Accessibility Information

Users of assistive technologies such as screen readers should use the following link to activate Accessibility Mode before continuing: Learn more and Activate accessibility mode.

Insider Threat Program (InTP) Support

Solicitation Number: M00264-14-RFI-0216
Agency: Department of the Navy
Office: United States Marine Corps
Location: MCB Quantico - National Capital Region (NCR)
  • Print
Sources Sought
Added: Feb 12, 2014 8:03 am
PURPOSE: The purpose of this Request for Information (RFI) is to conduct market research for use in formulating an acquisition strategy to obtain technical, cyber, and security support for enterprise audit and insider threat capabilities at the Marine Corps Intelligence Activity (MCIA). Executive Order 13587, directs departments and agencies to establish, implement, monitor and report on the threat that an insider will use her/his authorized access, wittingly or unwittingly, to do harm to the security of the United States. This requirement is in support of the Command Security Office (CSO) and Sensitive Compartmented Information (SCI) Enterprise Office (SEO) responsibilities for Insider Threat, Security, Information Technology (IT), Cyber Security (Cyber), and Information Assurance (IA) directly related to Enterprise Audit and Insider Threat Program (InTP) responsibilities and functionality.

The MCIA InTP is designed to deter, detect, and mitigate insider threats, including the safeguarding of classified information from exploitation, compromise, or other unauthorized disclosure, The Contractor shall assist the MCIA in meeting executive mandates to improve the security of classified networks and the responsible sharing and safeguarding of classified information. This RFI allows potential Contractors to submit a non-binding statement of interest and documentation demonstrating their corporate capabilities and suggestions that will allow the Government to refine its potential course of action. The qualifying NAICS code for this effort is 541519 with a size standard of approximately $25.5 Mil.

BACKGROUND: The Director of Intelligence (DIRINT), Headquarters, U.S. Marine Corps has designated MCIA as the executive agent for establishing and managing the Marine Corps Sensitive Compartmented Information (SCI) Enterprise Office (SEO) and Marine Corps Intelligence Surveillance and Reconnaissance Enterprise (MCISRE) InTP as required by Executive Order 13587 and Intelligence Community (IC) directives. The SEO is responsible for and supports all Marine Corps SCI IT, IA and Cyber responsibilities as related to Enterprise Auditing for Joint World Wide Intelligence Communication System (JWICS), National Security Agency Network (NSAnet), Secret Internet Protocol Router Network (SIPRNet), and the Open Source Information System (OSIS). The SEO responsibilities are global in providing governance and service orientated processes to more than 30 garrison and tactical sites. The MCIA CSO is responsible for the MCIA InTP as well as physical and personnel security processes, access control, and reporting. The CSO responsibilities are MCIA focused with strategic planning to extend governance across the MCISRE. The Contractor shall assist the Government in providing onsite technical assistance and service-oriented support, and shall support joint government team.


The core objectives to be accomplished include IT management, network operations, network defense, information assurance, and asset management for all networks in order to protect the integrity of classified systems and data in compliance with Marine Corps, DOD, and IC standards. The Contractor shall provide support for the following three (3) functional areas: Chief Information Office (CIO), Insider Threat Program (InTP), and Command Security Office (CSO).

Capabilities required for Chief Information Office (CIO) Support include:

- Assisting in providing engineering and Information Technology (IT), Active Directory (AD), and UNIX services required to support the CIO's contribution to the InTP.
- Provide engineering and IT support to include Engineering, Operations and Maintenance (O&M), Testing, and Support assistance to conceptually design, build, test, deploy, and maintain life cycle auditing capabilities and services to meet MCISRE requirements supporting over 750 users across numerous security domains with the predominance of the work load allocated to JWICS, but with support also to NSAnet, SIPR, and OSIS.

- Assist with AD support by providing engineering, design, systems maintenance, and support for the MCISRE SCI Active Directory (AD) environment consisting of Windows Server 2008R2 and Windows 7 operating systems or higher. The Contractor shall have a thorough understanding of domain level server roles and requirements. The Contractor shall assist in planning, process improvement and quality measurement skills to deliver operational efficiencies and architectural expertise for projects, develop, plan, and maintain Global AD Design, as well as maintain the Microsoft AD.

- Assist in establishing Global policies/procedures, and provide solutions for a Global AD service support model. Develop and produce Daily/Weekly/Monthly tasks needed to maintain the environment, and provide documentation and procedures for executing these tasks, develop and maintain Disaster Recovery (DR) Plans for the AD environment, provide Distributed File system management, and provide on-call and third-level production support for the AD environment. The Contractor shall assist the Government by providing guidance for the configuration of customer systems and applications to accept Public-Key Infrastructure (PKI) credentials for user authentication, application of digital signatures or implementation of cryptographic capabilities, and manage and troubleshoot Group Policy Objects (GPOs), Dynamic Host Configuration Protocol (DHCP), Domain Name Server (DNS), AD Site links, AD Trust Relationships, modify AD object Attributes and recover AD objects, assist the Government in managing the configuration of multiple Group Policy objects, and support Monitor and Troubleshoot Domain Replication.

- UNIX services consist of assisting in deploying new servers and images, configure and Integrates UNIX based systems to work with Microsoft Windows and Windows Terminal Services, and providing after hours/weekend support for critical systems and scheduled maintenance when necessary. The Contractor must be capable of adapting to a high demand and a fast paced environment and must possess a proficient knowledge of Redundant Array of Independent Disks (RAID) Arrays, Network Storage, and Storage Area Network (SAN) architectures.

Capabilities required for the InTP Support include:

The Contractor shall provide IA Audit, architecture, engineering, integration support, and technical expertise relative to InTP requirements and IA-related capabilities and initiatives driven by DOD, IC and Federal directives and policy or by local requirements. Current capabilities include, but are not limited to, Insider Threat Audit Monitoring, Host-Based Security System (HBSS), content filtering technologies; antivirus solutions, whitelisting technology, vulnerability scanning and assessment products, and security log correlation management. As requested by the Government, the Contractor shall gather information about new IA requirements as provided by United States Cyber Command (USCYBERCOM), DIA, DISA, ODNI, NSA and other Federal agencies.

Capabilities required for CSO Support include:

Assistance, to the extent possible, in assuring the loyalty, reliability, suitability, and trustworthiness of applicants, employees, and others who work with, will work with, or have access to sensitive or classified information and materials. The Contractor shall also all assist in all aspects of security work concerned with the identifying materials, processes, and information that require protection and recommend the level of security classification and other protections required in support of the InTP. This also includes the coordination necessary to identify items of information, technology, and materials that are restricted from transfer to foreign nationals and are considered limited distribution.


Responses to this RFI shall not exceed (10) pages, including cover letter and contact information. Subject response must contain: (1) Capability statement sufficient to demonstrate performance acumen directly related to the objectives listed above; (2) Labor categories and rates used by respondents for similar services; (3) Link to the respondent's General Services Administration (GSA) Schedule or attach file of same (not included in page limit), if applicable (product or service must be 100% available from the referenced schedule); and (4) Three customer Citations of any current or past performance related to the objectives (i.e., within the past two (2) years) to include contract number, point of contact telephone number or e-mail address; and (5) other material relevant to establishing core competencies of the firm. Please identify Large/Small Business size status.

Response is due by 10:00 AM, 26 February 2014. Please submit e-mail responses to Carol Neely, Customer Liaison, at email address:

NOTES: Issuance of this notice does not constitute any obligation whatsoever on the part of the Government to procure these services or to issue a solicitation. The Marine Corps is neither seeking proposals nor accepting unsolicited proposals, and responses to this notice cannot be accepted as offers. Any information the vendor considers proprietary should be clearly marked as such. The U.S. Government will not pay for any information or administrative costs incurred in response to this RFI.

2010 Henderson Road
Quantico, Virginia 22134-5045
United States
Carol E. Neely
Phone: 7034328049