Ireland - Enterprise Security Operations Managed Service

Description

Provision of a Security Incident and Event Management System (SIEM) and a Managed SOC Service operating 24x7x365 and capable of meeting Ervia’s needs and include the following capabilities:— 24*7*365 Monitoring and Alerting Service,— Event and Data Collection,— Dashboard and Reporting,— Event Correlation,— User and Entity Analytics,— High Volume Log Management,— User Monitoring,— Application Monitoring,— Real Time Data Collection,— Incident Management,— Threat Intelligence,— OT and Telemetry capability,— Forensic Investigation.Scope of contract includes:— Provision, implementation and support of a scalable solution for initially up to 6 000 events per second (EPS) and / or equivalent IP / Volume based licensing model with potential to grow significantly over subsequent number of years and incorporating additional systems (through inclusion of existing or future new systems),— The SIEM solution must be capable of providing a secure means of integration with the relevant Ervia, Irish Water and Gas Networks Ireland systems (IT and OT Systems).Real-time collection and analysis of events from host systems, security devices and network devices. The solution must use global energy sector threat intelligence to identify existing and emerging threats,— Ervia have a requirement for a Siem technology implementation to be co located between Ervia and Supplier premises. In addition to the SIEM solution Ervia wishes to engage with the supplier to provide a managed SOC service for which the operating model should be a hybrid approach which leverages global knowledge and skilled persons for augmenting the in house Security Operations team and help to drive the maturing of Ervia security threat intelligence capability and incident response / resolution’,— It must be fully compatible with existing Ervia IT and OT systems and technologies, and be fully scalable (for future expansion if necessary),— Provision of a managed SOC service to configure, tune, and respond to relevant severity events, this response will include an initial SIEM based investigation and alerting of events,— The provider must have a dedicated Security Operations Centre staffed 24/7/365 by appropriately qualified personnel,— Provide predefined functions that can be lightly customized to meet Ervia’s specific requirements,— Comply with all Irish and EU regulations, including GDPR and recommendations on how the vendor will help Ervia comply with the EU NIS Directive,— Provision of advanced security intelligence relating to Ervia’s business,— Professional services to establish document and mobilise target operating model with Ervia’s Security Operations team, including training where applicable,— Capability to provide auxiliary resources and services to manage security devices where necessary and to react to security incidents.

Opportunity closing date

02 October 2018

Value of contract

to be confirmed