Closed

Provide and Implement a Security Information and Event Management (SIEM) Solution

Tender ID: 527034

Tender Details

Organisation:
National Disability Insurance Agency
Tender #:
RFI-01696  
Status:
Closed
Publish Date:
20 May 2023
Closing Date:
29 May 2023

Tender Description

⁠⁠⁠This request for Information is to supply, design and implement an enterprise grade Security Information and Event Management (SIEM) solution for the department. The solution should process large volumes of events from a range of cloud and on-premises endpoints and services. The platform will provide a central point for monitoring and correlating Cyber Security events in near real-time for the agency. It should be capable of providing a ‘single pane of glass’ view for analysts to detect threats, customize alerts and views. Development of candidate incidents aligned to MITRE that are created from correlated events or events from downstream systems. The department has a range of resources – 15000 endpoints, physical and virtual, multi cloud environments, on premise communications infrastructure and SaaS platforms.

The product should be either a cloud based (SaaS) or container-based solution and hosted in Australia. The SIEM should integrate with other security platforms – including User Entity Behaviour Entity Monitoring (UEBA) and Threat Intelligence Platforms using Industry standards. The platform should provide or demonstrate the ability to integrate with Security Orchestration and Automation (SOAR), Phishing Simulation third party solutions. The solution should deliver current technologies like XDR (Extended Detection and Response). The platform should contain a ticketing feature for analysts. Compliance to Industry standards – SOC certifications, IRAP assessed are preferrable. Personnel must have Australian Citizenship and must undertake a National Police Check prior to onboarding. Initial works will be performed in-person Future works may be performed in a hybrid manner.

The users and their needs:

Cyber Security Analyst:

· Monitor Cyber Security events

· Create alerts

· Create escalations in ticketing system

Security Engineer:

· Ingest log sources

· Monitor platform

· Create Alerts

· Customise dashboards

· Generate reports

Managers:

· Generate reports on Cyber security posture

· Create approvals for remediation

· Generate reports on analyst metrics

Investigators:

· Configure and maintain integrations with Threat Intelligence Platform and User Behaviour Analytics, Anti Phishing solutions if required

· Create custom alerts

· Access a limited view of the SIEM platform (RBAC mechanism)

Response format:

· Presentation

· Free product trial

Essential criteria:

· Have demonstrated experience in designing and Implementing an Enterprise grade Security Information and Event Management (SIEM)

· The SIEM should integrate with other security platforms – including User Entity Behaviour Entity Monitoring (UEBA),Platforms, using Industry standards.

· The product should be either SaaS or container based and hosted in Australia. The solution must demonstrate compliance to Industry standards – SOC, IRAP (preferred)

· The solution should deliver current technologies like XDR (Extended Detection and Response) either natively or through add-ons

· The platform should demonstrate the ability to integrate or natively provide Security Orchestration and Automation platforms.

· The platform should provide candidate incidents aligned to MITRE that are created from correlated events or events from downstream systems.


Location

Western Australia   :   Gascoyne   :   Goldfields/Esperance   :   Great Southern   :   Kimberley   :   Mid West   :   Peel   :   Perth Metropolitan   :   Pilbara   :   South West   :   Wheatbelt  
New South Wales   :   Central West   :   Far North Coast   :   Far West   :   Hunter   :   Illawarra   :   Mid North Coast   :   Murray   :   New England   :   Orana   :   Riverina   :   Southern Highlands   :   Sydney  
Queensland   :   Cairns & Far North Queensland   :   Gladstone   :   Mackay Whitsunday Region   :   Mount Isa & North West Region   :   Rockhampton   :   South East Queensland   :   South West & Darling Downs   :   The Central West   :   Townsville   :   Wide Bay Burnett  
Victoria   :   Barwon South West   :   Gippsland   :   Grampians   :   Hume   :   Loddon Mallee   :   Melbourne  
South Australia   :   Adelaide   :   Eyre & Western   :   Far North   :   Fleurieu & Kangaroo Island   :   Limestone Coast   :   Murray & Mallee   :   York & Mid North  
Northern Territory   :   Big Rivers   :   Central Australia   :   East Arnhem   :   Greater Darwin  
Australian Capital Territory  
Tasmania  

Category

Information & Communication Technology   :   IT Security Services   :   Software & Application Development Services   :   Software Purchasing & Leasing Supply  

Similar tenders

Open opportunities matching this tender's categories and regions.

Delegations Software
Cairns Regional Council
Future
Great Barrier Reef Masters Games – Event Registration System Software
Cairns Regional Council
Future
Provision of 3D Rail Modelling
V/Line Corporation
Future
Digital Experience Security Assurance Services (PEN Testing)
National Archives of Australia
Future
Supply and Implementation of an Enterprise Energy and Emissions Data Platform
Cairns Regional Council
Future
Microsoft Commercial Licensing Program
Cairns Regional Council
Future
Automated Payment and Direct Debit Solution
Cairns Regional Council
Future
Campaign submissions digital platform
Department of Premier and Cabinet
Future