Cyber Security Managed Detection and Response Service

The Vendor is required to provide the managed detection and response service include enhancing threat and vulnerability management capabilities, improving security device management with integrated monitoring, ensuring comprehensive auditing and compliance, and streamlining incident response processes.
- The service should include optional periodic penetration testing with reporting and remediation recommendations, comprehensive incident management covering containment, remediation, and root cause analysis, and robust training for agency IT staff via the board training platform.
- Service Management
•    SLA Management
o    Process by which formal SLA for managed security services is being established.
o    Process by which SLA is being monitored and evaluated.
o    Process by which SLA is being reviewed and improved.
•    Service Report
o    Indicate the types of service reports that are provided.
o    Process by which service reports are being generated and submitted.
o    Indicate the types of communication channels that are provided, such as onsite meeting and conference meeting.
- Service Features
•    Capability of real-time monitoring and analysis
o    Supports real-time security event and log monitoring and analysis.
•    Onsite incident response support
o    Service supports onsite incident response.
•    Services support multiple vendors’ products
o    Service supports multiple vendors’ products.
•    In-depth technical and security request support
o    Service supports in-depth technical and security requests.
•    Real-time view through flexible client interface
o    Service supports real-time view through flexible client interface.
•    Dedicated team per client
o    Service supports dedicated team per client.
•    Support compliance audit and assessment
o    Service supports compliance audit and assessment.
•    24x7x365, multiple, redundant SOCS with disaster recovery and global coverage 
o    Your organization has multiple, redundant SOCS with disaster recovery and global coverage.
•    Global online community providing insight and intelligence
o    Your organization has a global online community providing insight and intelligence.
- The product integrates with Microsoft Defender endpoint, or if the service uses its own endpoint protection, how it avoids conflicts with the built-in Microsoft tools.
- The process by which functional security devices for your services are deployed. Include any tasks that must be performed on systems or devices already deployed (e.g. network configuration and third-party integration).
- The process by which the initial configuration of your service is performed. Include the implementation of any necessary security devices, the creation of any rules, and the configuration of any and all settings required for optimal operations.
- Budget: $175,000

- Contract Period/Term: 2 years
- Questions/Inquires Deadline: November 21, 2025