00 PM. All responses under this Sources Sought Notice must be emailed to Gregory.Newsom@usdoj.gov. The submission shall be in Microsoft word-- No PDF files please. Total pages shall not exceed 8 pages. Page limitations are based on one side of 8.5" by 11" paper, not less than 12-point font size. Please provide: 1. Vendor background summary including, contractor name, address, DUNS, point of contact information, email, phone and website address. The DOJ is particularly interested in the business size and any socio-economic factors identified in The Federal Acquisition Regulation Section 19.5 Finally for GSA Schedule holders, please provide the applicable schedule number. 2. Tailored capability statements addressing the particulars of this effort, with appropriate documentation supporting claims of organizational and staff capability. If subcontracting or teaming is anticipated in order to deliver technical capability, organizations should address the administrative and management structure of such arrangements. Capability statement shall contain: • The Contractors experience with running Security Operations Centers for large federated organizations over 100,000 hosts running 24/7/365. Detail experience with streamlining the tracking and executive reporting of cyber events. • The Contractors knowledge and understanding of Nation State cyber adversaries (aka Advanced Persistent Threat(APT)) Tactics, Techniques, and Procedures (TTPs) • The Contractors ability to provide skilled analysts with incident response experience in combatting APT groups • The Contractors ability to provide robust monitoring of Cloud environments (eg, Amazon AWS, Azure, Office365, other Iaas/PaaS) • Provide a notional security architecture of how a Federal Enterprise would monitor a multi-cloud environment with a mix of IaaS/PaaS • Provide a list of previous contracts where federal and/or DoD SOC services were provided. Provide customer/Government Agency contact information where these services were provided including: contact name and organization, telephone number, and email address. Include a short synopsis of the contract scope. The Government will evaluate market information to ascertain potential market capacity to provide services consistent in scope described in this notice and otherwise anticipated. Telephone inquiries will not be accepted or acknowledged, and no feedback or evaluations will be provided to companies regarding their submissions.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/DOJ/JMD/PSS/DJJU-15-RFQ-JSOC/listing.html)
 
Record
SN03751451-W 20150605/150603234803-29fc2a823ac1f53746f7e2e6fd9fb274 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.