DHS Wants Industry Input on Security Operations Centers Staffing

Under the auspices of the EAGLE Next Generation (Next Gen) Program that focuses on effectively and efficiently addressing the Department of Homeland Security’s (DHS) diverse information technology (IT) service needs, DHS is seeking information and comments from industry concerning the attached draft statement of work related to approaches for providing cybersecurity staff services for the operation of DHS Security Operations Centers (SOCs). DHS defines SOCs as being facilities where enterprise information systems (web sites, applications, databases, data centers and servers, networks, desktops and other endpoints) are monitored, assessed, and defended. SOCs are responsible for ensuring that potential cyber security incidents are correctly identified, analyzed, defended, investigated, and reported. Detection response time is critical to this effort.

The Department of Homeland Security (DHS) has a complex and demanding mission. To assist in meeting that mission, DHS needs robust and effective information systems. It also needs to protect those systems from cyber threats posed by nation states and criminal enterprises. This RFI will provide useful information on industry opinion regarding approaches for obtaining staff support for SOC operations in Government facilities.

DHS currently operates SOCs located in the National Capital Region and in other locations within the continental United States. Past practice has been for each SOC to contract independently for staff support services for its operations. A variety of contracting vehicles has been used to acquire these services.

The cybersecurity services that DHS will require to support the operation of its SOCs include but are not limited to the following:
• Monitoring and Analysis (7x24x365)
• Email Monitoring
• Network Traffic Monitoring
• Attack Sensing & Warning
• Asset Discovery and Management
• Web and Communications Log Capture & Analysis
• Trend Analysis & Correlation
• Digital Media Analysis
• Malware Analysis & Reverse Engineering
• Penetration Testing
• Cyber Threat Intelligence
• Communications and Coordination
• Pattern Analysis
• Vulnerability Assessment
• Incident Response, Mitigation, Remediation, and Recovery
• Cybersecurity Infrastructure Architecture & Engineering
• Cybersecurity Infrastructure Operations, Maintenance, and Administration
• Cybersecurity Application Development, Deployment, & Integration
• Insider Threat Hunting
• Cybersecurity Program Management

Individual SOCs will only acquire those services deemed necessary to support their specific missions.

In May of 2018, DHS issued an RFI (70RTAC-18-RFI-SOC-MSP) in order to identify vendors with the capability to act as Managed Service Providers (MSPs) to DHS SOCs. This RFI is a result of a change in approach to obtaining future cybersecurity support services for DHS SOC operations.

Read more at FedBizOpps

DHS Green-Lights Third Iteration of FirstSource IT Contract Vehicle

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

SIGN UP NOW for FREE News & Analysis on topics of your choice across homeland security!

BEYOND POLITICS.  IT'S ABOUT THE MISSION. 

Go to Top
Malcare WordPress Security