Copyright © 2026 RFPPlanet. All rights reserved.
Privacy Policy
Cookie settings
Terms of Use
The vendor is required to provide a managed security service provider (MSSP) that can help the city achieve the goals of the information technology strategic plan while effectively managing current and future cybersecurity risks.
- The city’s technology infrastructure and application contains both on premise and cloud technology.
- There are approximately:
• 225 servers
• 1700 desktops/laptops
• 300 firewalls/switches/routers
• 300 access points
• Numerous operational technology (OT) including, but not limited to PLCS, SCADA systems, surveillance systems, and sensors.
- 24/7 monitoring
• Rapid detection and mitigation of threats is essential for government targets holding sensitive public data and finances.
• 24/7 real-time monitoring of city networks, systems, endpoints, and cloud services via a remote security operation center (SOC) is essential.
• This must be located and staffed within the country.
• Proactive alerts to key city staff, automatic response to active threats or suspicious activity, and threat prioritization form the core of this expected MSSP service.
• Forensic investigation and reporting after incidents will be key.
• IT stakeholders will prefer a partner that, as necessary, can provide on-site incident remediation (or automate remote remediation and conduct on-site follow ups).
- Physical asset protection
• Any managed security solution must protect existing city-owned and managed assets related to information technology and operating technology.
• This includes but is not limited to computers, servers, printers, infrastructure technology, phones, deployed sensors such as cameras, environmental sensors, Wi-Fi nodes, etc.
• Additionally, the selected service must be capable of evolving with city assets, technology and processes.
- Security advisory
• Vulnerability assessments and recommendations/roadmaps conducted on a recurring cadence.
• Threat intelligence services (e.g., machine-readable threat intelligence feeds, customer-specific dark web and social media monitoring).
• Recommendations for patching and hardening.
• Quarterly reporting (executive summary + technical detail).
• Ad-hoc reporting upon request.
• Phishing simulation and security awareness training.
• Penetration testing or red teaming services.
- Contract Period/Term: 3 years
Set up free email alerts and get notified when new government bids, tenders and procurement opportunities match your industry and location. Choose daily or weekly delivery.
