The scope of this solicitation is the management of a Security Operations Center (SOC) that performs 24/7/365 comprehensive monitoring for advanced cyber threats across on-premises networks, cloud environments, SaaS applications, endpoints, and event logs. The SOC will conduct threat hunting activities in logs to improve detection capabilities and find anomalies that are not automatically detected. The SOC will monitor tactics and techniques based on the MITRE ATT&CK Cybersecurity framework. When an investigation cannot be ruled out as a false positive the analyst will escalate Security Event Notifications to the organization. The solicitation includes two modules: 1) Use the LAUSD SIEM/SOAR technology stack; 2) Using the contractors SIEM/SOAR solution. Proposer may respond to one or both modules. The proposals must include provision for hardware, software, and on-going maintenance and support services for the Los Angeles Unified School District (LAUSD).
