Request for Proposal (RFP) - Security Information and Event Management (SIEM) Solution

1. Introduction:

We seek proposals from qualified vendors to provide our organisation with a comprehensive Security Information and Event Management (SIEM) solution. The selected SIEM solution will be integral to our cybersecurity infrastructure, aiding in real-time security events detection, incident response, and compliance management.

2. Scope of Work:

The selected vendor shall provide a SIEM solution capable of:

• Real-time monitoring and alerting of security events and logs across all network and system assets.
• Dynamic configuration of alerts based on event data.
• Correlation of security events to identify patterns and potential threats.
• Log aggregation and storage for compliance reporting and forensic analysis.
• User and entity behaviour analytics (UEBA) for anomaly detection.
• Integration with existing security tools and platforms, such as firewalls, IDS/IPS, and endpoint protection solutions.
• Customizable dashboards and reports for visualization and analysis.
• Automated incident response and remediation capabilities.

The vendor will also be responsible for:

• Designing the technical architecture and the infrastructure requirements (compute, memory, storage, bandwidth) of the solution that will cover our needs (events to collect, alerts to trigger, analysis to conduct…)
• Deploying the solution on-premise (we will provide the infrastructure).
• Knowledge transfer (Deployment and training internal staff)
• Post go-live Maintenance and support

3. Technical Requirements:

The proposed SIEM solution must meet the following technical requirements:

• Support multiple data sources and formats which includes but not limited to syslog, kubernetes, SNMPv3, s3 buckets, Application audit logs, Application gateway, Next generation Firewall, SaaS platforms, Database Activity Monitoring tools, EDR, and Network traffic.
• Scalability to handle large volumes of data in distributed Scale-out architecture is preferred.
• Role-based access control (RBAC) for granular user permissions.
• Compliance with industry standards and regulations, such as GDPR, HIPAA, and PCI DSS.
• High availability and disaster recovery capabilities.
• Support on-premises
• Advanced threat detection capabilities, including threat intelligence feeds and machine learning algorithms.
• SOAR capabilities.
• Built-in security response playbooks
• Ability to integrate to multiple Notification channels including but not limited to Emails, slack, pagerduty and Opsgenie
• Built-in multi-tenant capabilities
• Built-in Host-based Intrusion Detection System functionalities.
• Dynamic configuration of alerts based on event data.

Technical requirements of the personnel deploying the SIEM:

• A solid understanding of SIEM concepts and platforms.
• Have deployed the SIEM for at least two organisations.
• Holds certification(s) from the SIEM provider or any other evidence of SIEM platform knowledge.
• At least 2 years of experience as a Security Engineer or related positions.
• Knowledge of incident response and remediation processes.
• Experience with at least one scripting language.
• Strong English communication skills, both written and verbal.

4. Proposal Submission:

Interested vendors should submit their proposals electronically through Irembo’s e-procurementportal no later than 24th April 2024 at 5 PM. Bidders will be required to sign up or register if they don’t have an account already. More guidelines can be found on the signup page.

Proposals must include the following:

• Detailed description of the proposed SIEM solution, including technical specifications and architecture diagrams.
• Pricing structure, including licensing fees, implementation costs, and ongoing support/maintenance fees.
• Company profile
• At least three (3) references of similar implementation.
• Technical personnel resumes.
• Project plan for design, implementation, and deployment. 
• Any additional features or services offered by the vendor.
• Certificate of company incorporation

Technical proposals and financial proposals should be sent separately in PDF format in the e-procure tool

5. Evaluation Criteria:

Proposals will be evaluated based on the following criteria:

Technical evaluation (70%)

• Compliance with technical requirements and scope of work.
• Vendor experience and reputation.
• Quality of proposed implementation plan and timeline.
• Suitability of the proposed solution for our organizations needs.
• Personnel experience and expertise

Financial evaluation (30%)

• Cost-effectiveness and value proposition

6. Contract Award:

The contract will be awarded to the vendor whose proposal best meets the needs of our organisation both technically and financially, as determined by the evaluation committee. We reserve the right to negotiate terms and conditions with the selected vendor.

7. Contact Information:

For questions or clarifications regarding this RFP, please contact us at procurement@irembo.com