Posted Date : August 16,2019
Product (RFP/RFQ/RFI/Solicitation/Tender/Bid Etc.) ID : ITES-2079
Government authority located in West olive, Michigan; USA based organization looking for expert vendor for IT security support services.
[A] Budget: Looking for Proposals
[B] Scope of Service:
(1) Vendor needs to provide IT security support services include security consulting and include reviewing security audits and making possible recommendations for security improvements to the government authority located in West olive, MI.
1. Threat and Vulnerability Management of Hosting Environment – Services to include but not be limited to: vulnerability scanning of server and network devices conducted on a quarterly basis. Results shall be analysed and recommendations provided by the Contractor on remediation of critical and high rated findings.
2. Chief Information Security Officer (CISO) as a service – Provide CISO as a Service for security overview services and recommendations to the County for up to twelve (12) hours per month. Specific areas to include: review of file scans, Qualys external vulnerability scans and security audit reports.
3. Security Operations – Provide leadership for security incidents involving assets of the County. Advise the County on new and emergent threats the County should be aware of. A presentation of the new and emergent threats shall be provided to the County every quarter.
4. Penetration Testing – Organize annual penetration testing including defining the test target scope and obtaining permissions. After the test is completed, contractor shall assist with interpreting the results and provide recommendations (as a result of the test) to improve the security position.
5. Security Monitoring – Provide oversight for logging and alerting of potential security events on systems. Examples include: alerting on abnormal network performance thresholds, system CPU utilization spikes, alerting on file access/storage access abnormalities, and items that may impact the confidentiality, integrity or availability of the systems or data.
6. Identity Management and Access Management – Provide Identity Management and Access Management services for approved accounts managed in the County of Ottawa Active Directory instances. Accounts shall be created according to an agreed upon procedure between the County and the Contractor. Access to IT resources must be approved by an authorized County Project Manager.
7. System Hardening and Patch Management Validation for Security Profiles – Configure window systems in accordance with the Microsoft Baseline Security recommendations. Parameters not in accordance with this baseline will be required to have an approved IT risk acknowledge form (provided by Contractor) completed. Contractor shall perform system patching using vendor supplied and approved patches (servers and workstations) and follow the approved deployment schedule. If any gaps are identified, the Contractor shall provide remediation recommendations.
(2) All question must be submitted no later than August 28, 2019.
(3) Contract period will be for two years.
[C] Eligibility:
Onshore (USA Only)
[D] Work Performance:
Performance of the work will be Offsite. Vendor needs to carry work in their office location.
Budget :
Deadline to Submit Proposals: September 06,2019
Cost to Download This RFP/RFQ/RFI/Solicitation/Tender/Bid Document : 5 US$
Image may be NSFW.
Clik here to view.
Product (RFP/RFQ/RFI/Solicitation/Tender/Bid Etc.) ID : ITES-2079
Government authority located in West olive, Michigan; USA based organization looking for expert vendor for IT security support services.
[A] Budget: Looking for Proposals
[B] Scope of Service:
(1) Vendor needs to provide IT security support services include security consulting and include reviewing security audits and making possible recommendations for security improvements to the government authority located in West olive, MI.
1. Threat and Vulnerability Management of Hosting Environment – Services to include but not be limited to: vulnerability scanning of server and network devices conducted on a quarterly basis. Results shall be analysed and recommendations provided by the Contractor on remediation of critical and high rated findings.
2. Chief Information Security Officer (CISO) as a service – Provide CISO as a Service for security overview services and recommendations to the County for up to twelve (12) hours per month. Specific areas to include: review of file scans, Qualys external vulnerability scans and security audit reports.
3. Security Operations – Provide leadership for security incidents involving assets of the County. Advise the County on new and emergent threats the County should be aware of. A presentation of the new and emergent threats shall be provided to the County every quarter.
4. Penetration Testing – Organize annual penetration testing including defining the test target scope and obtaining permissions. After the test is completed, contractor shall assist with interpreting the results and provide recommendations (as a result of the test) to improve the security position.
5. Security Monitoring – Provide oversight for logging and alerting of potential security events on systems. Examples include: alerting on abnormal network performance thresholds, system CPU utilization spikes, alerting on file access/storage access abnormalities, and items that may impact the confidentiality, integrity or availability of the systems or data.
6. Identity Management and Access Management – Provide Identity Management and Access Management services for approved accounts managed in the County of Ottawa Active Directory instances. Accounts shall be created according to an agreed upon procedure between the County and the Contractor. Access to IT resources must be approved by an authorized County Project Manager.
7. System Hardening and Patch Management Validation for Security Profiles – Configure window systems in accordance with the Microsoft Baseline Security recommendations. Parameters not in accordance with this baseline will be required to have an approved IT risk acknowledge form (provided by Contractor) completed. Contractor shall perform system patching using vendor supplied and approved patches (servers and workstations) and follow the approved deployment schedule. If any gaps are identified, the Contractor shall provide remediation recommendations.
(2) All question must be submitted no later than August 28, 2019.
(3) Contract period will be for two years.
[C] Eligibility:
Onshore (USA Only)
[D] Work Performance:
Performance of the work will be Offsite. Vendor needs to carry work in their office location.
Budget :
Deadline to Submit Proposals: September 06,2019
Cost to Download This RFP/RFQ/RFI/Solicitation/Tender/Bid Document : 5 US$
Image may be NSFW.
Clik here to view.
