DOT MARAD - IT Application DevSecOps - MRAS

The General Services Administration (GSA), on behalf of the Department of Transportation (DOT), is conducting market research to assess capabilities for a significant initiative within the Maritime Administration (MARAD). This effort is focused on enhancing MARAD's information technology infrastructure through advanced application development, security, enhancement, operations, and maintenance support. The primary goal is to ensure that MARAD's IT systems are robust, secure, and capable of supporting its mission effectively. The agency seeks to leverage modern IT practices and technologies to improve service delivery and operational efficiency.

The scope of work involves several key components aimed at transforming MARAD's IT approach. A major focus is on adopting DevSecOps methodologies to unify software development, security, and operations. This approach emphasizes collaboration among these teams to deliver secure software rapidly while integrating security throughout the software lifecycle. The transition from traditional waterfall processes to Agile/Scrum and DevSecOps practices will require contractors who can demonstrate expertise in automation across all phases of the application lifecycle development, testing, integration, deployment, and monitoring.

In addition to process improvements, the initiative involves deploying cutting-edge technologies essential for DevSecOps projects. Contractors must be proficient in tools such as GitHub for version control; Jenkins for continuous integration; Docker for containerization; Ansible for configuration management; Selenium and Chef for continuous testing; and Nagios for monitoring. These technologies will support MARAD's strategic shift towards cloud-based applications and automated processes that enhance both performance and security.

Overall, this project represents a strategic investment in modernizing MARAD's IT capabilities by fostering a culture where security is integral to every phase of the software lifecycle. By automating key processes and integrating advanced security measures into their development pipeline, MARAD aims to accelerate its ability to deliver high-quality software solutions that meet the evolving needs of its stakeholders efficiently.