Only invited sellers can apply for an 'Open to one' or 'Open to selected' opportunity.
Learn more about Open to selected opportunities.
Sign in to continue
This opportunity is closed for applications.
The deadline was Thursday 29 March 2018 at 6PM (in Canberra)
Australian Transaction Reports and Analysis Centre (AUSTRAC)
AC1246 Provision of a Security Event and Incident Monitoring (SEIM) Service
Important dates
- Opportunity ID
- 809
- Deadline for asking questions
- Thursday 22 March 2018 at 6PM (in Canberra)
- Closing date for applications
- Thursday 29 March 2018 at 6PM (in Canberra)
- Published
- Thursday 15 March 2018
Overview
-
Write a summary of your brief Provision of Managed Security Incident and Event Monitoring (SIEM) as a Service -
What is the latest start date? -
May 2018 -
How long is the contract? Initial contract period of 12mths, with optional 12mth extension -
Where can the work take place? -
New South Wales -
Who will the specialist work for? -
Australian Transaction Reports and Analysis Centre (AUSTRAC) -
Budget range From discussion with potential suppliers. We believe this service can be carried out for a maximum of $300K per annum (ex GST)
About the work
-
Why is the work being done? At present, AUSTRAC uses a software to collect and analyse event logs. a contract commencement of April 2018, AUSTRAC is seeking provision of a Security Event and Incident Management Service -
What's the key problem you need to solve? Currently AUSTRAC utilises a SIEM, disparate systems and internal resources to monitor event logs and investigate alarms which are not deemed as routine. We are seeking a new SIEM system, available as a service, that is based on more contemporary machine learning concepts and which can collect from a wider range of event sources. -
Describe the users and their needs As a Security Manager, I need to be alerted to significant security events in real-time so that the events can be responded to and mitigated. As an Infrastructure Manager, I need to be able to access security information across a broad range of systems in order to detect and address security concerns.
-
What work has already been done? -
Who will the work be done with? IT Security and Infrastructure team -
Any additional relevant information? -
What phase is the work in? -
Discovery
Work setup
-
Where will the work take place? Initially the work will require onsite consultation at either AUSTRAC Sydney or Canberra offices. Once established the service may be provided off-site. -
What are the working arrangements? To be determined - Onsite consulting and Offsite development and administration -
Is security clearance required? NV1 minimum clearance
Additional information
-
Additional terms and conditions
Skills and experience
Buyers will use the essential and nice-to-have skills and experience to help them evaluate sellers’ technical competence.
-
Essential skills and experience -
- Previous delivery of similar scale SIEM systems
- Cyber security operations capability
- Demonstrated expertise in industry standard SIEM platforms
- Fitness for purpose
- Demonstrated capability to deliver in a Protected environment
- The potential seller's relevant experience and performance history
- Overall security of the offering
-
Nice-to-have skills and experience -
Demonstrated capability to deliver in a Protected environment
How sellers will be evaluated
-
How many shortlisted sellers will you evaluate? -
3 -
Proposal criteria -
- Technical design
- How well the solution meets AUSTRAC's requirements
- Successful solutions for other organisations
- Ability to accommodate and handle protected data
- Value for money
-
Cultural fit criteria -
- Work as a team with our organisation and other sellers
- Transparent and collaborative when making decisions
- Have a no-blame culture and encourage people to learn from their mistakes
-
Payment approach -
Fixed price -
Assessment methods -
- Written proposal
- Work history
- Reference
-
Evaluation weighting -
Technical competence
50%Cultural fit
20%Price
30%
Seller questions
Seller question | Buyer answer |
---|---|
1. Would AUSTRAC consider SIEM offered from a Cloud Environment? And, If cloud was acceptable would this need to be in a certified Protected cloud. | If we were to consider the option, it would have to be a PROTECTED environment. |
2. Would AUSTRAC consider SIEM offered from a Cloud Environment? And, If cloud was acceptable would this need to be in a certified Protected cloud. | If we were to consider the option, it would have to be a PROTECTED environment. |
Only invited sellers can apply for an 'Open to one' or 'Open to selected' opportunity.
Learn more about Open to selected opportunities.
Log in to continue