The Australian Transaction Reports & Analysis Centre (AUSTRAC) has released a request for quote to engage a provider to deliver an externally managed PROTECTED Security Operations Centre (SOC).
AUSTRAC is looking to move to a managed SOC to leverage benefits not available with existing in-house resources under the agency’s current operating model, including continuous monitoring and threat detection (24/7/365); a centralised hub for both tools and expertise; faster incident response; and access to security expertise.
The requirements for this procurement will be delivered in three Phases.
In Phase 1, the succesful provider will undertake work to understand and clearly define the SOC service and capabilities required at AUSTRAC, developing a detailed SOC operating model including roles and responsibilities between the vendor and AUSTRAC, both during standard operations and in the event of a cyber incident;
The provider will also be required to assess and recommend a preferred SIEM solution; analyse and provide a recommendation for using AUSTRAC vs the vendor’s SIEM instance; undertake a gap analysis of AUSTRAC’s current security operations processes against best practice;and
develop a detailed roadmap and implementation plan to deliver the operating model, consolidated SIEM solution and uplifts to best practice.
In Phase 2, utilising the roadmap developed and agreed upon in Phase 1, the provider will set up the SOC and mature associated capabilities, such as consolidating to one SIEM and tuning alerts.
In Phase 3, the final phase of the contract, the provider will provide ongoing managed SOC services, including providing advice regarding, and supporting implementation, of best-practice recommendations as they change over time.
The estimated start date of the contract is 1 March 2026, with an initial contract duration of 12 months and two further 12-month extensions a possibility.
The RFQ closes on 17 February 2026 at 11:59pm, Canberra time
.png&h=142&w=230&c=1&s=1)
.jpg&h=142&w=230&c=1&s=1)
.jpg&w=100&c=1&s=0)
