DC3/AFOSI SETA II Support

Maryland

11/14/2024 02:56 PM EST

12/05/2024 05:00 PM EST

(U) The Department of Defense (DoD) Cyber Crime Center (DC3) is designated as a Federal Cyber Center, is the DoD Center of Excellence for Digital and Multimedia (D/MM) forensics and serves as the operational focal point for the Defense Industrial Base (DIB) Cybersecurity program. To fulfill its mission, DC3 has collaborated with The Secretary of the Air Force, Concepts, Development, and Management (SAF/CDM) Office and the Air Force Office of Special Investigations Headquarters, Cyber Division (AFOSI/XRY) to bring complex cyber operational capabilities to the Air Force. SAF/CDM explores new concepts, develops emerging opportunities, and manages high-priority projects and programs to provide innovative solutions to the Air Force and DoD. AFOSI/XRY is responsible for organizing, training, and equipping the Air Force Law Enforcement and Counterintelligence (LE/CI) cyber mission against criminal and foreign intelligence threats. To meet current and projected workload requirements, DC3, its current partners (SAF/CDM and AFOSI), and adjacent stakeholders must augment its military and civilian workforce with appropriate, highly skilled, analytic, and cyber oriented technical professional services support. Specifically, Scientific Engineering & Technical Assistance (SETA) support capable of applying knowledge/expertise of cyber operations, LE/CI concepts, architectures, systems, hardware (HW) / software (SW) components & protocols, and technologies to analyze proposals, project plans and deliverables for accuracy, compliance, security, and completeness for the Government.

(U) Administrative & Management Support Services (NAICS 541611)

(U) Engineering and Support Services (NAICS 541330)

(U) Section I – Refinement of requirements

(U) 1.1 Objectives: The SETA II support team is expected to draft, edit and fully coordinate technical projects across multiple stakeholders and organizations to include plans that permit the integration of cyber capabilities into infrastructure baselines following legal, regulatory and security requirements.

• (U) 1.1.1 The SETA II support team conducts project planning to include development and management of technical requirements, budget forecasts and estimates, and schedules for project government leads.

• (U) 1.1.2 The SETA II team members are considered a key part of a multi-discipline project team, integrating technical knowledge with operational and threat intelligence information to create holistic capability proposals for transition to operational use.

(U) 1.2 Scope: The SETA II support team requires extensive expertise in systems engineering, Cyber–Law Enforcement (LE)/Counterintelligence (CI)/Counterespionage (CE) tools and techniques, as well as a deep understanding of cyber operations, cyber threats, risk mitigation, government acceptance testing, program management, and financial management. Specific tasks encompass technical analyses for trade studies, cyber capability assessments, lab testing, tool evaluations, support for field test demonstrations, system performance tracking and documentation, vendor market surveys, supportability technical data development, training, transition planning, and implementing new capabilities within a flexible enterprise system architecture environment.

(U) This support also involves developing workflow solutions for the enterprise service management infrastructure, utilizing both classified and unclassified system data sources for the AF Cyber system architecture. This includes improving processes and introducing technical innovations to display operational system and support data for end-users, support providers, and Government stakeholders.

(U) Furthermore, the Contractor will provide engineering and technical enterprise service support, including feasibility studies, analysis of alternatives, technical services during planning, construction or installation phases, inspection, and evaluation of engineering projects to including independent validation and verification and penetration testing as necessary, and related services to support platform, tools, or capability instantiation. Throughout these tasks, adherence to relevant DoD and AF guidance and Instructions is paramount.

(U) 1.3 Standard of Conduct: The Contractor shall adhere to and operate within imposed government official policies, regulations, instructions and directives; completing all steps required to achieve systems accreditations at various levels, to include: design, design documentation, technical development, developmental and operational testing, security assessments, and operational documentation (operating manuals, user and administrator manuals, software design description, functional design/description document) through various certifications (e.g. security A&A, JITC). It is critical for the contractor to ensure the documents are completed throughout the project in a way that will satisfy the accreditation reviews at the end of the project.

(U) Section II – Definitions and FAR/DFAR/Air Force Compliance Requirements

(U) The following FAR and DFAR information is provided as additional context to support the above requirements: FAR Subpart 37.2 - Advisory & Assistance Services (37.200-207), DFAR Subpart 209.5 - Organizational and Consultant Conflicts of Interest (Revised October 30, 2023), 209.5711 

(U) Definitions.

1. (U) "Systems Engineering and Technical Assistance."
   "Systems Engineering" means an interdisciplinary technical effort to evolve and verify an integrated and total life cycle balanced set of system, people, and process solutions that satisfy customer needs.

1. (U) "Technical Assistance" means the acquisition support, program management support, analyses, and other activities involved in the management and execution of an acquisition program.

1. (U) "Systems Engineering and Technical Assistance"
   1. (U) Means a combination of activities related to the development of technical information to support various acquisition processes. Examples of systems engineering and technical assistance activities include, but are not limited to, supporting acquisition efforts such as:

1. (U) Deriving requirements
2. (U) Performing technology assessments
3. (U) Developing acquisition strategies
4. (U) Conducting risk assessments
5. (U) Developing cost estimates
6. (U) Determining specifications
7. (U) Evaluating contractor performance and conducting independent verification and validation
8. (U) Directing other contractors' (other than subcontractors) operations
9. (U) Developing test requirements and evaluating test data
10. (U) Developing work statements (but see paragraph (ii)(B) of this definition)

1. 1. Does not include:
2. (U) Design and development work of design and development contractors, in accordance with FAR 9.505-2(a)(3) or FAR 9.505-2(b)(3), and the guidance at PGI 209.571-7 (DFARS/PGI view); or
3. (U) Preparation of work statements by contractors, acting as industry representatives, under the supervision and control of Government representatives, in accordance with FAR 9.505-2(b)(1)(ii).

(U) Section III – Organizational Conflict of Interest Information/Requirements

(U) Organizational Conflict of Interest (OCI) for this RFI pertains to demonstrated compliance. As such, replies from industry partners interested in this opportunity must clearly demonstrate their understanding and strict compliance as this RFI pertains to FAR Subpart 9.5:

(U) According to Air Force guidance, contractors must strictly avoid any potential organizational conflict of interest (OCI), including the appearance of a perceived OCI condition, and/or prior existence of an OCI condition, by disclosing any potential conflicts to the contracting officer and taking steps to mitigate or avoid them, often by following Federal Acquisition Regulation (FAR) Subpart 9.5 which outlines procedures for identifying and managing OCIs; this includes situations where a contractor might gain an unfair competitive advantage through prior knowledge of government requirements due to previous work with the Air Force.

(U) Key points about Air Force OCI guidance for contractors follows:

• (U) Disclosure is key: Contractors must actively disclose any potential conflicts of interest to the contracting officer, even if they seem minor. 
• (U) Avoid biased ground rules: A contractor should not be involved in developing specifications or requirements for a future contract where they intend to compete. 
• (U) Unequal access to information: If a contractor has access to sensitive government information that could give them an unfair advantage in a competition, they must manage that information appropriately. 
• (U) Mitigation strategies: If an OCI is identified, the contractor will need to demonstrate they have taken steps to mitigate the conflict, such as recusing personnel involved, creating information barriers, or modifying their proposal. 
• (U) Compliance with FAR Subpart 9.5: The Air Force expects contractors to comply with the FAR Subpart 9.5 and all relevant supplemental guidance regarding organizational conflicts of interest, which outlines procedures for identifying, evaluating, and addressing potential conflicts. 

(U) In responses to the below questions, please provide past performance (contract number, government point of contact/telephone number/email) that accurately substantiates and supports your role as a SETA contractor. Past performance must be reported in a manner that shows Official Conflict of Interest (OCI) as a SETA contractor has been preserved.
 

(U) PERIOD OF PERFORMANCE

The anticipated period of performance is one base year with four option years.

(U) RFI SUBMITTAL INSTRUCTIONS

(U) All eligible vendors are requested to submit their responses electronically NLT 5 Dec 2024. Negative responses (not interested and/or not capable) are also requested.

(U) Responses should be prepared in the contractor’s format by responding to the items below. Vendors should limit their responses to no more than two 8.5 x 11 sheets per question, with font size no less than 12-point.

(U) Responses are expected to be Unclassified. However, if certain pieces of information must exceed this level of classification, responses must be classified appropriately at a level not to exceed Top Secret/Sensitive Compartmented Information (TS//SCI), must be portion marked, and sent electronically using the network appropriate to the information classification level. The overall classification should be marked at the top and bottom of each page. Vendors should include information on the Security Classification Guide (SCG) used to classify the document on the front page of the submittal. If submissions include proprietary information, such submissions must properly label that information and clearly indicate any limitation s on its disclosure. Respondents are also requested to inform of any potential or actual Organizational Conflict of Interest (OCI) that may arise relevant to the subject matter in the RFI response. Please contact the RFI’s POCs to request email addresses for information that is higher than Unclassified.

(U) Vendors who are capable and interested in this opportunity are requested to complete all sections below. Vendors who are not capable and/or interested in this opportunity are request to only complete Sections 1-3.

(U) NOTE: The Contractor MUST overtly demonstrate experience, technical knowledge, and Past Performance in all listed competence areas.

(U) RFI QUESTIONS/RESPONSES:

1. (U) COMPANY INFORMATION:

COMPANY NAME:                                                                               CAGE CODE:

POC(NAME/PHONE/EMAIL):

2. WHAT IS YOUR COMPANY’S SOCIOECONOMIC STATUS UNDER NAICS 541611

SMALL (please specify type)                                                                 LARGE

3. WHAT IS YOUR COMPANY’S SOCIOECONOMIC STATUS UNDER NAICS 541330

SMALL (please specify type)                                                                 LARGE

4. (U) IS YOUR COMPANY CAPABLE/INTERESTED IN THIS OPPORTUNITY?

Yes / No (If no, any information regarding why you are not interested/capable is appreciated. If yes, please proceed to Question 4)

5. (U) CAPABILITY QUESTION A:

(U) The Government requires advice & assistance using all source intelligence collection, analysis, and reporting functions within a counterintelligence operational framework using network sensors and Netflow/PCAP to identify, categorize, and report activities attributed to cyber threat and malicious entities. Advisory services are needed to identify and report upon threat and malicious actors/activities who obtain and exfiltrate critical data from the defense industrial base.

6. (U) CAPABILITY QUESTION B:

(U) The Government requires advisory services from expert level knowledge, skills, and methods needed to integrate, scale, and expand existing capabilities using cloud-based, artificial intelligence & machine learning approaches within counterintelligence and counterespionage frameworks.

7. (U) CAPABILITY QUESTION C:

(U) The Government needs subject matter expertise that supports the ongoing conduct of counterintelligence operations using specialized capabilities, systems engineering, and cyber security methodologies.

8. (U) CAPABILITY QUESTION D:

(U) The Government requires expert level technical and administrative support enabling successful conduct of active/ongoing investigations and network monitoring activities across multiple Military Department Counterintelligence Organizations (MDCO's), Combatant Commands, Defense Agencies, and other government organizations. Subject matter expertise needs to encompass all areas that can be integrated into a cohesive program that is cloud-based, developed, and integrated by cross-functional teams.

9. (U) CAPABILITY QUESTION E:

(U) The Government needs subject matter expertise rooted in, and demonstrated with, personnel who have documented skills/experience in a role such as counterintelligence investigators, system engineering support for national intelligence systems, program & acquisition management expertise from the intelligence community, and cyber security best practices.

10. (U) CAPABILITY QUESTION F:

(U) The Government requires substantiated senior-level technical and program support expertise within the DoD digital and multi-media evidence archival and case management systems. Subject matter expertise needs to be leveraged to develop, integrate, and field a common DoD-wide case management system.

11. (U) CAPABILITY QUESTION G:

(U) The Government needs demonstrated expertise in current case management systems, legal authorities from each of the Military Department Criminal Investigative Organizations, and expert knowledge of the policy-level sensitivities that each MDCIO must adhere.

12. (U) CAPABILITY QUESTION H:

(U) The Government requires subject matter expertise that supports the ongoing conduct of Title 10 cyber operations and mission planning for specialized capabilities, systems engineering, and cyber security methodologies.

(U) Points of Contact:

• Ernest H. Perkins, Jr. – Contracting Officer – ernest.perkins.3@us.af.mil
• Dana Bass – Program Management – dana.bass.ctr@us.af.mil

(U) All communication regarding this RFI shall be performed via email.

(U) Telephone calls will not be entertained.