Security Management System

The Vendor is required to provide for managed security event monitoring, alert triage, and escalation services.
- To further strengthen our security posture and ensure proactive threat management, we are exploring opportunities to augment our current capabilities by partnering with a seasoned external cybersecurity provider.
- The ability to:
•    Integrate effectively with county to enable real-time telemetry ingestion, threat intelligence sharing, and coordinated response actions.
•    Provide scalable, future-ready services that address the district’s current needs while remaining flexible to accommodate future technological investments and strategic priorities particularly the Microsoft Security Suite.
•    Deliver expert-level support across all Security Operations Center (SOC) tiers from Level 1 alert triage to Level 3 threat hunting and forensic analysis with a strong emphasis on proactive threat detection, incident response, and strategic security advisory.
- Operates a hybrid technology environment, encompassing both on premises infrastructure and cloud-hosted platforms, including Amazon Web Services (AWS), Microsoft 365, Google Workspace, Oracle Cloud Infrastructure, Infinite Campus, and others.
- We intend to continue leveraging crowdstrike falcon for Level 1 monitoring and escalation, as it provides 24/7/365 continuous observation of log sources and telemetry, initial event review and prioritization (Alert Triage), and timely notification of significant alerts.
- Provide not only the Level 1, Monitoring and Escalation capabilities that are currently in place, but also the advanced capabilities of Level 2 and Level 3 SOC services.
- Monitoring and Escalation Only
•    Security Event Monitoring: Continuous (24/7/365) observation of log sources and telemetry to detect potential security events from our crowdstrike falcon deployment and other integrated sources.
•    Alert Triage: Initial review and prioritization of events based on severity, business impact, and urgency.
•    Escalation and Notification: Timely notification of significant alerts to designated district personnel via agreed communication channels (e.g., email, SMS, phone, or ticketing system).
- Monitoring + Limited Response Support
•    Advanced Log Analysis
•    Containment Support
•    Coordination and Contextualization
- Full Managed Detection and Response (MDR)
•    Proactive Threat Hunting
•    Forensic Investigations
•    Tailored Playbook Development
•    Professional Services

- Contract Period/Term: 1 year
- Questions/Inquires Deadline: September 15, 2025