Information Technology Support Services

The vendor is required to provide information technology (IT) support services as-needed project basis.
- These services will supplement internal SVP IT staff to ensure resilience, operational continuity, and modernization of utility systems across multiple technology domains.
- Microsoft infrastructure services
•    Secure design, deployment, and support of active directory and group policy across multiple domains and segmented utility networks.
•    Server architecture (physical, virtual, and hybrid) for high availability and disaster recovery, especially in support of critical utility functions such as metering, outage management, and GIS systems. 
•    DNS, DHCP, and certificate services management aligned with cybersecurity and identity best practices.
- Microsoft desktop engineering
•    Development and maintenance of secure desktop images, including support for ruggedized field devices and substation control pcs. 
•    Automated deployment using tools such as microsoft endpoint configuration manager (SCCM), microsoft autopilot, and windows deployment services (WDS)
•    Patch and vulnerability management in compliance with industry and regulatory standards (e.g., NERC CIP, cis benchmarks).
- Cisco and hp and Aruba network infrastructure architecture, engineering, and operational support
1. General requirements
•    Provide professional services for cisco ASA firewalls, routers, switches, wireless LAN controllers (WLCS), and access points. 
•    Deliver support services for both enterprise (IT) and utility (OT) environments, including substations, control centers, and field sites. 
•    Ensure compliance with industry regulations, including NERC CIP, cis benchmarks, and internal standards.
2. Enterprise and OT network architecture and segmentation
•    Network segmentation design and implementation between IT and OT using VLANs, firewalls, ACLs, and VRFs. 
•    Secure architecture for substations, control centers, and field operations.
3. Routing and switching design and support
•    Configuration and support for cisco core, distribution, and access switches. 
•    Support for routing protocols, including BGP and EIGRP. 
•    Lifecycle planning and hardware refresh management.
4. Wireless LAN infrastructure engineering 
•    Deployment and support of cisco WLCS and lightweight access points. 
•    Secure wireless access with 802.1x, wpa3, and NAC integration. 
•    Wireless support for office and field and utility environments.
5. Cisco ASA firewall engineering and network security
•    Implementation and support of cisco ASA firewalls with VPNS and access control policies. 
•    High-availability (HA) configurations and logging and SIEM integration. 
•    Rule base review, optimization, and documentation.
6. Operational support and lifecycle services
•    Ongoing monitoring, troubleshooting, and break and fix support for all cisco infrastructure across IT and OT networks. 
•    Proactive performance tuning, configuration validation, and response to hardware and software issues, including iOS, firmware, and patching. 
•    Development and maintenance of detailed runbooks, sops, and configuration repositories to ensure operational consistency. 
•    Support for hardware refresh planning, EoL and EoS tracking, and software version alignment.
7. Compliance, documentation, and NERC CIP support
•    Support for implementation and maintenance of controls aligned with NERC cip-005, cip-007, and cip-010, including firewall rule review, logging, and access control policies. 
•    Maintain current and accurate documentation of network topology, IP address schemes, VLANs, firewall rules, ACLs, and zone segmentation between IT and OT. 
•    Assist with audit preparation, configuration review reports, and technical evidence for regulatory or internal cybersecurity audits. 
•    Support change management processes with configuration tracking, rollback documentation, and review logs.
- Microsoft SQL server administration
•    Support for databases powering utility systems such as customer information systems (cis), asset management, GIS
•    Performance tuning, backup and restore strategies, and replication for critical application uptime. 
•    Security hardening of SQL environments, including role-based access control and encryption.
- Microsoft 365 (m365) services
•    Configuration and ongoing management of exchange online, SharePoint, teams, workflow, and OneDrive for organizational collaboration and document control. 
•    Governance and compliance implementation, including data loss prevention (DLP), eDiscovery, and retention policies relevant to public record-keeping laws and local compliance requirements. 
•    Support for secure access for field crews and cross departmental teams with conditional access and identity management.
- Microsoft Intune and endpoint management
•    Deployment and policy management for both corporate and BYOD endpoints, including tablets used in substations and service vehicles. 
•    Integration with azure ad, defender for endpoint, and m365 security center for centralized device health monitoring and compliance reporting.
- Cybersecurity services
•    Support for the design and implementation of cybersecurity frameworks aligned with industry best practices. 
•    Vulnerability scanning, penetration testing support, and incident response readiness assessments. 
•    Security awareness training, multi-factor authentication (MFA) enforcement, and soc support for threat monitoring and reporting.
- ITIL and ITSM process support
•    Design and optimization of IT service management processes including incident, problem, change, and asset management.
•    Support for service desk operations, SLA monitoring, and reporting for internal IT and third-party providers. 
•    Implementation and support of ITSM platforms such as ServiceNow, Jira service management, or other municipal friendly platforms.

- Contract Period/Term: 5 years
- Questions/Inquires Deadline: September 5, 2025