cybersecurity management support services

SOL #: 693JJ320A000013_693JJ322F00228N_P00008JustificationSole Source

Overview

Buyer

Transportation
Federal Highway Administration
693JJ3 ACQUISITION AND GRANTS MGT
WASHINGTON, DC, 20590, United States

Place of Performance

DC

NAICS

Computer Systems Design Services (541512)

PSC

Security And Compliance Support Delivered As A Service, By Subscription, Or Service Contract. Includes Support Of Security Policies/Controls, Processes, Measuring Compliance Of Relevant Legal/Compliance Requirements, To Include Section 508, And Responding To Security Breaches. Also Provides Support For It Security Systems Providing Continuous Diagnostics And Mitigation (Cdm) For Real Time Cyber Security And Protection Such As Vulnerability Scanning, Managing Firewalls, Intrusion Prevention Systems, And Security Information And Event Management (Siem). Includes Disaster Recovery (Dr) Services To Support Dr Policy, Process And Means, Dedicated Failover Facilities And Perform Dr Testing. (DJ10)

Set Aside

No set aside specified

Timeline

1
Posted
May 1, 2026

Qualification Details

Fit reasons
  • NAICS alignment with historical contract wins in similar service areas.
  • Scope strongly matches core technical capabilities and delivery model.
Risks
  • Past performance thresholds may require one additional teaming partner.
  • Potential clarification needed on staffing minimums before bid/no-bid.
Next steps

Validate eligibility requirements, assign capture owner, and schedule partner outreach to confirm teaming strategy before submission planning.

Quick Summary

The Department of Transportation (DOT), specifically the FEDERAL HIGHWAY ADMINISTRATION, has issued a Justification for a sole-source extension of cybersecurity management support services. This action extends an existing Blanket Purchase Agreement (BPA) Order with Deloitte LLP for an additional four months, through August 31, 2026, to ensure continuity of critical services.

Scope of Work

The services provided by Deloitte LLP include comprehensive cybersecurity management support, encompassing:

  • Operations and oversight
  • Risk and vulnerability management
  • Federal Information Security Management Act (FISMA) compliance
  • Support for DOT's cybersecurity tool stack, including BigFix and Tenable

These services are vital for maintaining enterprise cyber readiness, responding to security incidents, and supporting ongoing IT modernization efforts within the DOT.

Contract & Timeline

  • Opportunity Type: Justification (Sole Source Extension)
  • Incumbent Contractor: Deloitte LLP
  • Extension Period: Four (4) months
  • New Expiration Date: August 31, 2026
  • Original Order Expiration: April 30, 2026
  • Published Date: May 1, 2026
  • Set-Aside: None specified

Additional Notes

The extension is necessary to provide uninterrupted cybersecurity support while the DOT restructures its IT workforce and evaluates the feasibility of bringing these support services in-house. This justification provides insight into the critical cybersecurity needs and existing service structure of the DOT.

People

Points of Contact

Ajmal KhanPRIMARY
Ajmal.Khan@dot.gov
Kyle R. GriggsSECONDARY
kyle.griggs@dot.gov

Files

Files

Download

Versions

Version 1Viewing
Justification
Posted: May 1, 2026
cybersecurity management support services | GovScope