Security Operations Centre (SOC) Development and Implementation
Tender ID: 604368
Tender Details
Tender Description
This Tender is invited by the Issuer.
The Australian Government’s Australian Cyber Security Strategy sets a vision to become a world leader in cybersecurity by 2030.
This purpose of this RFQ is to engage a Seller to deliver an externally managed PROTECTED Security Operations Centre (SOC).
AUSTRAC is looking to move to a managed SOC to leverage benefits not available with existing in-house resources under the agency’s current operating model, including:
- continuous monitoring and threat detection (24/7/365);
- centralised hub for both tools and expertise;
- faster incident response;
- access to security expertise.
The requirements for this procurement will be delivered in three (3) Phases.
In Phase 1, the Seller will undertake work to understand and clearly define the SOC service and capabilities required at AUSTRAC. Noting the attached Statement of Requirements, the vendor will be required to:
- develop a detailed SOC operating model including roles and responsibilities between the vendor and AUSTRAC, both during standard operations and in the event of a cyber incident;
- assess and recommend a preferred SIEM solution;
- analyse and provide a recommendation for using AUSTRAC vs the vendor’s SIEM instance (if relevant). This should include the pros and cons of both options and an analysis of associated risks.
- undertake a gap analysis of AUSTRAC’s current security operations processes against best practice;
- develop a detailed roadmap and implementation plan to deliver the operating model, consolidated SIEM solution and uplifts to best practice.
In Phase 2, utilising the roadmap developed and agreed upon in Phase 1, the Seller will set up the SOC and mature associated capabilities, such as consolidating to one SIEM and tuning alerts.
In Phase 3, the final Phase of the Contract, the Seller will provide ongoing managed SOC services per the agreed operating model. Per the Statement of Requirements, this will include the Seller providing advice regarding, and supporting implementation, of best-practice recommendations as they change over time.