OPM CISO Seeking a Small Business to Help Monitor Agency Cybersecurity

The Office of Personnel Management is looking for a vendor to support its cybersecurity efforts with additional security monitoring and program support.

The government’s human resources agency is no stranger to cybersecurity issues, including the high-profile 2015 hack of its servers that saw the theft of sensitive personal information on more than 21 million Americans—including all current and former federal employees and anyone who applied to work in the federal government.

OPM released a request for proposals in December seeking an 8(a) small business contractor to support its Tier II and Tier III security operations center with year-round, 24/7 monitoring; Tier II and Tier III server and application monitoring; and support for ongoing program initiatives directed by the chief information security officer. These services would extend across more than 1,000 servers and about 10,000 users and their devices.

According to a question and answer document, OPM’s security center handles upward of 60,000 critical tickets per year.

Proposals were originally due Wednesday. However, OPM updated the pricing worksheet and extended the bid deadline to Jan. 14.

In the solicitation, OPM stresses it is more interested in high-quality services than bargain pricing.

“The government is more concerned with obtaining superior performance capability than lowest overall cost,” the RFP states. “The government will not make an award at a significantly higher overall cost to achieve only slightly better performance. Overall cost to the government may become the ultimate factor for award of a contract as quotes become more equal based on other factors.”

The contract will run for five years, with a one-year base period and four one-year options.