Request for Information - Information Technology Global Operations
Contact and place of performance
Ronald Moton
Peachtree City, GA 30269
USA
The Department of Defense Education Activity is issuing this Request for Information (RFI) to assess Small Business market capability to provide Global Operations Support Services as described in the Draft Performance Work Statement (PWS) supporting DoDEA's worldwide enterprise. This RFI is strictly for market research in accordance with FAR Part 10 and will help determine appropriate acquisition and compet...
View moreThis notice does not constitute a solicitation. No contract will be awarded from this announcement.
2. BACKGROUND
DoDEA operates a global PK–12 school system across the Americas, Europe, and Pacific, with 160 schools in 11 foreign countries, 7 U.S. states, Guam, and Puerto Rico. The DoDEA IT enterprise requires continuous cybersecurity, cloud operations, device management, application modernization, and enterprise network support.
The Draft PWS defines outcome‑based objectives, performance standards, and Acceptable Quality Levels (AQLs) across all functional areas.
3. NAICS & SIZE STANDARD
4. SCOPE OVERVIEW
The Draft PWS requires contractors to provide comprehensive global IT services including:
5. SUBMISSION INSTRUCTIONS
A. Response Due Date
Responses are due within 10 business days of the posting date on SAM.gov.
B. Submission Method
Email submissions to:
[Insert Government Email Address]
Subject Line: “RFI Response – DoDEA IT Global Operations Support – [Company Name]”
C. Format Requirements
D. Optional Attachments Allowed (Not counted toward page limit)
6. PROPRIETARY INFORMATION
Do not submit classified information or CUI. Proprietary information must be clearly marked.
7. DISCLAIMER
This RFI is for planning purposes only and does not obligate the Government to issue a solicitation or award. The Government will not reimburse respondents for the cost of preparation.
8. STRUCTURED RFI QUESTIONS (REQUIRED)
Respondents must answer all 19 questions below within the 13‑page narrative limit.
A. Corporate Capability & Program Management
1. Corporate Capability & Global Reach
Describe your company’s capabilities and global delivery footprint supporting DoDEA’s worldwide presence (Americas, Europe, Pacific).
2. Integrated Program Management Approach
Explain how you would manage an integrated program covering SOC, NOC, DevSecOps, Device Management, CloudOps, Agile PM, Requirements Analysis, and Technical Writing, aligned to the PRS and QASP.
3. Lines of Communication & Coordination
Describe your lines of communication with DoDEA HQ, regional offices, COR, PMO, SOC/NOC leads, and school facilities, including communication during normal hours (0700–1700 ET) and surge periods.
4. Small Business Staffing & Surge Capacity
Explain your small business staffing model, teaming/JV structure (if applicable), key labor categories, and ability to surge across global operations while meeting AQLs.
5. Compliance Readiness
Describe your readiness to support DoD/DoDEA requirements (DoD Zero Trust, DoDI 8510.01/RMF, NIST 800‑53, STIGs, FedRAMP), and any existing certifications or compliance methods.
B. Objective 1 – SOC Support
6. 24×6 SOC Operations Capability
Describe your capability to operate a 24×6 Tier 1–3 SOC using Microsoft Sentinel/Defender, Azure Data Explorer, incident response, and ability to meet MTTD/MTTR standards.
7. Detection Engineering & Readiness
Explain your experience with detection engineering (custom rules, tuning), threat hunting, and readiness exercises (purple team/tabletop), including dashboard/report development.
C. Objective 2 – DevSecOps & Application Development
8. Secure SDLC & CI/CD Practices
Describe your Secure SDLC and DevSecOps methods including requirements, design, coding, testing, SAST/DAST, quality gates, CI/CD pipelines, Zero Trust integration, and traceability.
9. Application Development Expertise & Sustainment
Describe your experience with Angular, .NET, SQL, HTML, JavaScript, and C#, and how you ensure availability, code quality, test coverage, deployment frequency, and IP delivery. ]
D. Objective 3 – Enterprise Device Management
10. Unified Endpoint Management
Describe your experience with Intune, Entra ID, Autopilot, Apple School Manager/MDM, ChromeOS, and IoT management, including alignment with Zero Trust and compliance baselines.
11. Compliance Reporting & Troubleshooting
Explain your approach to compliance dashboards, device posture reporting, and Tier‑2 troubleshooting while maintaining Zero Trust enforcement.
E. Objective 4 – Enterprise NOC Support
12. NOC Operations Capability
Describe your experience managing SD‑WAN, LAN, WLAN (Aruba), firewalls, cloud networking, segmentation, and fabrics while maintaining STIG/NIST compliance.
13. Availability, Incident Response & Documentation
Explain how you will meet AQLs for 99.9% service availability, P1 MTTR, change success rate, and timely updates to network baselines and diagrams.
F. Objective 5 – CloudOps
14. Cloud Administration & Zero Trust
Describe your experience administering Google Workspace and Azure, enforcing Zero Trust IAM, performing configuration reviews, incident response, and meeting availability AQLs.
G. Objective 6 – Agile Project Management
15. Enterprise‑Scale Agile Management
Explain your Agile approach (Scrum, Kanban, scaled Agile) to coordinating SOC, NOC, CloudOps, DevSecOps, and device management workstreams, including use of KPIs
H. Objective 7 – Business Case & Requirements Analysis
16. Requirements Analysis & Governance
Describe your methodology for eliciting, validating, and documenting requirements; building RTMs; conducting alternatives analysis; and supporting governance review cycles.
I. Objective 8 – Technical Writing
17. Documentation Quality & Repository Management
Explain your process for policy‑aligned documentation, templates, style guides, diagrams, approval workflows, accessibility, and storing artifacts in authorized repositories.
J. Staffing, Clearances & Constraints
18. Staffing, Clearances & Regulatory Constraints
Describe your ability to meet clearance requirements, background checks for facility/school access, FAR/DoDEA constraints, GFP/GFE handling, and work‑hour limitations (0700–1700 ET).
K. Information Technology Certifications
19. Information Technology Requirements
List organization information technology certifications and certification levels. Examples of these are ISO, CMMI, and CMMC.
(LISTED AS AN ATTACHMENT)
The Department of Defense Education Activity (DoDEA) has issued this Special Notice to conduct market research and assess the capability of small businesses to provide Information Technology Global Operations Support. This Request for Information (RFI) will inform the acquisition strategy for integrated support across the DoDEA worldwide enterprise, which serves 160 PK-12 schools in 11 foreign countries and various domestic locations. The government seeks feedback on a Draft Performance Work Statement (PWS) that outlines eight core functional areas: 24/7 Security Operations Center (SOC) management, DevSecOps and cloud-native application development, enterprise device management, Network Operations Center (NOC) support, CloudOps for Google Workspace and Microsoft Azure, Agile project management, business case analysis, and technical writing.
The required services focus on maintaining continuous cybersecurity, application modernization, and network reliability for the global school system. Specific technical requirements include monitoring 24/6 SOC incident responses using Microsoft Sentinel and Defender, managing unified endpoints across Windows and ChromeOS, and supporting SD-WAN and firewall architectures. Contractors must be able to operate within a global delivery footprint while adhering to Department of Defense Zero Trust standards, NIST 800-53, and FedRAMP requirements. Performance will be measured against outcome-based objectives and Acceptable Quality Levels (AQLs) for service availability and incident response times.
This notice is classified under NAICS 541513, Computer Facilities Management Services, and PSC R408, Support- Professional: Program Management/Support. The opportunity is designated as a Small Business (SBA) set-aside. Responses are due by March 2, 2026, and must be submitted via email to the primary point of contact, Ronald Moton, at the DoDEA office in Peachtree City, Georgia. The RFI materials include two attachments: the Draft Global Operations Support PWS and the RFI questionnaire. Submissions are limited to a 15-page narrative response, though optional attachments such as capability matrices and corporate experience summaries are permitted.
Generated by Lumen AI
Scoped analysis and attachments—go beyond the summary when you need detail from the solicitation package.