Inactive Total Small Business Set-Aside (FAR 19.5)

The NAVAIR Security Team is responsible for providing all program offices with the people, skills, knowledge, and expertise required to provide control measures for protecting classified and controlle... The NAVAIR Security Team is responsible for providing all program offices with the people, skills, knowledge, and expertise required to provide control measures for protecting classified and controlled unclassified information. The scope of this effort is to provide a full range of Platform Security for the Naval Air Systems Command (NAVAIR), Naval Air Warfare Centers (NAWC), and Commander, Fleet Readiness Centers (COMFRC). Platform Security can be defined as security of a Warfighter platform (including the subsystems and support equipment) against foreign intelligence collection and exploitation against all attack surfaces; collection attacks against the program and associated contractors; cyber-attack against program and contractor networks; cyber-attack against the platform during system operation; supply chain attack; collection via international programs; and reverse engineering attack in case of loss on the battlefield or foreign sale. All of these attacks can yield information, which will allow adversaries to understand U.S. capabilities, understand U.S. sources and methods, develop countermeasures (material or non-material) against the weapon system, transfer technology for their own weapon system development, or utilize knowledge gained to mount a kinetic or cyber-attack against the platform. Additionally, knowledge gained from each type of attack can inform future attacks in the same or other types of attacks. Please note that the Contracting Office Address listed below on this notice IS NOT the address used for this requirment. Please refer to the attached RFP for all correct addresses.

Inactive Total Small Business Set-Aside (FAR 19.5)

The requirement is to provide various types of support including: acquisition security (ACQSEC) support; security modeling; program security management - physical security, personnel security, informa... The requirement is to provide various types of support including: acquisition security (ACQSEC) support; security modeling; program security management - physical security, personnel security, information security, industrial security, communications security (COMSEC), operations security (OPSEC), security classifications guides, program protection plan (PPP), and incident response; trusted systems and network (TSN) – criticality analysis, anti-counterfeiting, supply chain risk management and software assurance; cybersecurity - cyber risk assessment (CRA) and risk management framework (RMF) processes, system survivability key performance parameter (KPP) requirements development, CYBERSAFE, and cyber testing; anti-tamper (AT)– critical program information (CPI) assessment; AT system analysis and requirements development including attack and countermeasure tree; international programs security support (foreign disclosure and foreign visits) - technology transfer policy, foreign disclosure, export control, foreign visits, foreign partner security assessments, and end use monitoring; physical security/force protection/anti-terrorism/emergency management; system security engineering (SSE) - translating policy requirements in the above areas into system requirements, specs, design, development, test, sustainment and export of secure platforms and systems; configuration control; and requirements validation.