The Department of Justice (DOJ), Cyber Security Services (CSS) is issuing this Sources Sought to identify qualified and responsible vendors who possess the experience and resources to provide cyber security operations support to the Department of Justice.
The JSOC is the central organization for IT security operations in the DOJ. The JSOC is responsible for continually monitoring, detecting, and responding to security incidents that may occur on DOJ networks, IT services, and systems on a 24/7/365 basis. The JSOC provides Computer Network Defense (CND) services to the DOJ Enterprise by monitoring the network and answering phone calls and emails about cyber operations to; respond to, analyze, and manage the response to cyber incidents affecting DOJ information and information systems in accordance with the DOJ incident response plan (IRP). This capability includes working with security operations centers of other government agencies (OGAs), as well as DOJ information systems security officers (ISSOs), Chief Security Officers (CSOs), System Owners, and other stakeholders to assure information sharing and timely incident response and reporting.
The contractor will use Standard Operating Procedures (SOPs) provided by DOJ to provide Vulnerability Assessment and Penetration Testing (VAPT), and develop/provide an integrated cyber response. Vulnerability assessments are crucial to securing the Federal Information Processing Standard (FIPS) 199 defined confidentiality, integrity, and availability (CIA) impact value of information processed on DOJ information systems. Vulnerability assessments seek to limit the vulnerability of information systems to adversary actions and to prevent the interference of information flow. Vulnerabilities are considered any process, policy, procedure, hardware or software exploit, or network design flaw that can degrade an organization’s ability to secure the CIA of information.
Specific contract tasks will include:
- Program Management Support
- Defensive Posture Assessment
- Cyber Threat Intelligence
- Cyber Threat Analytics/Cyber Hunt Team
- Cloud Security Monitoring/Cloud Security Analytics
Full information and instructions are available here.