A government authority in Boston, Massachusetts seeks a vendor to deliver managed security operations and Splunk engineering support services. The provider will support a hybrid Security Operations Center (SOC) model, integrating with the internal SOC team to ensure continuous protection of state assets with 24x7x365 monitoring and response capabilities.

Services include the utilization of the Splunk Enterprise Security instance for identifying, investigating, and triaging security incidents. The provider is expected to carry out unlimited investigations into anomalies and malicious activity found through Splunk dashboards, and engage in proactive threat hunting with emphasis on adversarial intelligence relevant to State and Local government sectors.

Additional responsibilities involve streamlining daily transitions between the internal SOC and external service provider, onboarding and reviewing new data sources for compatibility, developing security use cases, installing and configuring Splunk Add-ons and Applications, as well as creating custom dashboards, reports, and alerts for the Central SOC. The contract is for a three-year period, and questions must be submitted by March 6, 2026.