Information Technology Solutions and Services

The Vendor is required to provide a wide range of professional Information Technology Solutions and Services.
- There will be three (3) primary areas of focus: protecting the City's infrastructure, operations management, and identity and access management.
- Categorized into three primary areas:
•    Cybersecurity Management and Compliance
•    Infrastructure and Operations Management
•    Identity, Access, and Cloud-Based Solutions
- Cybersecurity Management and Compliance
•    Next-Generation Firewall (NGFW) Management: Configure, monitor, and optimize firewalls to enforce access controls and protect against advanced threats.
•    Vulnerability Threat Detection and Management: Identify, prioritize, and remediate vulnerabilities across IT assets.
•    Patch Management: Ensure timely application of security patches to prevent exploitation of known vulnerabilities.
•    DNS-Based Security Tools Management: Administer tools to safeguard against DNS attacks and improve internet security.
•    Cybersecurity Best Practices Implementation: Develop and enforce policies to align with industry security standards.
•    Security Information and Event Management (SIEM): Deploy and manage SIEM systems for real-time monitoring and threat analysis.
•    Endpoint Detection and Response (EDR): Monitor and respond to threats targeting endpoints.
•    Security Orchestration, Automation, and Response (SOAR) Management: Streamline incident response and improve automation.
•    CIS Controls and Benchmark Hardening: Implement hardening measures aligned with CIS standards to reduce attack surfaces.
•    Third-Party Cyber Risk Scoring Systems Management: Evaluate vendor cybersecurity postures and manage associated risks.
•    Penetration Testing Services: Perform regular penetration tests to identify vulnerabilities and recommend remediation strategies.
•    Malware Analysis and Mitigation: Analyze malware threats and implement countermeasures.
•    Security Awareness Training for End Users:
o    Develop and deliver training programs focused on end-user awareness of cybersecurity risks.
o    Conduct anti-phishing training sessions, simulate phishing attacks, and analyze outcomes to improve user vigilance.
o    Provide ongoing education to promote secure behavior and reduce susceptibility to social engineering attacks.
•    Anti-Phishing and Security Training Platform Management: Manage platforms used to deliver and track security awareness training for employees.
- IT Infrastructure and Operations Management
•    Server Management and Administration: Oversee on-premises and cloud servers to ensure reliability and performance.
•    ERP and Financial Software Management and Administration: Support and maintain enterprise and financial systems for operational continuity.
•    Desktop and Printer Support: Provide technical support for end-user devices.
•    Wireless Infrastructure Management: Deploy, monitor, and maintain wireless networks for secure connectivity.
•    Software and Hardware Inventory Control: Manage asset inventory to maintain compliance and operational efficiency.
•    Manage Virtual Desktop Infrastructure (VDI) Systems: Provide secure and optimized VDI solutions for public or organizational use.
•    Video and Audio Systems Administration: Maintain and manage video conferencing and audio systems, 
•    On-Premises and Hosted VOIP Systems Management: Administer telecommunication systems for reliable and secure communication.
•    E911 Systems Management: Maintain and manage E911 systems, both on-premise and hosted, to ensure compliance and emergency readiness.
- Identity, Access, and Cloud-Based Solutions
•    Cloud-Based Identity Tools Management: Administer and secure identity solutions hosted in the cloud.
•    Multi-Factor Authentication Implementation: Deploy MFA solutions across multiple vendors to enhance access security.
•    VPN Tunneling and Remote Client Administration: Configure and manage secure remote access solutions.
•    Manage Cloud-Based Email Platforms: Administer and secure email platforms hosted in the cloud.
•    Mobile Device Management Platforms: Ensure secure use and administration of mobile devices within the organization.
•    On-Premise Access Control and Camera Security Systems Management: Oversee physical security systems, including access controls and surveillance.
•    Collaboration with MS-ISAC and Federal/State Organizations: Work with external bodies to maintain compliance and adopt best practices.
- The Support Technician must be available on-site during the City’s normal working hours, and occasionally outside business hours.
- Ability to provide 24/7/365 support for critical systems and emergencies.
- Certified expertise in cybersecurity and IT infrastructure technologies.
- Completion of a professional and criminal background check at the Vendor's cost.
- Make contact with support requesters within one (1) business day of request.
- Maintain all current technology systems to provide a minimum of 95% annual uptime for each user.

- Contract Period/Term: 1 year
- Pre-Proposal Meeting (Non-Mandatory) Date: September 17, 2025
- Questions/Inquires Deadline: September 26, 2025