1. Provide a brief overview and history of your organization, highlighting specific experience in projects of this type, including expertise in detail.
  2. Describe the organizational structure of your company and provide the following information:
    1. Corporate organizational chart, including subsidiaries, affiliates, list of the board of directors, list of key personnel.
    2. The total number of W-2 employees.
    3. The turnover rate for the previous twelve months.
    4. Brief overview of the type of product or services provided.
  3. Provide three current customers’ contact information, each from different companies. If possible, include references where your company is providing services similar in size and scope.
    Include the following points for reference:
    1. Company name.
    2. Customer contact with phone number and email address.
    3. Brief overview of the type of products or services provided.
  4. List your top three (3) service competitors.
  5. What differentiates your company from other vendors? What is your competitive  advantage? Please provide examples.
  6. Document and explain how your company would meet the deliverable expectations. Explain in detail each of the following deliverables in your response.
    1. Maturity assessment/gap analysis
    2. Deployment plan
    3. Resource/Role needs
    4. Training plans/needs
    5. Deployment assistance
  7. Explain your assessment/implementation methodology. Describe it in phases, the associated tasks and tools needed. Please include deliverables and an estimated timeline.
  8. Provide an explanation of the tools used to execute the project.
    1. Is the work performed dependent on (company name) purchase of any tools/methodologies beyond what is proposed by your company in this RFP?
    2. What industry or proprietary tools do you utilize to help make recommendations? Would (company name) have complete access to use these tools?
  9. Mention a summary of your company’s experience on previous projects. This should include cited examples of large organizations where the vendor has assisted in the development of a SOC/CDC design, including references to
    regional and global location, industry, and starting state of the implementation (updating a mature SOC to current standards vs. starting from no SOC and building it from scratch).
  10. How many times have you successfully implemented your proposed solution in other engagements? Provide examples and supporting documents/whitepapers/etc.
  11. What are the main challenges and risks that your company has faced during similar engagements completed for other clients? How does your company overcome these risks and challenges?
  12. (Company Name) expectation is that resources deployed will have experience working with large enterprises during the deployment of a SOC/Cyber Defense Center. The assigned resources should have experience in working in or with a SOC/CDC should have in-depth knowledge of security concepts (including advanced cyber-threats), documented credentials supporting their expertise in the field, background in incident response/CSIRT services, and incident handling.
    1. Please outline the team members, their roles, and titles. Provide details of the type of experience that your resources have on similar projects.
    2. Does your company use subcontractors in the delivery of these services?
  13. Information on pricing should be provided separately from RFP and labeled “Pricing Response.”
    1. Outline in this section all costs involved with providing the above services and tasks for (company name). Be thorough in your explanation and methodology and detail any assumptions made in your assessment.
    2. Is your pricing model based on an hourly rate, results-based, flat fee, or other? Explain your model, what is included in any fee, and identify staffing rates used in providing these services.
    3. Identify any other costs for these services.
    4. Provide a total cost for completing the service and explain the methodology or process used to arrive at this price.
  14. After reading the requirements listed above, what risks do you foresee that could impact the success of this RFP? How would you resolve these risks?
  15. As part of your response, please include additional appendices as applicable. Do not include any marketing materials.

 

To know about advanced SOC/Cyber Defense Services, get in touch with our experts at contact@aujas.com.