Specifications include, but are not limited to: It is the City’s intent to select a Managed Security Service provider (MSSP) that can demonstrate solid experience in delivering information security solutions that improve network security, strengthen governance, and support regulatory compliance. The proposal should include proactive security monitoring services, vulnerability assessment, penetration testing services, and comprehensive risk management reporting for two distinct City network environments. Implement a security operations center (SOC) and a security information and event monitoring (SIEM) solution. Implement real time data analysis and alerting of security events on the City’s networks. Perform regular security assessments using industry accepted vulnerability scanning and penetration testing technology and methods. Provide automated compliance reporting that can be utilized for periodic audits. Participate in quarterly reviews covering the City’s overall cyber security plan and overall system health.
