Military Sealift Command (MSC) Cybersecurity Support Services (CSS)

This is a SOURCES SOUGHT NOTICE to determine the availability and technical capability of small businesses and large businesses (including the following subsets: Small Disadvantaged Businesses, Certified 8(a), Service-Disabled Veteran-Owned Small Businesses, HUBZone Small Businesses and Woman-Owned Small Businesses) to provide the required products and/or services.

The MSC CSS is seeking information from potential sources for cybersecurity operations, risk management, and compliance support. The requirement is to provide all elements of cybersecurity support including:

• Supporting vulnerability management through cybersecurity site visits to assist civilian and contract mariners with patching and scanning of systems and networks


• Afloat site, system, and operational technology Assessment and Authorization support including mission-based cybersecurity risk assessments.


• Supporting inspections and performing compliance visits to measure cybersecurity readiness of individual ship or department adherence with compliance measures.

MSC requires sources with an in-depth knowledge of Department of the Navy and Department of Defense (DoD) cybersecurity directives and procedures.

The anticipated period of performance is one (1) 12-month Base Period plus four (4) 12-month Option Periods, estimated to be the following:

Base Period: May 15, 2026 – May 14, 2027

Option Period 1: May 15, 2027 – May 14, 2028

Option Period 2: May 15, 2028 – May 14, 2029

Option Period 3: May 15, 2029 – May 14, 2030

Option Period 4: May 15, 2030 – May 14, 2031

The anticipated place of performance will primarily be the contractor facility. Frequent meetings at Government sites in the Norfolk, VA metropolitan area is expected, and would be considered routine and not billable travel. Tasks may require travel to other MSC, U.S Navy, United States Transportation Command (USTRANSCOM) or DoD installations to include but not limited to the following, which may be considered billable:

• 
  
  
  
  • MSC Network Operations Center, Pensacola FL
  
  
  • MSC Headquarters, Norfolk VA
  
  
  • MSC Ship Support Unit (SSU) San Diego CA
  
  
  • MSC SSU Japan
  
  
  • MSC SSU Singapore
  
  
  • MSC SSU Bahrain
  
  
  • MSC SSU Guam
  
  
  • Military Sealift Command Office (MSCO) Pearl Harbor, HI
  
  
  • MSCO Diego Garcia
  
  
  • MSC SSU Naples
  
  
  • Pacific Region Network Operations Center, Wahiawa, HI
  
  
  • Unified Atlantic Region Network Operations Center, Norfolk, VA
  
  
  • USTRANSCOM Headquarters, Scott AFB IL
  
  
  • Other Contractor Facilities