Loren Data's SAM Daily™

SAMDAILY.US - ISSUE OF JUNE 14, 2024 SAM #8235
SOURCES SOUGHT

99 -- Department of Defense (DoD) Cyber Exchange (DCE) and DoD Cyber Training (DCT) Programs

Notice Date

6/12/2024 11:06:05 AM
 

Notice Type

Sources Sought
 

NAICS

611430 — Professional and Management Development Training
 

Contracting Office

IT CONTRACTING DIVISION - PL83 SCOTT AFB IL 62225-5406 USA
 

ZIP Code

62225-5406
 

Solicitation Number

832469866
 

Response Due

6/28/2024 1:00:00 PM
 

Archive Date

07/13/2024
 

Point of Contact

Kenric Phillips, Phone: 6184186736, Tara S. Simmons-Gulck, Phone: 3348193633
 

E-Mail Address

kenric.l.phillips.civ@mail.mil, tara.s.simmons-gulck.civ@mail.mil
(kenric.l.phillips.civ@mail.mil, tara.s.simmons-gulck.civ@mail.mil)
 

Small Business Set-Aside

SBA Total Small Business Set-Aside (FAR 19.5)
 

Description

The Defense Information Systems Agency (DISA) is seeking sources for Department of Defense (DoD) Cyber Exchange and DoD Cyber Training/ID23 CONTRACTING OFFICE ADDRESS:� Defense Information Systems Agency DITCO-Scott PL8331 2300 East Drive Bldg. 3600 Scott AFB, IL 62225-5406 INTRODUCTION: This is a SOURCES SOUGHT NOTICE to determine the availability and technical capability of small businesses (including the following subsets: Small Disadvantaged Businesses, Certified 8(a), Service-Disabled Veteran-Owned Small Businesses, HUBZone Small Businesses and Woman-Owned Small Businesses) to provide the required products and/or services. The Defense Information Systems Agency (DISA) is seeking information from potential sources for: the Department of Defense (DoD) Cyber Exchange (DCE) and DoD Cyber Training (DCT) programs. DCE is chartered in accordance with DoDI 8500.01 Cybersecurity and the Office of Management and Budget Circular A-130 as the DoD knowledge repository for cybersecurity related policy, guidance, and information. DCE provides one-stop access to cyber information, policy, guidance, and training for cyber professionals throughout the DoD, and the general public on three distinct enclaves/classification levels, DCE Public, DCE NIPR, and DCE SIPR. DISA leverages the Federal Risk and Authorization Management Program approved Cloud Service Provider under the Infrastructure as a Service model. The DCE maintains an Authorization to Operate (ATO), for each of the 3 environments listed above from the DISA Authorizing Official (AO) in accordance with the DoD Risk Management Framework (RMF). DCE currently hosts over 45 content areas and processes 300 content owner/user requests per month to the three websites. In addition, System Admins and System Engineers, and ISSOs operate, maintain, and secure the three websites, including the ongoing preparation, submission, and maintenance of 3 ATOs. The DCE requires labor for the following functions: Webmaster/Content updates, System Administrator, System Engineer, Information Systems Security Officer (ISSO), Customer Support/Help Desk. Experience with WordPress, Amazon Web Services (AWS), Risk Management Framework (RMF), Authority to Operate (ATO) is highly desired. The DCT program requires labor for the following functions: Cyber Training Developers and Registrar. Experience with SCORM/xAPI, Adobe Captivate or similar e-learning authoring tools, SharePoint, 508 Compliance is highly desired. Contractor labor is needed to develop and update cyber training and register students as listed: �Cyber role-based training aligned to the DoD Cyber Workforce Framework (DCWF), Cyber Awareness Challenge, Cybersecurity awareness training courses, DISA Cybersecurity Awareness Campaign, and Registrar services for Cyber training courses. The anticipated Period of Performance is: Base Period w/ six-week transition period:� June 2, 2025 � June 1, 2026 Option Year One:� June 2, 2026 � June 1, 2027 Option Year Two:� June 2, 2027 � June 1, 2028 Option Year Three:� June 2, 2028 � June 1, 2029 Option Year Four:� June 2, 2029 - June 1, 2030 The anticipated Place of Performance is at the vendor�s location with some positions requiring access to Defense Information Systems Agency Headquarters, Fort Meade, MD 20755. DISCLAIMER: THIS SOURCES SOUGHT NOTICE IS FOR INFORMATIONAL PURPOSES ONLY. THIS IS NOT A REQUEST FOR PROPOSAL.� IT DOES NOT CONSTITUTE A SOLICITATION AND SHALL NOT BE CONSTRUED AS A COMMITMENT BY THE GOVERNMENT.� RESPONSES IN ANY FORM ARE NOT OFFERS AND THE GOVERNMENT IS UNDER NO OBLIGATION TO AWARD A CONTRACT AS A RESULT OF THIS NOTICE.� NO FUNDS ARE AVAILABLE TO PAY FOR PREPARATION OF RESPONSES TO THIS NOTICE.� ANY INFORMATION SUBMITTED BY RESPONDENTS IS STRICTLY VOLUNTARY. CONTRACT/PROGRAM BACKGROUND: Contract Number: GS35F007BA Task Order: HC102820F0730 Contract Vehicle: GSA�s IT Schedule 70 Incumbent and their size: Tapestry, Small Business Method of previous acquisition: Small Business Set Aside Period of performance: July 15, 2020 � July 14, 2025 REQUIRED CAPABILITIES: 1. The DoD Cyber Exchange program maintains an authority to operate (ATOs) for their three portals on NIPR, SIPR, and Public environments from the DISA Authorizing Official (AO) in accordance with the DoD Risk Management Framework (RMF). Describe your experience and approach to maintaining a minimum of a 1-year ATO for three environments to include managing AO requirements/conditions, creating Plans of Actions and Milestones, working in Enterprise Mission Assurance Support Service and Request Tracking System (RTS), and mitigating network issues in support of an ATO. 2. The DoD Cyber Exchange program provides our customers with 24x7 access to DoD Cyber information, training, policy, guidance, help desk support.� The DoD Cyber Exchange operates on three classification levels and uses WordPress to publish/host cyber content on 45+ Cyber topics. This effort requires roles such as webmasters, system engineers, and system administrators.� Describe your experience and approach operating and maintaining web portals in different classification levels, including webmaster services, posting of content, customer service, any experience with WordPress and system admin and engineering to support license and certificate updates, network engineering, and environment development and migrations. 3. The DoD Cyber Training program develops and updates DoD�s baseline cybersecurity awareness course, Cyber Awareness Challenge. This course is mandatory for all DoD network users (approximately 5 million). This one hour online course provides an �awareness level� on a variety of cybersecurity topics relevant to the DoD. Describe your experience and approach developing online cybersecurity awareness courseware, for a broad audience with a large number of users (3 million or more). Include any innovative ideas that supports end user engagement and increases course effectiveness, listing specific examples of cybersecurity training products when possible. 4. The DoD Cyber Training program develops and updates a portfolio of cybersecurity training targeted to a broad audience/general user. These online courses provide an �awareness level� on a specific topic and range from 30 minutes to 2 hours. Examples include: �Privileged User Cybersecurity Responsibilities, Social Networking and Your Online Identity, Phishing & Social Engineering, Mobile Devices in a DoD Environment, Internet of Things. Describe your experience and approach developing online cybersecurity awareness courseware, for a broad audience. Include any innovative ideas that supports end user engagement and increases course effectiveness, listing specific examples of cybersecurity training products when possible. 5. The DoD Cyber Training program develops, and updates 9 cyber role-based courses, targeted to the DoD cyber professional and aligned to the DoD Cyber Workforce Framework/DoD 8140. These online courses are in depth, approximately 40 hours of training. Some examples of existing DCWF courses include:� Cyber Defense Analyst, Database Administrator, and Network Operations Specialist. Describe your experience and approach developing cyber training of similar length and tailored to the cyber professional performing one of the 72 cyber work roles. Include any innovative ideas that supports end-user engagement and increases course effectiveness, listing examples of cybersecurity training products when possible.� 6. The DoD Cyber Training program provides Registrar Services for approximately 150-250 cyber classes a year. This team also distributes and analyzes student surveys and maintains training records. Describe your experience and approach providing registration services with a large number of training events, extracting survey results, and compiling results for presentation. 7. The DoD Cyber Training team supports the development of DISA Cybersecurity Awareness Campaign by developing innovative products such as pamphlets, short video topics, written articles, and a variety of cybersecurity tips of the week. Describe your experience and approach creating training products in support of the National Cybersecurity Awareness Month (October) and weekly cybersecurity topics.� SPECIAL REQUIREMENTS: Must have Secret Clearance. Personnel must have interim or final security clearance. Please provide your current FCL. SOURCES SOUGHT: The North American Industry Classification System Code (NAICS) for this requirement is 611430 with the corresponding size standard of $15,000,000.� In order to make a determination for a small business set-aside, two or more qualified and capable small businesses must submit responses that demonstrate their qualifications.� Responses must demonstrate the company�s ability to perform in accordance with FAR clause 52.219-14, Limitations on Subcontracting. To assist DISA in determining the level of participation by small business in any subsequent procurement that may result from this Sources Sought Notice, provide information regarding any plans to use joint ventures (JVs) or partnering.� Please outline the company's areas of expertise and those of any proposed JV/partner who combined can meet the specific requirements contained in this notice. SUBMISSION DETAILS: Responses should include: Business name and address; Name of company representative and their business title; Small Business Socio-economic status (if small); CAGE Code; Prime contract vehicles; to include ENCORE III, SETI, NIH CIO-SP4, NASA SEWP V, General Service Administration (GSA): HCaTS SB, OASIS, ALLIANT II, VETS II, STARS III, MAS (including applicable SIN(s), groups or pools), or any other Government Agency contract vehicle that allows for decentralized ordering.� (This information is for market research only and businesses with a valid cage that lack prime contract vehicles are still encouraged to respond to this notice.) Businesses who wish to respond must send a response via email NLT 4:00 PM Eastern Daylight Time (EDT) on June 28, 2024 to kenric.l.phillips.civ@mail.mil and tara.s.simmons-gulck.civ@mail.mil.� Interested businesses should submit a brief capabilities statement package addressing the specific questions above (no more than five pages) demonstrating the ability to perform the services listed under Required Capabilities.��� �� Proprietary information and trade secrets, if any, must be clearly marked on all materials.� All information received that is marked Proprietary will be handled accordingly.� All submissions become Government property and will not be returned.� All government and contractor personnel reviewing submitted responses will have signed non-disclosure agreements and understand their responsibility for proper use and protection from unauthorized disclosure of proprietary information as pursuant to 41 USC 423.� The Government shall not be held liable for any damages incurred if proprietary information is not properly identified.
 

Web Link

SAM.gov Permalink
(https://sam.gov/opp/bef434e1ecd64570a83fe48c03bee1ef/view)
 

Place of Performance

Address: Fort George G Meade, MD 20755, USA

Zip Code: 20755

Country: USA
 

Record

SN07095588-F 20240614/240612230120 (samdaily.us)
 

Source

SAM.gov Link to This Notice
(may not be valid after Archive Date)

---

| FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |