Cyber Security Support Services
ID: NOF-0008Type: Sources Sought
Overview

Buyer

HOUSING AND URBAN DEVELOPMENT, DEPARTMENT OFHOUSING AND URBAN DEVELOPMENT, DEPARTMENT OFCPO : RESEARCH AND COMMUNITY SUPPORWASHINGTON, DC, 20410, USA

NAICS

Administrative Management and General Management Consulting Services (541611)

PSC

IT AND TELECOM - APPLICATION DEVELOPMENT SOFTWARE (PERPETUAL LICENSE SOFTWARE) (7A20)

Set Aside

8(a) Sole Source (FAR 19.8) (8AN)

Original Source

https://sam.gov/opp/bad4184002964be4b4642389050d71b8/view
Timeline
    Description

    The Department of Housing and Urban Development (HUD) is seeking qualified contractors to provide Cybersecurity Support Services for its Office of the Chief Information Security Officer (OCISO). The primary objective is to enhance HUD's cybersecurity capabilities through comprehensive program management, security architecture, governance, risk compliance, and incident management, while transitioning to a Zero Trust architecture. This initiative is crucial for safeguarding HUD's information systems against evolving cyber threats and ensuring compliance with federal regulations. Interested parties must submit their capabilities by September 12, 2024, with an anticipated budget of approximately $38 million for a contract term of 12 months, which may include two one-year extensions. For further inquiries, contact Dwayne E. Gist at dwayne.e.gist@hud.gov or David Cruz-Mota at david.o.cruz-mota@hud.gov.

    Files
    Title
    Posted
    Draft RFI CyberSecurity (1).pdf
    The Department of Housing and Urban Development (HUD) is conducting market research to acquire Cybersecurity Support Services for its Office of the Chief Information Security Officer (OCISO). The goal is to enhance HUD's cybersecurity program management, security architecture, and operational frameworks through a proactive approach to safeguarding its information systems. Key focus areas include governance, risk, and compliance, vulnerability management, and the establishment of a Security Operations Center (SOC). Interested parties must submit information regarding their capabilities by 9/12/2024. The findings will guide HUD in determining procurement methods, potentially setting aside contracts for small businesses. The effort follows the evolving cyber threat landscape, aiming to implement a comprehensive strategy, update existing policies, and provide sustainable cybersecurity practices, including the transition to a Zero Trust Architecture. This initiative has a contemplated budget of approximately $38 million and will be executed remotely with occasional onsite requirements. The project reflects HUD's commitment to establishing a robust and agile cybersecurity infrastructure to protect its operations and the public effectively.
    Performance Work Statement.pdf
    The U.S. Department of Housing and Urban Development (HUD) seeks to modernize its cybersecurity posture under the Office of the Chief Information Security Officer (OCISO). The objective is to enhance cybersecurity capabilities through a comprehensive transformation involving program management, security architecture, governance, risk compliance, and incident management. The initiative follows previous assessments to identify vulnerabilities and improve existing processes. Specific goals include establishing a robust security architecture, a data security program, and an Identity, Credential, and Access Management (ICAM) program, along with implementing a Zero Trust architecture and supply chain risk management. The contractor will be responsible for conducting assessments, developing policies, and providing training to bolster overall cybersecurity readiness. The project is structured into phases, with defined performance metrics to evaluate success, compliance with federal regulations, and ongoing adjustments based on identified needs. The overarching aim is to complete essential milestones of Executive Order 14028 to secure HUD’s information systems effectively, ensuring the department can meet its mission while operating in an increasingly complex cyber threat landscape. The expected contract term is 12 months with two potential one-year extensions.
    Lifecycle
    Title
    Type
    Cyber Security Support Services
    Currently viewing
    Sources Sought
    Similar Opportunities
    DHS Cybersecurity Readiness Evaluation Factor
    Active
    Homeland Security, Department Of
    Special Notice: Homeland Security, Department of is seeking Cyber Hygiene services. Cyber Hygiene clauses were incorporated into DHS contracts in 2015 to ensure contractor compliance with cyber standards and protections. The department is now conducting a pathfinder effort to assess industry compliance with these requirements. A self-assessment questionnaire will be released to a subset of existing DHS vendors to gather data on cyber hygiene risk. This assessment will guide future program development and improve the department's cyber posture. The goal is to protect the Homeland and strengthen the Cyber-Supply Chain Risk Management program. Collaboration with vendors is appreciated.
    Enforcement Case Support Services
    Active
    Housing And Urban Development, Department Of
    The U.S. Department of Housing and Urban Development (HUD) intends to award a sole source contract for Enforcement Case Support Services to Mark J. Mazz, AIA, LLC, aimed at enhancing compliance with federal accessibility regulations. The contractor will provide architectural expertise, including case support, onsite surveys, expert reporting, and consultation related to Voluntary Compliance Agreements (VCAs) and associated litigation matters. This contract, which spans one base year with an option for an additional year, is critical for addressing a backlog of accessibility investigations and ensuring equitable housing for individuals with disabilities. Interested parties must submit their capabilities in writing by September 26, 2024, to the designated contacts, Maureen Cameron and Nefertiti Winters, via email.
    USPS OIG Office of Chief Information Officer (OCIO) Support Services
    Active
    Postal Service
    The United States Postal Service's Office of Inspector General (USPS OIG) is seeking qualified suppliers to provide support services for the Office of the Chief Information Officer (OCIO). The procurement aims to establish multiple Indefinite Delivery, Indefinite Quantity (IDIQ) contracts to deliver essential services across various directorates, including Software & Data Engineering, IT Operations, IT Security, and Enterprise Services, with specific requirements defined at the task order level. This initiative is crucial for enhancing USPS OIG's operational capabilities through qualified partnerships, ensuring compliance with federal regulations and effective information management. Interested suppliers must submit their proposals by September 19, 2024, at 5 PM EST, with a minimum guaranteed contract value of $30,000 and a maximum ceiling of $60 million for the contract period from February 12, 2025, to February 11, 2030. For further inquiries, contact Robert John at rjohn@uspsoig.gov.
    NIOSH IT Services
    Active
    Health And Human Services, Department Of
    The Centers for Disease Control and Prevention (CDC) is seeking qualified vendors to provide Information Technology (IT) support services for the National Institute for Occupational Safety and Health (NIOSH) through a sources sought notice. The contract aims to enhance IT infrastructure, support scientific applications, and facilitate data sharing among interdisciplinary teams, with a focus on system maintenance, cloud infrastructure management, data security, and agile project management. This initiative is vital for advancing NIOSH’s mission and operational needs, with a contract period anticipated from August 1, 2025, to July 31, 2030. Interested parties must submit their capability statements by October 9, 2024, to Joseph Butkus at jbutkus@cdc.gov, as the government evaluates potential market capacity for this requirement.
    CISA FY25 Conference/Show Services
    Active
    Homeland Security, Department Of
    The Department of Homeland Security, specifically the Cybersecurity and Infrastructure Security Agency (CISA), is seeking contractors to provide comprehensive show services for various cybersecurity-related conferences throughout Fiscal Year 2025. The procurement includes essential services such as exhibit management, electrical support, material handling, signage, security, and internet services for events like the RSA Conference and Black Hat, which are crucial for enhancing national cybersecurity resilience and fostering partnerships across multiple governmental levels. The contract period spans from January 15, 2025, to September 30, 2025, with contractors required to adhere to performance standards and invoicing guidelines. Interested parties can reach out to Michael Bicio at michael.bicio@cisa.dhs.gov or Jason Hawkins at jason.hawkins@cisa.dhs.gov for further details.
    iCYLON Subscription Service
    Active
    Homeland Security, Department Of
    The Department of Homeland Security (DHS) is seeking to award a sole source contract for the iCYLON Subscription Service to iCYLON LLC, based in Tysons Corner, VA. This procurement aims to provide essential data integration services that are critical for DHS Law Enforcement and Intelligence Analysts in their efforts to combat transnational criminal activities, including drug trafficking and the misuse of sensitive technologies. The iCYLON service is uniquely qualified to meet the stringent requirements for comprehensive, searchable databases with international reach, which are vital for thorough criminal investigations. Interested parties can submit quotes via email to Contracting Officer Andrea Walker at Andrea.Walker@hq.dhs.gov, with the contract expected to cover a 12-month base period and two optional 12-month extensions, under solicitation number 70RTAC24Q00000098.
    CISA COCO Industry Day: CISA Enterprise Engineering and Operations Support Services (CEEOSS)
    Active
    Homeland Security, Department Of
    Sources Sought HOMELAND SECURITY, DEPARTMENT OF CISA COCO Industry Day: CISA Enterprise Engineering and Operations Support Services (CEEOSS) is a notice seeking information from potential vendors for the procurement of Enterprise Engineering and Operations Support Services for the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). This service is typically used to provide support and assistance in the areas of enterprise engineering and operations for CISA. The Industry Day event will provide an overview of the requirement and allow for industry feedback and recommendations. The event will be held virtually via Microsoft Teams on Friday, January 12, 2024, from 10:00AM to 11:00AM EST. The event will include a briefing on the draft Statement of Work (SOW) and a question-and-answer period. The current Task Order 70RCSJ23FR0000001 will be recompeted, with an increase in scope due to congressional acts and strategic priorities. Registration for the event will be provided at a later date. Please note that this Industry Day Notice is not a Request for Proposal (RFP) or an invitation for bid, and the Government does not intend to make an award based on this event.
    FEDERAL EMERGENCY MANAGEMENT AGENCY (FEMA) RESILENCE HAZARD MITIGATION TECHNICAL ASSISTANCE PROGRAM (HMTAP) NON-ARCHITECTURAL AND ENGINEERING (NON-A&E) SERVICES
    Active
    Homeland Security, Department Of
    The Department of Homeland Security, through the Federal Emergency Management Agency (FEMA), is seeking contractors to provide Hazard Mitigation Technical Assistance Program (HMTAP) services, specifically non-architectural and engineering services. The procurement involves the issuance of three Indefinite Delivery-Indefinite Quantity (IDIQ) contracts, each designated for different geographic zones across the United States, aimed at enhancing capacity for pre-disaster, during disaster, and post-disaster mitigation efforts. This initiative is crucial for supporting FEMA's mission to improve disaster resilience and compliance with environmental regulations, including flood risk management and assessments. Interested parties must submit proposals by August 19, 2024, with a total estimated funding amount of $1,583,902 for the project, and can direct inquiries to Amanda Lynn Long at amanda.long@fema.dhs.gov or Glen Seipp at glen.seipp@fema.dhs.gov.
    TikTok Notification to HUD Industry Partners
    Active
    Housing And Urban Development, Department Of
    Special Notice: HOUSING AND URBAN DEVELOPMENT, DEPARTMENT OF is notifying HUD industry partners about the "No TickTok on Government Devices Act." This act requires compliance from all HUD industry partners with active contracts. The service/item being procured is compliance with the act, which prohibits the use of TikTok on government devices. HUD industry partners are reminded to direct any questions or concerns to their assigned HUD contracting officer.
    Module Announcement; Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE)
    Active
    Health And Human Services, Department Of
    The Department of Health and Human Services, through the National Institutes of Health's Advanced Research Projects Agency for Health (ARPA-H), is soliciting proposals for the Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE) program, aimed at enhancing cybersecurity in hospitals. This initiative seeks to develop an integrated vulnerability mitigation platform that enables hospital IT teams to automate the detection and remediation of cybersecurity threats, thereby ensuring the continuity of patient care without necessitating additional staffing. The program is structured around four Technical Areas: Vulnerability Mitigation Platforms, Hospital Equipment Emulation, Automated Vulnerability Detection, and Automated Remediation Development, all designed to address the increasing cyber threats faced by healthcare facilities. Proposals must be submitted by 12:00 PM ET on October 2, 2024, via the ARPA-H Solutions portal, and all inquiries should be directed to ARPA-H Solutions through their designated website.