NIH automated biomedical office teases small biz cybersecurity contract

Gorodenkoff/Getty Images

The National Center for Advancing Translational Sciences is on the hunt for a small business contractor to provide cybersecurity services.

A component of the National Institutes of Health tasked with using automated biomedical experimentation to develop diagnostics and therapeutics for a range of diseases is looking for cybersecurity services in a new proposed contract. 

In a sources sought request issued Tuesday, the National Center for Advancing Translational Sciences detailed its intent to issue a fixed-price contract for a range of cyber services from small business providers. 

NCATS aims to speed up the time it takes to develop new drugs and treatments—which can take up to 10 to 15 years to bring to market—by utilizing automated technology and methods of conducting experiments with fewer resources. 

As such, the center possesses a wealth of data, ranging from protected health information and personally identifiable information to proprietary and procurement data that it seeks to keep secure across its information technology environment. 

"Though automated systems reduce the need for human labor, the systems and labs are not entirely self-sufficient," the notice said. "This contract seeks to augment the workforce responsible for the day-to-day operation of robotics and systems, as well as the infrastructure necessary to achieve top quality results."

The anticipated contract would support NCATS’ Cyber Security Services division, while also providing services to programs like the Rare Disease Clinical Research Network and the Clinical Translational Science Awards Program Network that include government and commercial cloud environments.

NCATS anticipates a contract with a one-year base period and two one-year options covering a range of services, including information security and privacy policy support like continuous monitoring, security engineering services, training services, audit management and support and security operations support. 

The proposed contract would also include cybersecurity functions like security engineering; penetration testing; forensics, malware analysis and advanced hunting; compliance monitoring; incident management; cyber threat intelligence and information sharing; and secure application development services.

The statement of work goes on to say that the contractor will provide support services through a fixed-price task order awarded concurrently with a parent indefinite delivery/indefinite quantity contract.

Interested contractors have until 9 a.m. EST on March 20 to respond.