This Solicitation opportunity from Government of Canada was posted on December 23, 2024. The submission period has ended. Browse the details below for market research, or find similar active opportunities.
Managed Security Services Provider
Closed
202409005CanadaSubmission Closed
Contract Overview
Solicitation details, issuing organization, response deadlines, documents, and interested companies for this government contract opportunity.
General Info
Agency
Government of Canada → VIA Rail Canada Inc.View Agency
NAICS
N/A
Place of Performance
CANSet-Aside
NONE
Documents
(0)AI Contract Breakdown
Uniform Contract FormatNo contract breakdown available.
Cannot generate Contract Breakdown because no documents were found from this contract's source.
Timeline
PhaseClosed
Submission Closed
Organization & Contact Information
Show more
AgencyGovernment of Canada → VIA Rail Canada Inc.
Contacts1 person available
OfficeN/A
Office AddressN/A
Contacts
Full Description
Show more
The VIA Information Technology (IT) department would like to select an IT Managed Security Services Provider (MSSP) to manage a portfolio of VIA’s for Security Event Monitoring, Incident Detection and Response activities.
Mandatory Requirements:
Official Languages
The Proponent must provide fluent written and verbal support for the MSSP solution in both official Canadian languages (English and French), according to the language of choice of VIA’s requester.
2.Experience
The Proponent must have minimum five (5) years of experience providing Managed Security Services for clients in Canada and/or US with hybrid IT infrastructure (on-premises and cloud) of similar scale and complexity to VIA and; A minimum of three (3) references must be provided for VIA to contact and; One (1) of the references must be in the transportation or railway industry.
3. Access to Solution Dashboard
VIA requires access to the solution’s dashboard and customer portal. The Proponent will provide VIA with read-only access to all solutions provided as part of the services. Visibility of what’s going on in the environment. Single point interface to access the status of the services.
Security Operations Center (SOC)
Proponent must have an established and functioning SOC at one or more facilities in Canada and/or US that it owns or leases for monitoring and assessing services for active clients 24 X 7 X 365.
Threat Intelligence
Proponent must demonstrate ability to perform research or obtain access to high quality threat intelligence that implicates Canadian Government, Crown Corporation, Transportation industry, or North American critical infrastructure contexts.
6. Security Professional Services
Operate a credible Professional services practice that includes SOC analysts, security strategy & planning, compliance & auditing, policy assessment & development, testing, breach & incident response, forensics, threat intelligence & research team and more.
Security Certifications
Within six (6) months of the transition and onboarding date, the Supplier shall either conduct or certify that it has engaged nationally recognized external auditors to perform an SSAE 18 SOC 2 Type I audit. This audit will include applicable Trust Services Principles—Security, Availability, Processing Integrity, Confidentiality, and Privacy—or an equivalent audit agreed upon at VIA's discretion, covering the Services, the Supplier's portion of the Solution, and the locations from which the Services are provided.
The Supplier will also ensure that an SSAE 18 SOC 2 Type II audit (or an equivalent agreed upon by VIA) is conducted annually, covering the same Trust Services Principles as applicable, along with the Services, the Supplier's portion of the Solution, and the relevant sites providing the Services.
Service Management and Ticketing
Proponent must use (or integrate with) VIA’s IT service management and ticketing solution (ServiceNow) for incident management and response activities, before end of transition period.Bidding and Documents are available on http://www.merx.com. Fees may apply; See https://www.merx.com/public/pricing for more information.
