The Vendor is required to provide for cybersecurity services.
- The City currently operates in a Google Workspace environment and also maintains Microsoft infrastructure to support identity, systems, applications, and operational needs. The environment includes approximately 600 endpoints, including desktops, laptops and servers.
- The City maintains a mixed technology environment consisting of on-premises infrastructure and Software-as-a-Service applications. These systems support core municipal operations, employee productivity, public-facing services, collaboration, communication, and departmental business functions.
- The City currently maintains an endpoint protection solution for City-owned systems and intends to continue using its existing platform.
- All cybersecurity services should operate as one coordinated program, not as disconnected tools or separate vendors. Risk management, monitoring, endpoint protection, reporting, and incident response should work together.
- The service should be able to grow with the City’s needs. As systems, users, endpoints, cloud services, or risks increase, the vendor should be able to expand coverage without redesigning the program.
- must have clear written processes for how issues are handled, who is contacted, when incidents are escalated, and how communication flows during normal operations or security events.
- Where applicable, services that require ongoing monitoring or response should be available continuously. This is especially important for threat detection, endpoint response, and incident escalation. The phrase “where applicable” allows flexibility for services that may not need 24/7 operation, such as scheduled reporting or advisory meetings.
- Continuous Risk & Vulnerability Management
• Internal and external vulnerability scanning
• Risk-based prioritization and remediation guidance
• Configuration and firewall assessment/review
• Identity and directory security assessment/reviews
• Web application vulnerability assessments
• Compliance-oriented scanning, where applicable
• Executive risk summaries and advisory services
- Managed Endpoint Security & Response
• Continuous endpoint monitoring
• Certifications for endpoint product held by analysts within the SOC
• Detection of malware, exploits, scripts, and lateral movement
• Automated and analyst-led containment
• Threat hunting activities
• Policy management and tuning
• Operational management of endpoint security tooling.
Set up free email alerts and get notified when new government bids, tenders and procurement opportunities match your industry and location. Choose daily or weekly delivery.