Active

Contract Opportunity

Procurement Technical Assistance Centers (PTACs) are an official government contracting resource for small businesses. Find your local PTAC (opens in new window) for free government expertise related to contract opportunities.

This sources sought notice is being provided in DRAFT format. The DRAFT Performance Statement of Work is under internal review and is being edited. This is not a request for proposal. The U.S. Department of State anticipates releasing the final solicitation and attachments within the next three weeks. Place(s) of Performance: The work will be performed at the Department of State, and Department of State annexes in Washington, DC metro area. Period of Performance is for a base year plus four option years. Contract Type is Time and Material with Labor Hour and Fixed Hourly rates, Single-Award IDIQ Conttract. The forthcoming solicitation intends to be established as Single-Award, Indefinite Delivery Indefinite Quantity (IDIQ) contract.

Draft Performance Work Statement - SYSTEMS OPERATION AND SECURITY SUPPORT

U.S. DEPARTMENT OF STATE

REQUEST FOR PROPOSAL

SYSTEMS OPERATION AND SECURITY SUPPORT

U.S. Department of State, Global Talent Management (GTM), Executive Office (GTM/EX)

SECTION 1 – GENERAL INFORMATION

1. BACKGROUND

The Department of State, Bureau of Global Talent Management has a requirement for a contractor to provide systems operation and security support services for GTM-managed applications.

1. TYPE OF CONTRACT

The Department of State (DoS) intends to award a competitive 8(a) Time & Material, (IDIQ).

1. PLACE OF PERFORMANCE

The work will be performed at the Department of State, 2401 E Street, NW, Washington DC Annex Site (SA-1) or other program office approved work sites/annexes in the Washington DC area.

1. PERIOD OF PERFORMANCE

Base and four (1) year option periods.

SECTION 2 – STATEMENT OF WORK

1. PURPOSE

The purpose of this Statement of Work (SOW) is to convey the requirements of the Department of State (DoS), Bureau of Global Talent Management Executive Office (GTM/EX), to obtain an experienced and qualified Contractor to provide the following support services

• Information Assurance


• Information Technology (IT) Security


• Network Monitoring


• Program Management Support


• IT Infrastructure and Application Architecture


• System Administration


• Business Analysis

The Bureau of Global Talent Management’s Executive Office (GTM/EX) is responsible for the development and follow-on maintenance of IPMS, including new technology in support of the Department’s global talent management requirements, as well as database administration, operations help desk, and network infrastructure. The Bureau provides technical support to multiple Department locations and posts worldwide, with a total population of approximately 32,000 American direct-hire employees and 47,000 locally employed (LE) staff and others under Chief of Mission (COM) authority.

1. SCOPE

Information Assurance and IT Security: The contractor shall provide Security Controls to assess, implement and monitor security controls across all GTM/EX systems across all environments. Security Implementation services shall include:

• Preliminary risk analysis


• Vulnerability assessments


• application scanning for the purpose of identifying vulnerabilities


• remediation coordination


• STIG and Diplomatic Security (DS) Configuration guide compliance


• continuous diagnostics and mitigation (including the regular collection of metrics)


• log management


• Status reports, and writing security documentation


• Develop and conform to System Access and Segregation of Duties procedures that meet Department and federal requirements and recommendations


• Support the completion of required Annual Control Assessments, Contingency Plan Tests, and Privacy Impact Assessments for all Bureau systems


• Provide security functional support and expertise in the Department’s RMF toolset (Xacta), common cloud technologies (Azure, AWS, ServiceNow, FedRAMP)


• Develop and support SOPs to ensure coordination with the Bureau’s Configuration/Change Management processes ad procedures to ensure that all system changes are documented and approved

The contractor shall provide security support to ESD through the following daily activities:

• Monitor, analyze, and maintain the health of the network security operations systems. The contractor must respond to events and alerts generated by these systems


• Keep abreast of security-related vulnerabilities and exploits. The result of this continuing education is that the security operations architecture be kept up to date with the latest relevant signatures. This knowledge may also require the contractor to write custom signatures from time to time


• Respond to tickets, emails and verbal reports of security vulnerabilities. In addition, the contractor must be responsible for remediating those vulnerabilities. Remediation in this context refers to validation, incident response, awareness and reporting

The contractor shall provide operations and administration services associated with providing a stable IT infrastructure and to effectively and efficiently perform procedures to ensure the services meet Service Level targets and requirements.

The contractor shall provide the following Information Assurance strategic and tactical services in additions to daily support services.

• Security Planning & Analysis: The contractor shall provide Security Planning and Analysis Services. These activities are associated with research of new technical trends, products and services, such as hardware components, System Software, and Networks that offer opportunities to improve the efficiency and effectiveness of the Security Services. Security Planning and Analysis Services can also help support competitive business advantage and mitigate risks by reducing defects and improving the quality of security.


• IA Requirements Definition: The contractor shall provide Requirements Definition Services which are activities associated with the assessment and definition of security requirements that also comply with regulatory and DoS policies. These requirements drive the technical design for the environment.


• Design Specifications: The contractor shall provide Design Specification Services that are associated with translating End-User and information System requirements into detailed technical specifications.


• Environment and Facilities Support: The contractor shall provide Environment and Facilities Support Services associated with maintaining environmental requirements in connection with security services at DoS facilities.


• Firewall Management: The contractor shall provide Firewall Management Services to include firewall engineering and management and access control list engineering and management in compliance with DoS and Diplomatic Security (DS) policies and standards.

Network monitoring: The contractor shall provide Administration for the network infrastructure (load balancers, firewalls) that pertain to supporting the HR application environments (development, testing, Production). The contractor shall system performance monitoring and reporting to ensure that all hardware, operating system, database, and HR application components perform to their target performance levels. Contractor personnel shall provide ongoing infrastructure management support in the following areas:

• Hardware: perform troubleshooting to isolate workstation or server connectivity issues and problems in a multiple domain environment and provide all phases of support for the infrastructure equipment.


• Software: install approved software on multiple platforms and perform software application troubleshooting.


• Technical Support: provide daily monitoring of the network infrastructure, and immediate support in problem determination and resolution.


• Problem Reporting and Consultation: assist end-user in resolution of hardware and software problems that includes first and second tier problem support for the infrastructure, severity one outages, and LAN configurations issues.

The contractor shall develop standard operating procedures (SOP) and documentation and maintain the currency of all system documentation. The contractor shall conduct research and recommend the acquisition and lead the installation and use of automated network monitoring solutions to ensure high availability of all networks used by HR applications.

Program Management Support: The contractor shall deliver program support and project management services and plans for managing the technical approach, organizational resources and management controls to be employed that will meet the cost, performance and schedule requirements throughout the project. These services will manage the projects and changes to project or product scope. For software development projects, the contractor should always consider the use of an agile/iterative development methodology and adhere to the applicable PMI guidelines/standards commensurate with the size, scope and complexity of the task requirements. The program support services include but is not limited to the following:

• Project management using Agile methods


• Scope management


• Requirements management


• Schedule management


• Cost management


• Quality management


• Process improvement

IT Infrastructure and application architecture: The contractor shall provide IT infrastructure, network, cloud, application, and IT Security Architecture Services for technical consulting support, conduct research, and recommendations for alternate approaches, architectures, or tools to increase systems performance, reduce costs, and maximize resource usage, secure systems and migrate to cloud. The contractor shall also provide expert guidance and consultation about alternative solutions and methodologies, technologies, techniques, tools, database management and standardization, interface processes, algorithms, and system assurance

System Administration: The contractor shall provide system administration services for the various environments that includes systems monitoring and support, virtualization management, performance monitoring and reporting. Support to track, install, configure, test, and deploy COTS, database, and operations systems patches. The contractor shall provide systems management and technical troubleshooting support for various operating systems used at GTM/EX (Linux, UNIX, Windows, etc.) The Contractor shall provide support with operating system installation, configuration and maintenance; hardware configuration design, installation assistance and patch maintenance support; COTS product installation, configuration and maintenance; management of backup utilities; and Storage Area Network (SAN) administration. The Contractor shall:

• Perform system/application diagnostics through the use of Government-provided maintenance tools to ensure availability and to provide a notification vehicle of problems to administrators.


• Provide monthly system metrics to include CPU and memory utilization, system availability, I/O trends and disk utilization statistics.


• Provide trending charts to graphically depict useful trends in order to make informed business decisions.


• Reallocate system resources as necessary, optimize systems performance, and recommend additional components to improve overall performance.


• Maintain the integrity of system baselines and provide audit checks of all systems and backups.


• Maintain account management, control network rights, and access to systems and equipment.


• Maintain Continuity of Operations (COOP) documentation and complete COOP testing as scheduled.


• Participate in the evaluation of new products and develop requirements documents and criteria spreadsheets as required.


• Deliver (when appropriate) implementation plans that provide a detailed approach taken when implementing new systems and/or capabilities.


• Provide expertise and support for the creation, updating, and maintenance of scripting of common system administration tasks on IPMS operating system platforms to provide automation of such tasks.


• Support Configuration Management policies and procedures to ensure that all changes are approved prior to implementation and system baselines are maintained and updated, with notification of unapproved changes provided to management and security officers.


• Ensure knowledge and expertise in cloud and DevOps methodologies including Containers, Kubernetes, and DevSecOps pipelines.


• Provide full support for patch management of system technologies, including providing a risk assessment of any vendor patches.


• Develop a Standard Operating Procedure, in conjunction with Configuration Management, for remediation of vulnerabilities in the required timeline based on federal requirements (including Binding Operational Directives), Department policies, and technical recommendations (including NIST Special Publications).

Business Analysis: The contractor shall provide business analysis services to achieve a common understanding of the business need and potential impact and conduct feasibility studies and/or return on investment calculations for new projects/systems. Business analysis services includes documenting the current and proposed business processes and analyzing the difference between the two. The contractor shall develop/prepare concept of operations for proposed new system. This includes requirements definition to understand the system needs and the best path to achieve those needs. The contractor shall Prepare SDLC documentation in accordance with the HR PMO process, including but not limited to concept of operations, requirements specifications, and other intellectual property and documentation artifacts. The contractor shall provide these business analysis services to identify, analyze, specify and document the business, operational, and security requirements of the project so that the solution meets HR’s needs. Business analyst may be required to support software deployment and release activities to ensure solutions are implemented as designed. Business analysts may also review and analyze the current solution features and specifications to determine what changes, if any, are needed to accommodate the new requirements.

Attachments/Links