CIO Microsoft Sentinel Implementation FY26
Contract Overview
Solicitation details, issuing organization, response deadlines, documents, and interested companies for this government contract opportunity.
AI Contract Overview
This sources sought notice, identified as W91QF026QA015 and titled CIO Microsoft Sentinel Implementation FY26, is issued by the Department of Defense’s W6QM Micc-Carlisle Barracks to gather market interest for the procurement of highly specialized commercial professional services aimed at designing, implementing, and operationalizing the Microsoft Sentinel platform for the Army University. The requirement centers on establishing a fully functional Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) system integrated with Microsoft 365 A5 licensing, requiring expert-level knowledge of the DoD’s security and compliance environment. The contractor must successfully onboard approximately 350 endpoints and all mandated M365 data sources with a minimum 98% ingestion success rate while ensuring full compliance with NIST SP 800-53 security controls and OMB M-21-31 Event Logging Tier 2 maturity standards. All work must be delivered remotely, with no physical delivery or on-site presence required, and the contractor must provide comprehensive as-built documentation and formal training to ensure government self-sufficiency. The vendor must be a registered Microsoft Solution Partner and Tier-1 Cloud Solution Provider, actively registered in SAM.gov, and demonstrate proven experience with DoD, federal compliance frameworks, and Microsoft Sentinel in enterprise cloud or hybrid environments. The offeror must submit a statement of interest and supporting documentation by the July 8, 2026 deadline to demonstrate technical capability and compliance with stringent personnel qualifications. Proposed key personnel must meet mandatory experience thresholds including three years of IT or cybersecurity project management leadership, two years of hands-on Microsoft Sentinel architecture and tuning, and direct experience implementing OMB M-21-31 event logging. Each individual must hold at least one active certification—SC-100, SC-200, or CISSP—and maintain DoD 8570.01-M baseline certifications throughout performance. All personnel require signed NDAs submitted at least 10 days before work begins and must complete annual DoD Cyber Awareness Challenge and OPSEC Level I training. The Government will conduct full documentation review, including 100% inspection of deliverables, design artifacts, and personnel credentials using a Quality Assurance Surveillance Plan. Evaluation will follow Low Price Technically Acceptable procedures under FAR 15.101-2, where only technically acceptable offers will be considered, with award going to the lowest-priced submitter
General Info
Agency
NAICS
Place of Performance
PA, 17013, USASet-Aside
Timeline
Response Deadline
Organization & Contact Information
Full Description
This is a SOURCES SOUGHT NOTICE only. Interested vendors may submit a statement of interest & documentation of their capabilities to the provided contact email.
This requirement is for the procurement of highly specialized commercial professional services to design, implement, and operationalize the Microsoft Sentinel platform. These services require intimate and expert-level knowledge of USAWC's specific Microsoft 365 A5 licensing and security configuration.
The critical performance requirements for this acquisition center on the successful implementation of a fully operational security platform. The contractor must design a system that complies with NIST SP 800-53 and OMB M-21-31 event logging mandates. The contractor shall successfully onboard approximately 350 endpoints and all specified M365 data sources, ensuring at least a 98% data ingestion success rate. The contractor must also deliver comprehensive training and "as-built" documentation to ensure Government self-sufficiency.
Please see attached documents for further details.
