Victoria's South West TAFE has issued a tender to find a qualified vendor for a security operations centre, worth up to $570,000 over three years.
The successful vendor will provide security monitoring, threat detection and response, security information and event management (SIEM) tools, incident triage and escalation, threat intelligence integration, compliance support and vulnerability management.
SWTAFE operates across multiple campuses in southwest Victoria including Warrnambool, Hamilton, Portland, Colac, Sherwood Park and Glenormiston, delivering training to over 6,400 students annually.
The institute currently maintains a hybrid security infrastructure leveraging cloud-native and on-premise tools through a third-party managed SOC service built around Rapid7 InsightIDR as the primary SIEM platform.
Existing infrastructure includes Rapid7 InsightVM for vulnerability management, Microsoft Defender for Endpoint protection, Fortinet firewall systems, Cisco Meraki cloud-managed network infrastructure and Office 365 security stack.
The current deployment encompasses 1,100 Rapid7 Insight Agents across endpoints, one network sensor for traffic capture and 26 log ingestion connectors aggregating data from firewalls, Windows systems and Office 365 environments.
"At a minimum, the SOC service capability proposed needs to deliver the same capability SWTAFE currently has and is compatible with existing hardware, software and log data sources," the tender documentation states.
Vendors must demonstrate capability across security functions including threat detection and response, endpoint protection, vulnerability management, firewall and perimeter security, email security, log collection and wireless access control.
Data security provisions require Australian tier 3 data centre storage to maintain regulatory compliance alongside support for ISO 27001 and Australian Signals Directorate Essential Eight frameworks.
The successful vendor will work collaboratively with SWTAFE to ensure continuity of security monitoring whilst supporting the institute's operational resilience and cybersecurity posture enhancement initiatives.
Submissions close at 4pm on 1 August.
_page-0001.jpg&w=100&c=1&s=0)
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
.png&q=95&h=298&w=480&c=1&s=1)
