DCSA Enterprise Cybersecurity Support Services

Questions & Answers / Clarifications

This document provides responses to contractor questions regarding the DCSA_CYBERSSN_25 opportunity.

• Requirement Type & Incumbent: The opportunity is a recompete, and Agile Decision Sciences, LLC is the incumbent. The incumbent contract numbers are HS002122C0004 and HS002123C0012.
• Contract Value: The contract value will not be released at this stage. Offerors will have the opportunity to review the Request for Proposal (RFP) and associated documents to propose accordingly once solicited.

This Q&A document clarifies the nature of the requirement as a recompete and identifies the incumbent. It also states that the contract value will be released with the RFP, impacting how bidders prepare their proposals and understand the opportunity's scale.

Statement of Work (SOW) / Performance Work Statement (PWS)

This document outlines the tasks required for Enterprise Cybersecurity Support Services for the Defense Counterintelligence and Security Agency (DCSA).

• Basic Services: Provide enterprise cybersecurity support for all systems across various classification levels, including Cyber Data Management, Cybersecurity Engineering, Cyber Compliance Support, Cyber Publication Services, Cyber Defense Operations, Cloud Security Engineering, System Lifecycle Risk Management, and Project/Program Management. This support covers Information Systems (IS) general enclaves, major and minor applications, cloud environments, and IT analyses, supporting up to 15,000 personnel.
• Information Systems Engineering (ISSE) Program Support: Maintain IT infrastructure, applications, and new development projects, ensuring network security efficacy.
• Cybersecurity Support Services of Major Programs: Provide Assessment and Authorization (A&A), cloud initiatives, risk management, product analysis, facility inspections, site assessments, and circuit action support.
• Cyber Compliance and Public Key Infrastructure (PKI) Support: Support the PKI Program Management Office (PKI-PMO), Data Transfer Program, and Media Destruction Program.
• Cyber Compliance Support Services: Support cybersecurity compliance, user account requests, cyber training compliance (for ~15,000 accounts annually), Federal Information Security Modernization Act (FISMA) reporting, account auditing, and overall agency compliance.
• Cyber Publication Support Services: Maintain and support current and future cyber organizational operations through technical documents, procedures, and cyber written artifacts.
• Data Management Support Services: Provide data management services for the Enterprise Data Management (EDM) Program.
• System Lifecycle Risk Management – Cybersecurity, Compliance and Risk Management (CCRM): Establish and mature the DCSA enterprise CCRM program, ensuring consistency across products and systems, and managing change and configuration for DCSA IT, cloud, capabilities, and enclave environments.
• Cyber Defense Operations (CDO) / Computer Network Defense Support Services: Maintain and support the EC3-SOC, adhering to DoD and DCSA guidance.
• Emergent Technology Support: Provide cybersecurity/engineering services for zero-trust, networking, supply chain risk management, technology assessments, Cloud and AI-enabled security solutions, and integration of innovative technologies. Support Risk Management Framework (RMF) for specific steps and advise the Information System Security Manager (ISSM) on security control implementation and compliance.

Not explicitly detailed in this attachment, but implies ongoing support for DCSA operations.

• Support for systems operating at all classification levels.
• Adherence to established workflows and timelines provided by the Government.
• Compliance with DoD published guidance, Directives, Instructions, Manuals, and DCSA CCRM, CDO SOC CONOPS.
• Support for approximately 15,000 accounts annually for compliance and training.
• Risk Management Framework (RMF) support for steps 0-3 and 6.
• Advising on security control implementation, mitigation strategies, and compliance.

Sources Sought Notice

This notice is issued by the Defense Counterintelligence and Security Agency (DCSA) for market research to determine the availability and technical capability of Certified 8(a) companies to provide Enterprise Cybersecurity Support Services. This notice does not constitute a Request for Proposal (RFP) or a promise to issue one, nor does it commit the Government to a contract.

The DCSA is seeking information on capabilities to provide comprehensive cybersecurity support for its current enterprise and future organizational needs. This includes, but is not limited to:

• Knowledge-based support for cybersecurity development, including cloud environments.

• Integration of Enterprise Data Management (EDM).

• Assistance with Authorization & Assessment (A&A) and Risk Management Framework implementation.

• Identification, protection, detection, response, and recovery from cyber threats and vulnerabilities.

• Approved product analysis for DCSA networks.

• Support for Non-Classified Internet Protocol Router Network (NIPRNet), Secret Internet Protocol Router Network (SIPRNet), and Joint Worldwide Intelligence Communications System (JWICS) tokens and media destruction.

• Review of Cyber Workforce Improvement program reports.

• Incident response, forensics, threat hunt, and cyber operations test and evaluation.

• Use of tools to detect, analyze, counter, and mitigate cyber threats.

• Configuration and change management practices.

• Supply chain risk management assessments.

• Support for securely onboarding and off-boarding personnel.

• Cybersecurity Engineering, Cyber Data Management, Cloud Security Engineering, Cybersecurity Risk Management, System Lifecycle Risk Management, Cyber Defense Operations, Cyber Compliance Support, and Cyber Publication Services.

• The NAICS code contemplated is 541513 – Computer Facilities Management Services ($37.0M Business Size Standard).

• The PSC contemplated is DJ01 – IT and Telecom – Security and Compliance Support Services (Labor).

• Interested 8(a) vendors must submit capability statements by 20 May 2025 at 5:00 PM EST.

• Submissions should address performance experience and capability related to the service requirement Task Elements (listed in Attachment 1).

• Capability statements should not exceed 15 pages.

• Submissions must be in Word or PDF format. Zipped files and/or telephone requests will NOT be accepted.

• No questions or phone calls will be accepted concerning this notice.

• This notice is specifically for Certified 8(a) companies.

• For interested 8(a) Joint Ventures (JV), the firm shall indicate if the 8(a) JV itself or the individual partner(s) hold the required security clearance.

• This potential effort requires an active Top Secret Facility Clearance.

• National Capital Region (NCR), including Quantico, Virginia and Hanover, Maryland.

• All responses become Government property and will not be returned.

• The Government reserves the right to use any information provided for any purpose deemed necessary and legally appropriate, including in any resultant solicitation.

• Vendors must demonstrate their ability to comply with the requirements to be considered capable.