The National Institute of Standards and Technology (NIST) is seeking information on a contractor that can provide cybersecurity research, development, and implementation support services and subject matter expertise on task areas of various priority levels.
In a sources sought notice, NIST said it is considering issuing an Indefinite-Delivery, Indefinite-Quantity (IDIQ) contract “to gain technical expertise and consultation in multiple specified areas of cyber and information security and privacy to ensure that the NIST mission can be met to provide standards, technology, tools, and practices to protect our nation’s information and information systems.”
Specifically, NIST is interested in responses from all small businesses valued under $30 million that can provide the ability for the agency to ensure support is available when needed for specific tasks when they are identified through internal requirement and resource evaluation. Those task areas include:
- Providing technical inputs into, and supporting the development of, Standards, Guidelines, NIST Interagency Reports (NISTIRs), Models, Measures, Derived Test Requirements, and Standard Reference Materials;
- Software development, application development, and application modeling support;
- Researching work to be conducted in cybersecurity, supply chain, cloud, identity, access and privilege management, network and internet security, among others;
- Supporting “development and implementation of processes and mechanisms to enable effective outreach and communications with collaborators and stakeholders across the cybersecurity landscape, including industry, academia, standards organizations, and governments;”
- Programming operations and analysis work to be conducted in National Vulnerability Database analysis, Cryptographic Algorithm Program analysis, Cryptographic Module Validation Program analysis, Security Content Automation Program Validation support to labs and vendors, and Cryptographic Validation Program support to labs and vendors;
- Reporting and tracking projects meeting external requirements; and
- Providing recommendations on standards activities that reflect NIST strategic positions, and interaction with Standards Development Organizations.
Responses to the notice are due April 15, 2021.
