The vendor is required to provide a partner and develop a streamlined process to efficiently manage a preferred managed security services provider program.
- Managed security services provider (MSSP) solution requirements
• Managed security service provider (MSSP) solution that can deliver comprehensive cyber assurance services and advanced monitoring and response capabilities that complement and integrate with the existing security group.
• The solution must provide continuous, 24x7 security monitoring, threat detection, and incident response to safeguard customer assets from evolving cyber threats.
• Ensure MSSP roadmap that college can layer in services overtime as existing solution expire or are deprecated.
- Company technical profile
• Desktop OS types: windows 10, windows 11  
• Multiple server OS types: windows 2016‐2022, Linux, and Unix variants (85 total)
• Firewall vendors: Fortinet (4 campus firewalls)
• Database vendors: Zogotech, microsoft SQL, oracle (until November 2025)
• Locations: 4 campuses
• Servers: 85 (down to around 50 by November 2025)
• Employees: 326 full‐time and 272 part‐time
• 2k endpoints
• One data center
• Multiple SaaS services (Ellucian banner, Brightspace, office365, google workspace)
• Multiple compliance requirements (tac202, HIPAA, FERPA, FTC financial safeguards) - Current solutions
• barracuda email filtering with impersonation and incident response protection
• Sentinel one EDR on all college managed endpoint and server devices
• 1 On‐premise Nessus vulnerability management service  
- Security event monitoring
• Indicate the capabilities of your services to monitor our firewall, EDR solution, vulnerability data, etc.
• Describe the typical workflow and process that occurs when the security analytics detects a security event, beginning with how that is presented to a soc analyst for evaluation through the triage, validation, prioritization, and customer alerting/notification process.
• Indicate where activities are automated versus manually performed by analysts.
- Advanced analytics and capabilities
• Cybersecurity offerings and expertise for assurance and operations.
• Network monitoring and/or network forensics features, capabilities, or offerings to detect advanced, targeted attacks.
• Payload analysis features, capabilities, or offerings to detect advanced, targeted attacks.
• Endpoint behavior analysis and/or endpoint forensics features, capabilities, or offerings to detect advanced, targeted attacks.
- Contract Period/Term: 3 years
- Questions/Inquires Deadline: June 09, 2025