Computer Network Defense (CND): IT cybersecurity operations, engineering support services, and computer security operations services utilizing TSA\'s Security Operations Center (SOC).

The Transportation Security Administration (TSA)/Information Technology (IT)/Information Assurance and Cybersecurity Division (IAD) Computer Network Defense (CND) branch, has a requirement for the immediate delivery of IT cybersecurity operations and engineering support services. These services are necessary to protect and maintain the availability, integrity and confidentiality of the IT security and computer security operations services utilizing TSA’s Security Operation Center (SOC). 

This requirement ensures the continued execution of TSA/IT/IAD’s mission while combating ever evolving cyber threats and challenges. TSA requires support to achieve the following objectives:

1. Provide centralized security monitoring, analysis, alerting, and reporting, of all TSA Federal Information Security Modernization Act (FISMA) systems and boundaries;
2. Refine, implement, and provide recommend changes to the IAD’s Incident Response (IR) program;
3. Enhance and facilitate advancement of TSA’s strategic SOC maturity model;
4. Modernize and enhance the existing standardized log structure and format in order to provide a common language to support investigations;
5. Conduct on-going discovery and evaluation of TSA’s asset security posture;
6. Modernize and enhance, and create knowledgebase documents at the direction of Security Operations leadership (TSA SOC); and
7. Provide Operations and Maintenance (O&M) for IAD tools within the CND Enterprise.

NOTE: Complete Tables 1 and 2 in the Sources Sought_Computer Network Defense_3.31.2022 attachment. Responses must be sent to BOTH points of contact identified within this attachment.