The Customs and Border Protection (CBP) Office of Information and Technology requires a contractor to enhance its Security Operations Center (SOC) Support Services, aligning with Executive Order 13800 to improve federal cybersecurity. The contractor must possess expertise in cloud-based security technologies and big data analysis to support detection, response, and reporting on IT security threats affecting CBP networks. Key responsibilities include continuous network monitoring, incident recovery, and managing access controls. The proposal must detail the company’s experience, SOC capabilities, security engineering services, and technology stack, alongside compliance with federal regulations. In addition, it should explain staffing strategies, incident response frameworks, service level agreements, metrics for performance evaluation, and approaches to scalability and cost structures. Overall, this RFP highlights CBP’s commitment to strengthening its cybersecurity posture by engaging a qualified contractor capable of delivering round-the-clock support, leveraging advanced technologies, and ensuring compliance with industry standards. The request reflects the importance of maintaining robust security measures to safeguard national interests amid evolving cyber threats.

The Customs and Border Protection (CBP) Cybersecurity Directorate is issuing a Request for Information (RFI) for Security Operations Center (SOC) Support Services, currently provided by the incumbent contractor, Leidos, Inc. The anticipated contract spans from September 24, 2025, to June 23, 2030, with a total estimated value of $250 million. This effort is a follow-on to previous task orders, specifically task order #70B04C23F00001108. The acquisition strategy is still under review, allowing for the possibility of new entrants to the field while assessing industry responses. Services for asset disposition, cybersecurity tools, and compliance with regulatory frameworks like NIST and MITRE are included in the scope. Staffing levels are projected between 75 and 125 full-time equivalents (FTEs) based on operational tempo. The document indicates that integration with existing tools and adherence to evolving cybersecurity standards are critical focus areas. Key expectations involve monitoring of various endpoints and systems, with an emphasis on maintaining security across CBP's network, including potential international operations. The contractor will be accountable for incident response coordination and is expected to adapt to both cloud-based and on-premises environments while utilizing CBP's existing cybersecurity infrastructure.

The Customs and Border Protection (CBP) Enterprise Services, through its Office of Information and Technology and Cyber Security Directorate, has outlined a Performance Work Statement for Security Operations Support Services, effective April 1, 2025. This initiative aims to enhance CBP’s cybersecurity posture by engaging a contractor to provide comprehensive IT Security Operations support. Key services include Program Management, Cyber Defense Forensics, Attack Sensing and Warning, Cyber Incident Response, Cyber Threat Intelligence, Cyber Risk Management, Security Modernization, Vulnerability Assessment, and other related supports, ensuring round-the-clock service. The contractor is expected to manage various tasks, from developing compliance reports and incident response initiatives to implementing advanced cybersecurity measures and training. The document emphasizes the need for a knowledgeable contractor capable of improving security operations and effectively managing risks, aligning with current federal cybersecurity frameworks and policies. This task order reinforces the government's commitment to maintaining secure information systems that protect national interests against evolving cyber threats.

The document outlines key instructions for the submission of responses to the Request for Information (RFI) regarding Security Operations Support Services (SOC). The RFI question period concludes on April 3, 2025, at 2 PM EDT, with responses due by April 10, 2025, at the same time. Interested parties must include "Security Operations Support Services (SOC) RFI response" in the email subject line when sending their submissions. All responses and attachments should be directed to John Marschall at the designated email address. This RFI serves to gather information from potential vendors for future procurement or collaboration in providing security operations support, highlighting the government's ongoing commitment to sourcing reliable partners for security services.

The Customs and Border Protection (CBP) Office of Information Technology (OIT) is issuing a Performance Work Statement (PWS) for Security Operations Support Services. This initiative aims to address evolving cybersecurity threats by employing a contractor to provide comprehensive IT Security Operations, ensuring the protection of CBP’s information systems. Key tasks include program management, cyber threat intelligence, incident response, and vulnerability assessments. The contractor will maintain 24/7 operations, offering specialized support across various cybersecurity domains, including forensics, risk management, and security engineering, with an emphasis on modernizing and enhancing security posture. Furthermore, the contractor will analyze current practices, introduce improvements aligned with federal cybersecurity frameworks, and facilitate compliance with numerous security standards. The project underscores CBP's commitment to safeguarding crucial national security information and responding effectively to emerging cyber threats, ensuring operational resilience and continuity of services.