The VA seeks a contractor to provide full maintenance and managed services for its enterprise Hardware Security Module (HSM) fleet, which underpins cryptographic operations for clinical and administrative systems. The fleet consists of ten production HSM appliances (eight T-5000 and two T-2000) deployed across four CONUS data centers. The contractor must assume responsibility for the equipment in its as-found configuration and support the VA's Zero Trust modernization program. Post-quantum cryptography (PQC) readiness is now a mandatory requirement following NIST's August 2024 standards. The government is requesting industry feedback on technical approach, staffing, transition plans, and pricing to inform procurement planning.