Information Technology Cybersecurity Services

The vendor is required to provide operational support resources to the office of cybersecurity within the following:
a) Cybersecurity operations center (CSOC) services
• Cyber-threat hunting support services
• Cyber incident response and incident response retainers
• Cyber-threat intelligence and open-source intelligence (OSINT) services
• Security information and event management (SIEM) implementation, operation, and support services
• EDR, NDR, and XDR implementation, operation and support services
• CASB implementation, operation and support services
• Secure email gateway implementation, operation and support services
• Web application firewall implementation, operation and support services
• NGFW operation, management and support services
b) Cybersecurity awareness training services
• On-site live CSAT training
• CSAT program development, implementation, and management
• Phishing and other social engineering defense trainings
• Cyber training and certification for cybersecurity professionals
• Cyber training and certification for it and ot professionals
• Cyber training tailored for executives and board of directors
c) Access control and access management services
• Identity management governance
• Network access control implementation and management services
• Privileged access management implementation and management services
• PKI certification management and support services
• PKI PIV management and support services
• SSO management and support services
• Enterprise mobility management (mobile device management)
d) Penetration testing, audits and assessment services
• Penetration testing for OT environments
• Penetration testing of HR systems and financial systems
• Red teaming exercises
• Purple teaming exercise
• Tabletop exercise planning, execution, and assessment
• IT enterprise risk analysis and assessment services
• ICS risk analysis and assessment services
• Compliance assessment services
• Compliance preparation services
e) Vulnerability management services
• Scanning and identification services for it and OT vulnerabilities
• Services for vulnerability report generation
• Services for cybersecurity exceptions reporting and tracking
• Services for providing management of plans of actions and milestones for identified vulnerability and cybersecurity exceptions
• Vulnerability patching and remediation services
• End points, servers, switches, routers, firewall, and other peripheral and network device
hardening – experience with STIG implementation required
• Application secure code reviews, remediation and implementation of recommended secure coding practices
f) Supply chain risk management (SCRM) support services
• Vendor and third-party partner organization security scorecard services and reporting
• It and ICS SBOM and HBOM analysis and management services
• Contract monitoring and analysis on a continuous basis to ensure specified metropolitan agreements include appropriate and specified cybersecurity language
g) Data security services
• Implementation of data classification labels into cloud and on premises systems
• Implement host based, network based and cloud-based data loss prevention (DLP) solutions and provided management for these technologies and services
• Implement and managed data security labels within email and other transmission services such as corporate chat and virtual meeting tools
h) Governance risk and compliance (GRC) services
• Implementation and management of GRC platform services that meet metropolitan’s specification
• Cybersecurity policy, process, technical standards, and administrative requirements development
• Integration of metropolitan policies, processes, standards, requirements, and applicable frameworks and industry regulation into managed GRC platform
• Integrate service management system with GRC platform
• IT and OT asset management systems and services.
- Questions/Inquires Deadline: March 18, 2025