Enterprise Managed Security Services

The Vendor is required to provide a managed security services provider (MSSP) for managed detection and response (MDR) and extended detection and response (XDR) IT security services.
- Provider will supply a fully managed service that combines 24/7 monitoring, advanced threat detection, proactive threat hunting, automated and analyst-led response, and integration with existing endpoint, network, identity, cloud, and application security tools.
- The solution must enhance the government ability to detect, investigate, respond to, and recover from security incidents while meeting compliance and reporting obligations.
- Objective
•    Provide continuous monitoring and protection across endpoints, networks, cloud environments, identities, and applications.
•    Centralize and correlate security telemetry through a managed SIEM/XDR platform.
•    Detect and respond to threats quickly, reducing dwell time and impact.
•    Deliver actionable reporting and recommendations to improve security posture.
•    Integrate seamlessly with existing tools and workflows to maximize operational efficiency.
•    Support compliance with relevant cyber security frameworks, regulations, and internal policies.
- Design & Deployment
•    Provide a cloud-hosted or hybrid SIEM/XDR platform with full multi-tenant capability for security event ingestion and correlation.
•    Onboard all relevant log sources, including but not limited to: endpoints, firewalls, IDS/IPS, identity providers, cloud workloads, network appliances, and SaaS applications.
•    Deploy and configure endpoint agents or sensors where applicable.
- 24/7 Managed Detection and Response
•    Provide continuous monitoring by a staffed Security Operations Centre (SOC).
•    Perform automated and manual threat hunting using telemetry from all connected sources.
•    Detect, validate, and prioritize security incidents.
•    Initiate containment and response actions in coordination with Government staff.
- Incident Response
•    Provide predefined response playbooks for common threats (e.g., ransomware, credential theft, phishing, and insider threat).
•    Offer remote containment (e.g., network isolation, account lockout, file quarantine).
•    Support incident triage, forensic analysis, and recovery recommendations.
- Reporting & Compliance
•    Provide real-time dashboards and scheduled reporting.
•    Supply post-incident reports with root cause analysis and recommendations.
•    Ensure retention and retrieval of logs to meet compliance requirements.

- Contract Period/Term: 1 year
- Questions/Inquires Deadline: December 05, 2025