The vendor required to provide managed information technology and cybersecurity services for include:
- Managed information technology services (MSP)
1. Help desk and end-user support
• 24/7/365 multi-channel help desk (phone, email, portal)
• Transparent ticketing with live status visibility
• Scheduled on-site presence and rapid escalation response
• Monthly performance reporting and user satisfaction metrics
2. Server, network, and infrastructure management
• Monitoring, patching, and configuration management
• Network uptime, security, and performance optimization
• Documentation of all system changes and configurations
3. Endpoint and device management
• Workstation provisioning, imaging, lifecycle management
• Asset tracking with warranty and refresh forecasting
• Vendor coordination for printers and MFPs
4. License and account management
• Centralized tracking of all licenses
• Active provisioning and deprovisioning coordination with HR
• Periodic reconciliation and optimization reporting
5. Backup, business continuity, and disaster recovery
• Oversight of third-party BaaS and DRaaS providers
• Annual DR testing participation and documentation
• Integration with MSSP for ransomware-resilient backup validation
6. Cloud services and modernization
• Guidance on phased cloud adoption (m365, azure, SaaS)
• Cost-benefit analysis and compliance considerations
• Rolling 3-year modernization roadmap
7. Operational technology (OT) support and integration
• Inventory and documentation of OT assets
• Coordination with OT vendors and MSSP for segmentation
• Recommendations for resilience and monitoring improvements
8. Governance, reporting, and strategic planning
• Monthly operational reporting and quarterly strategic reviews
• Annual IT roadmap and budget planning collaboration
• Close coordination with officer and MSSP
9. Transition and onboarding
• Structured onboarding and knowledge transfer plan
• Coordination with incumbent vendors to ensure smooth transition
- Managed cybersecurity services (MSSP)
1. Incident response and monitoring
• 24/7/365 soc operations with defined SLA response times
• Real-time monitoring of it and OT environments
• Forensic investigation and recovery coordination with MSP and officer
2. Managed detection and response
• Integration with existing sentinel one and huntress deployments or equivalent
• Centralized visibility, automation, and correlation across platforms
3. Disaster recovery and backup resilience
• Annual DR participation ensuring secure and immutable backups
• Coordination with MSP and backup vendors to validate protection
4. Security program and compliance (wisp)
• Annual and ongoing assessments
• Maintenance of the written information security program (wisp)
5. Regulatory and insurance alignment
• Ensure compliance with shield, CJIS, NIST, and insurer mandates
• Support for audits and insurance renewals
6. Reporting and governance
• Real-time security ticketing visibility for village it
• Monthly incident and vulnerability reports
• Quarterly executive briefings on trends and priorities
7. Operational technology (OT) security
• OT risk assessment and network segmentation guidance
• OT monitoring roadmap aligned with ISA and IEC and NIST standards
8. Strategic roadmap
• Maintain a rolling three-year cybersecurity roadmap updated annually
9. Flexibility and value-add
• Optional user awareness training and phishing simulations
• Additional services such as penetration testing or dark web monitoring.
- Budget: $72 million
- Contract Period/Term: 3 years
- Questions/Inquires Deadline: January 9, 2025
