On-Call Information Technology Cyber Services

Summary (Newest Update)

Background The San Diego County Regional Airport Authority (Authority) is seeking statements of qualifications (SOQ) from firms or individuals to provide on-call information technology cyber services at San Diego International Airport. The goal of this contract is to enhance the cybersecurity measures and response capabilities at the airport, ensuring the protection of sensitive data and compliance with relevant regulations. Work Details The services required under this contract include: 1. Data breach incident investigation and response. 2. Vulnerability assessments. 3. Penetration testing. 4. Critical controls assessment and compliance testing. 5. Business and operational risk assessment. 6. Documentation services related to cybersecurity protocols. 7. Network, systems, and application services aimed at improving overall cybersecurity posture. Period of Performance The anticipated agreement term is three (3) years, with an option for two (2) one-year extensions at the discretion of the President/CEO. Place of Performance Services will be performed at San Diego International Airport. Bidder Requirements Respondents must self-perform the requested services and demonstrate a minimum of five (5) years of experience in at least three of the specified service areas. They must also provide evidence of prior contracts with at least two airport-related clients and two public agency clients in the U.S., or describe three relevant projects completed in the past five years. Additionally, personnel assigned to perform services must have a minimum of five (5) years of experience in similar roles and possess relevant certifications such as CISSP, CASP, or GSEC for project leads, along with various GIAC or CompTIA certifications for technical staff.