DOD - Risk Management Framework - Market Research

The Naval Computer and Telecommunications Station San Diego is seeking cybersecurity/risk management framework (RMF) program management support. The contractor will provide all necessary personnel, equipment, supplies, and services to perform CS/RMF program management support. This includes creating and maintaining A&A packages, coordinating with system representatives, and obtaining Authorizations to Operate (ATO). The period of performance for this contract is one base year with four option years. The work will be performed at Naval Base Coronado/Naval Air Station North Island in San Diego, CA.

The contractor will support the NCTSSD N00SM3 Cybersecurity Program Manager (CPM) and Information System Security Manager (ISSM) in various activities such as Assessment and Accreditation (A&A), Security Tests and Evaluations (ST&E), and Interim Authorizations to Test (IATT). They will also provide expertise in RMF life cycle management and recommend security posture improvements. The contractor will be responsible for creating and maintaining A&A packages, coordinating with system representatives, and obtaining ATOs through validated test results and reviews.

It is important to note that the contractor must have a TOP SECRET security clearance at the time of proposal submission and maintain it throughout the contract period. They must also comply with various security requirements, including Cybersecurity Workforce (CSWF) qualification requirements and Operations Security (OPSEC) training. The contractor will be working at government facilities during regular business hours, Monday through Friday.