23/029 - 23/029 - Cyber Security Operations Centre Services

Descriptions

Gas Networks Ireland is seeking the provision of the following managed security services: • Ongoing build out of our GNI Estate Coverage (IT), (OT), (ICS) SIEM logging, Use Cases in line with NIST, ISO 27001, NIS Directive 2016/1148 & MITRE Cyber Security Frameworks. • Continuous Vulnerability Management scanning, reporting of all GNI assets. Risk Identification of Assets, Automatic Ingestion into SIEM for Mitigation of system owners. • Managed offsite security monitoring and alerting of the entire Information Technology (IT), Operational Technology (OT) and Industrial Control System (ICS) infrastructure and systems. • SIEM Dashboards for Asset Identification, Risk & Monitoring, Security Infrastructure, Risk Identification, Compliance of Vulnerabilities, Mitigation Solutions, Monitoring, Detection Alerting for 24/7 365 Cover, Respond, Recover & Threat Hunting capabilities. • Threat Intelligence integration, including Surface web & Dark web monitoring & Security Orchestration Automation & Response (SOAR) SIEM integration, SIEM Alert Testing & implementation. • User Behavioural Analytics Security Monitoring & Alerting, with our NDR to be connected to HIDS, NIDS, EDR, IDS/IPS, DLP, PCAP Traffic, WAF, Proxy, FIM, Email, Honeypot/Canary SIEM integration • Complete end to end Digital Forensics with Malware Sandbox integration into GNI • Incident Response services to include incident management. • Ticket System (Service Now) Integration with SIEM as well as Standard Operating Procedure, Playbook & Runbook integration • Outlined Service Licence Agreement for Incident response and continuous improvement works • Playbook, Runbook Simulation Exercises end to end • Root Cause Analysis, Lessons Learned/Risk Register Identification, Continuous Review & Reporting.