RFP #2026-19 24/7 CYBERSECURITY MONITORING Q & A

Bidders ID: NBD23912664794260290
Due Date: Jul 1, 2026
Posted Date: Jun 24, 2026
Level of Government: State & Local
State: South Carolina
Agency: Jasper County
Category:
  • F - Natural Resources and Conservation Services
Source: Members Only


RFP #2026-19 24/7 CYBERSECURITY MONITORING

Jasper County Government (“County”) is soliciting sealed proposals from qualified cybersecurity managed service providers (MSPs), managed security service providers (MSSPs), or cybersecurity consulting firms to provide comprehensive 24/7 cybersecurity monitoring, cyber network monitoring, patch management, incident response support, and compliance-related cybersecurity services until Wednesday, July 1, 2026, at 1:00 p.m. at which time the names of the Proposers will be publicly read aloud in the Jasper County Council Chamber.

RFP #2026-19

RFP #2026-19 Cybersecurity Q & A

The Proposal may also be submitted via mail or hand delivered in a sealed envelope to the address below with “24/7 Cybersecurity RFP #2026-19” written on the outside of the envelope. It must be received no later than 1:00 p.m. on Wednesday, July 1, 2026. Vendors choosing to submit a hard copy should submit an original and five copies. Any Proposals submitted or delivered after the above time will NOT be accepted under any circumstances. Proposals submitted by email will NOT be accepted.

The Proposal can be mailed or hand delivered to:

Kimberly Burgess, Dir., Administrative Services Jasper County Government Building

358 Third Avenue, Suite 304

PO Box 1194

Ridgeland, SC 29936

The Proposal name reading will take place in the Jasper County Council Chamber located at:

Clementa C. Pinckney

Jasper County Government Building

358 3 rd Avenue, Third Floor

Ridgeland, SC 29936

Questions Regarding the RFP

All questions regarding this RFP shall be submitted in writing to:

Lekisha Brown

Deputy Director

Information Technology

252 Russell St.

Ridgeland, SC 29936

Any questions regarding this Proposal must be submitted in writing via email to labrown@jaspercountysc.gov

NO LATER than Monday, June 22, 2026, by 5:00 pm.

Attachment Preview

REQUEST FOR PROPOSAL (RFP)
RFP #2026-19
24/7 CYBERSECURITY MONITORING,
PATCH MANAGEMENT, AND CYBER NETWORK
MONITORING SERVICES
JASPER COUNTY, SOUTH CAROLINA
JUNE 4, 2026
1. INTRODUCTION
1.1 Purpose
Jasper County Government (“County”) is soliciting sealed proposals from qualified
cybersecurity managed service providers (MSPs), managed security service providers (MSSPs),
or cybersecurity consulting firms to provide comprehensive 24/7 cybersecurity monitoring,
cyber network monitoring, patch management, incident response support, and compliance-
related cybersecurity services until Wednesday, July 1, 2026, at 1:00 p.m. at which time the
names of the Proposers will be publicly read aloud in the Jasper County Council Chamber.
The County seeks a vendor partner capable of leveraging the County’s existing cybersecurity and
IT infrastructure, tools, and software platforms while enhancing the County’s overall
cybersecurity posture. The selected vendor should provide continuous monitoring, proactive
threat detection, vulnerability management, patch management, incident response coordination,
reporting, and audit support.
Additionally, the selected vendor shall be responsible for assisting with and completing all
required NCIC, CJIS, and South Carolina Law Enforcement Division (SLED) cybersecurity
audits, compliance reviews, documentation, and reporting requirements applicable to Jasper
County Government.
2. BACKGROUND
Jasper County Government operates a diverse technology environment supporting county
administration, public safety, emergency services, judicial systems, public works, finance, GIS,
and other county operations. The County maintains cybersecurity tools and software currently in
place and desires a cybersecurity partner capable of integrating with and utilizing existing
systems wherever feasible.
The County’s primary goals include:
Enhancing cybersecurity visibility and protection
Providing continuous 24/7 monitoring and alerting
Reducing cybersecurity risk exposure
Improving incident response readiness
Page 1 of 13
Maintaining compliance with CJIS, NCIC, SLED, and applicable state and federal
cybersecurity standards
Strengthening vulnerability and patch management processes
Ensuring operational continuity and cybersecurity resilience
3. SCOPE OF SERVICES
The selected vendor shall provide the following services at a minimum.
3.1 24/7 Security Operations Center (SOC) Monitoring
Vendor shall provide continuous 24 hours per day, 7 days per week, 365 days per year
cybersecurity monitoring services.
Services shall include:
Continuous monitoring of network traffic, endpoints, servers, firewalls, switches, routers,
and security devices
Monitoring of security events, alerts, and logs
Threat detection and correlation analysis
Real-time alerting and escalation procedures
Detection of ransomware, malware, unauthorized access attempts, and suspicious activity
Continuous review of security telemetry and threat indicators
Identification and triage of critical cybersecurity incidents
Threat intelligence integration
Continuous monitoring of cloud-based systems and services where applicable
Security event management and reporting
Security log review and analysis
Security alert prioritization and escalation
Vendor shall provide documented escalation procedures and incident notification timelines.
3.2 Cyber Network Monitoring
Vendor shall provide comprehensive cyber network monitoring services for the County’s IT
infrastructure.
Services shall include:
Network traffic analysis
Internal and external network monitoring
Firewall monitoring and rule review
Intrusion detection and prevention monitoring
Unauthorized device detection
Page 2 of 13
Network anomaly detection
Bandwidth and suspicious communication monitoring
Monitoring for lateral movement within the network
DNS monitoring and analysis
VPN monitoring
Remote access monitoring
Monitoring of privileged accounts and administrative access
Continuous health monitoring of cybersecurity systems
Vendor shall provide recommendations for improving network security architecture where
vulnerabilities or weaknesses are identified.
3.3 Patch Management Services
Vendor shall provide comprehensive patch management services utilizing the County’s existing
software and patch management tools whenever feasible.
Services shall include:
Operating system patch management
Third-party software patch management
Firmware update management
Security update testing and validation
Critical vulnerability remediation
Patch deployment scheduling and coordination
Emergency patch deployment for critical threats
Patch compliance reporting
Vulnerability prioritization
Documentation of applied patches and remediation activities
Verification and validation of successful patch deployment
Vendor shall maintain procedures to minimize operational disruption while ensuring timely
remediation of vulnerabilities.
3.4 Vulnerability Management
Vendor shall provide ongoing vulnerability management services.
Services shall include:
Routine vulnerability scanning
Internal and external vulnerability assessments
Vulnerability prioritization based on risk
Remediation recommendations
Validation of remediation efforts
Page 3 of 13
Reporting of critical vulnerabilities
Risk scoring and tracking
Assistance with remediation planning
Coordination with County IT staff
Vendor shall provide monthly vulnerability assessment summaries and remediation status
reports.
3.5 Incident Response Services
Vendor shall provide incident response support services.
Services shall include:
Incident detection and analysis
Incident containment recommendations
Threat eradication support
Recovery assistance
Root cause analysis
Incident documentation
Forensic coordination support
Coordination with County IT staff and leadership
Escalation procedures for critical incidents
After-action reporting and recommendations
Vendor shall provide emergency contact procedures and escalation paths available 24/7.
3.6 Existing Tools and Software Integration
The County intends to maintain and continue utilizing existing cybersecurity and IT management
tools where operationally feasible.
Vendor shall:
Assess and integrate with the County’s existing cybersecurity tools
Utilize existing monitoring, logging, and endpoint solutions whenever possible
Minimize unnecessary replacement of existing systems
Provide recommendations only where improvements are necessary
Identify any required licensing or integration costs
Coordinate with County IT staff regarding compatibility and implementation
Vendor shall clearly identify:
Tools currently supported
Additional tools proposed
Page 4 of 13
Any required software changes
Any additional hardware requirements
Any licensing dependencies
3.7 Compliance and Audit Support
The selected vendor shall be responsible for supporting and completing cybersecurity-related
audits and compliance requirements applicable to Jasper County Government.
This includes, but is not limited to:
NCIC audit preparation, management, and support
SLED cybersecurity audit support and completion
CJIS audit preparation, compliance support, and documentation management
CJIS Security Policy compliance assistance
Security documentation maintenance
Policy and procedure review assistance
Audit evidence collection and preparation
Remediation planning for audit findings
Compliance reporting
Coordination with state and law enforcement entities as required
Assistance with cybersecurity risk assessments
Documentation necessary for compliance reviews
Vendor must demonstrate familiarity with:
NCIC requirements
CJIS Security Policy
South Carolina state cybersecurity requirements
SLED audit expectations
Government cybersecurity best practices
Law enforcement system security requirements
Vendor shall assume primary responsibility for completing all required cybersecurity audit
deliverables under the scope of this contract.
3.8 Reporting Requirements
Vendor shall provide detailed reporting including:
Weekly cybersecurity briefing reports summarizing incidents, vulnerabilities,
remediation activities, patching status, and threat activity
Weekly status meetings or virtual briefings with County IT leadership as requested
Comprehensive monthly executive cybersecurity reports
Incident summaries
Page 5 of 13
You are viewing the opportunity summary page, which includes a brief overview and a preview of the attached documents.
Disclaimer: The details regarding bids, requests for proposals (RFPs), and requests for qualifications (RFQs) on this site are provided for convenience and do not represent official public notice. To respond to or inquire about bids, RFPs, or RFQs, please contact the appropriate government department.

TRY FOR FREE

Not a GovernmentBidders Member Yet?

Get unlimited access to thousands of active local, state and federal government bids and awards in All 50 States.

Start Free Trial Today >