Specifications include, but are not limited to: The purpose of this Request For Proposal (the "RFP") is to solicit competitive proposals for a partnership with a professional Managed Security Service Provider (MSSP) to deliver virtual Chief Information Security Officer (vCISO) services and other security services led by a vCISO for JEA’s information and information systems. The selection criteria will be based on the best value to JEA (the "Work" or "Services"). "Best Value" means the highest overall value to JEA with regards to pricing, quality, design, bundled services and workmanship. The chosen Managed Security Service Provider will not install any hardware or software within JEA’s network without explicit approval from the Director of Information Security or designee. Any such hardware or software required to support services associated with Setup scope criteria must be explicitly mentioned before any contracts are signed. Provider resources supporting the MSSP will be able to meet the NERC CIP, AWIA, PCI DSS, HIPAA, FACTA, NACHA, and FIPA regulations.
