The scope of this new PAC (Agile Cybersecurity Partnership) contract is as follows:
Lot 1: Operation, MCO and management of applications and infrastructures related to the following perimeters on the standard IS (cyber surveillance (SIEM / SOAR, etc.), protection of servers and tertiary workstations (Antivirus, EDR), vulnerability management (vulnerability scanners, vulnerability cockpit, WSUS, vulnerability monitoring), GRC tools (Risk and Compliance Governance)
Lot 2: Operation, MCO and management of applications and infrastructures related to the PDIS perimeter (Cybersurveillance and GRC tools)
Lot 3: Services specific to the SOC (Security Operations Center) and the VOC (Vulnerability Operations Center) (SOC Analysts, VOC Vulnerability Analysts, Development of cyber use cases following cyber alert reports, etc.)
Lot 1 Operation of the non-regulatory DSIT cybersecurity chainLot 1 is divided into 2 major activities:
• Infrastructure operation and administration
This activity is entrusted to the HOLDER under the supervision of the COMPANY.
It essentially includes the following tasks for the entire scope of the project:
o Supervision,
o Exploitation,
o Management of incidents, requests, changes, problems,
o Management of knowledge, documentation and repositories
• Agile infrastructure engineering
This activity is carried out in "product mode". The HOLDER provides resources that will work together with the COMPANY's resources in teams known as "mixed teams". The SAFE methodology is adhered to. The joint teams work together on the evolution of infrastructure products as well as automation.
Duration of the contract: 8 years, including 3 firm years and 5 optional years
Lot 2 Operation of PDIS infrastructureLot 2
Lot 2 has activities similar to Lot 1, on a regulatory perimeter (PDIS)
The activities are:
• Infrastructure operation and administration
This activity is entrusted to the HOLDER under the supervision of the COMPANY.
It essentially includes the following tasks for the entire scope of the project:
o Supervision,
o Exploitation,
o Management of incidents, requests, changes, problems,
o Management of knowledge, documentation and repositories
• Agile infrastructure engineering
This activity is carried out in "product mode". The HOLDER provides resources that will work together with the COMPANY's resources in teams known as "mixed teams". The SAFE methodology is adhered to. The joint teams work together on the evolution of infrastructure products as well as automation.
Lot 3 SOC & VOC Analysts (PDIS and non-PDIS scope)Lot 3 is divided into 3 major activities:
• L1 SOC analysts (for regulatory and non-regulatory environments)
• Recording and qualification of security alerts
• Security incident management
• Escalation of critical security incidents
• Updated the Incidents knowledge base
• Contribution to the automation of security incident handling
• Vulnerability Indicators and Reporting
• Vulnerability Analysts
• Vulnerability monitoring
• Facilitation of Vulnerability Symposiums
• Implementation of vulnerability scanning / compliance
• Supporting the company in covering new perimeters
• Centralization of vulnerabilities in a cockpit
• Analysis and restitution of vulnerabilities
• Definition and follow-up of priority remediation projects
• Vulnerability Indicators and Reporting
• CyberSOC developments
• SIEM monitoring
• Automation of Cyber use cases
• etc.