Safety consultancy services | Tenderlake

Safety consultancy services

Contract Value:
EUR 3M - 3M
Notice Type:
Contract Notice
Published Date:
19 May 2023
Closing Date:
29 June 2023
Location(s):
DEB35 Mainz, Kreisfreie Stadt (DE Germany/DEUTSCHLAND)
Description:
RV DL Support Information Security

ISB needs support in the continuous maintenance and further development of a high level of IT security, including above all the further procedure of using Security Information & Event Management (SIEM) and operationalizing the previously defined target measures.

The organizational units IT Control, IT Operations and Risk Management require support and consulting services in the following areas of responsibility:

- Information security management: Further development of the structural and procedural organization, processes and controls, conception, implementation, operationalization, IT standards to be observed: BSI and ISO 2700x

Technical support to the Information Security Officer and the ISMS team in the following tasks:

-- Support for the annual revision of the Information Security Guideline as well as the Information Security Guidelines

-- Assistance in performing the 2LoD monitoring function

-- Support in the further development of the target catalogue of reference measures

-- Support in the implementation of audits

-- Support in the further development of quarterly reporting

-- Support in the development of security specifications for external IT service providers

- Operational information security (structural and procedural organization, processes and controls, conception, implementation, operationalization, RiMaGo software used, BIC tool, IT standards to be observed: BSI and ISO 2700x)

-- Revision and further development of policies and procedures in the area of operational information security

-- Assisting the bank in defining IT systems to be included in logging and monitoring

-- Supporting the bank in the operationalization of the Security Operations Center

-- Supporting the bank in the further development of SIEM, use cases, evaluation of vulnerability analyses and pentesting

-- Supporting the bank in operationalization, measures to ensure information security, including external DL

-- Assisting the Bank in dealing with information security events and incidents

-- Support of the bank in the operationalization of target/actual comparison, recertification of technical settings

-- Establishment of an information security team to support the ISB

-- Revision and further development of the specifications for the Security Operations Center and security messages (e.g. Cert messages from the BSI)

-- Supporting the ISB in operationalizing the "Second Line of Defense" monitoring function

-- Collaboration with information security management

- SIEM software (ProLog software used, extension of the existing SIEM solution or implementation of an alternative SIEM solution if necessary)

- Know-how-Transfer

Download full details as .pdf
The Buyer:
Investitions- und Strukturbank Rheinland-Pfalz (ISB)
CPV Code(s):
72222000 - Information systems or technology strategic review and planning services
79417000 - Safety consultancy services
79996000 - Business organisation services