Managed Security Services Provider
Solicitation number 202409005
Publication date
Closing date and time 2024/12/23 14:00 EST
Last amendment date
Description
The VIA Information Technology (IT) department would like to select an IT Managed Security Services Provider (MSSP) to manage a portfolio of VIA’s for Security Event Monitoring, Incident Detection and Response activities.
Mandatory Requirements:
The Proponent must have minimum five (5) years of experience providing Managed Security Services for clients in Canada and/or US with hybrid IT infrastructure (on-premises and cloud) of similar scale and complexity to VIA and; A minimum of three (3) references must be provided for VIA to contact and; One (1) of the references must be in the transportation or railway industry.
VIA requires access to the solution’s dashboard and customer portal. The Proponent will provide VIA with read-only access to all solutions provided as part of the services. Visibility of what’s going on in the environment. Single point interface to access the status of the services.
Operate a credible Professional services practice that includes SOC analysts, security strategy & planning, compliance & auditing, policy assessment & development, testing, breach & incident response, forensics, threat intelligence & research team and more.
The Supplier will also ensure that an SSAE 18 SOC 2 Type II audit (or an equivalent agreed upon by VIA) is conducted annually, covering the same Trust Services Principles as applicable, along with the Services, the Supplier's portion of the Solution, and the relevant sites providing the Services.
Mandatory Requirements:
- Official Languages
2.Experience
The Proponent must have minimum five (5) years of experience providing Managed Security Services for clients in Canada and/or US with hybrid IT infrastructure (on-premises and cloud) of similar scale and complexity to VIA and; A minimum of three (3) references must be provided for VIA to contact and; One (1) of the references must be in the transportation or railway industry.
3. Access to Solution Dashboard
VIA requires access to the solution’s dashboard and customer portal. The Proponent will provide VIA with read-only access to all solutions provided as part of the services. Visibility of what’s going on in the environment. Single point interface to access the status of the services.
- Security Operations Center (SOC)
- Threat Intelligence
6. Security Professional Services
Operate a credible Professional services practice that includes SOC analysts, security strategy & planning, compliance & auditing, policy assessment & development, testing, breach & incident response, forensics, threat intelligence & research team and more.
- Security Certifications
The Supplier will also ensure that an SSAE 18 SOC 2 Type II audit (or an equivalent agreed upon by VIA) is conducted annually, covering the same Trust Services Principles as applicable, along with the Services, the Supplier's portion of the Solution, and the relevant sites providing the Services.
- Service Management and Ticketing
Bidding and Documents are available on http://www.merx.com. Fees may apply; See https://www.merx.com/public/pricing for more information.
Contract duration
The estimated contract period will be 60 month(s).
Trade agreements
-
Canada-European Union Comprehensive Economic and Trade Agreement (CETA)
Contact information
Contracting organization
- Organization
-
VIA Rail Canada Inc.
- Address
-
3 Place Ville-Marie, Suite 500Montreal, Quebec, H3B 2C9Canada
- Contracting authority
- Gina Siviero
- Phone
- 514-871-6536
- Email
- gina_siviero@viarail.ca
Bidding details
Full details for this tender opportunity are available on a third-party site
Click on the button below to be directed to this website. Note that on the third-party site you may need an account to view and/or bid on this tender. Information on any fees or additional costs to access the full details is outlined in the Description tab of this tender opportunity.