The Department of Homeland Security (DHS) is putting together a single contract vehicle that will award multiple vendors to manage DHS’ 17 unclassified security operations centers (SOCs).
In a request for information (RFI), DHS details the requirements for professional cybersecurity staff for operating DHS SOCs, including Enterprise SOCs (ESOCs) and Component SOCs. According to the RFI, each awardee will be capable of delivering a full scope of services, and optional tasks will be identified on each award so each SOC can contract only for services that apply to their missions.
Among the core required services are: network monitoring and security event analysis; email security monitoring and analysis; computer security incident response and management; vulnerability assessment; security engineering; cyber intelligence support; intrusion analysis; and continuity of operations for SOC services. Those services will fall under six core functions, including:
- SOC Operations Services;
- SOC Service Delivery Management;
- Management Control;
- SOC Architecture, Engineering, Operations, and Maintenance;
- Acquisition Support; and
- Cybersecurity Communications and Coordination.
The RFI states that a lack of qualified personnel to meet staffing requirements for operations often leads DHS to turn to contractors to fill the gaps. “DHS has insufficient numbers of qualified cybersecurity professionals among its Federal government workforce to staff its SOCs and requires contract personnel to staff its cybersecurity operations and operate its SOCs,” the RFI states.