Notice ID 36C10B22Q0433
The VA OIS CSOC is responsible for identifying indicators of adversarial presence on the VA network on a 24/7/365 basis via maintaining an understanding of the motivations, tactics, techniques, and procedures of cyber adversaries. If a loss of confidentiality, integrity, or availability has occurred, VA OIS CSOC moves to disrupt the adversary’s activities through containment, mitigation, and eradication. The VA OIS CSOC performs independent verification and validation of VA’s cyber security posture, performs cyber-related reporting to outside Agencies, and leads Departmental efforts to prepare for and defend against emerging and imminent threats. There are 5 functional areas that support the VA OIS CSOC with Cyber Threat Intelligence (CTI) being the core of operations:
- Cyber Threat Intelligence…
- Cyber Technical Services…
- Cyber Incident Response…
- Cyber Security Analytics…
- Cyber Business Intelligence…
These core functions directly map to the NIST Cybersecurity Framework.
OIS CSOC has a new requirement to improve VA’s efforts to identify, determine, protect, detect, and respond to the ever-evolving threat landscape and satisfy mandates as issued in Executive Order 14028 (Improving the Nations Cybersecurity); as such, the tasks identified in this PWS were developed by OIS CSOC to meet these challenges and sustain the security of the VA enterprise network. These initiatives will significantly increase the effectiveness and efficiency of cybersecurity network monitoring, incident response management, and cybersecurity analysis…
3.0 SCOPE OF WORK
The Contractor shall provide Project Management, Cybersecurity Incident Response Operationalized Analytics, Cybersecurity Detection Analytics (CDA), Cybersecurity Orchestration Automation Response (SOAR), OIS CSOC Security Tools & Technology, and Cybersecurity Key Performance Indicators (KPI) and Operational Metric support to VA OIS CSOC.
The Contractor shall provide comprehensive information and Cybersecurity support services to the VA OIS CSOC to assist in developing and providing enterprise-wide information and cybersecurity and network defense services, as aligned with the VA OIT, security configuration and interoperability of VA OIS CSOC managed tools/ devices and information security and privacy goals; in accordance with identified service level agreements.
The Contractor shall perform the following optional task(s) if the Government exercised the task(s):
- Optional Task One: Cybersecurity Program Acquisition Automation
- Optional Task Two: Task Order Close Out Meeting
