Security Operations Center service (SoCaaS)

The bidder must confirm the standard exclusion grounds, including no final convictions in the last 5 years for participation in a criminal organisation, corruption or fraud. The machine-readable notice also requires confirmation that the bidder has taken self-cleaning measures if an exclusion ground exists, where allowed. In the compliance section, the bidder must also confirm that it will not use subcontractors or suppliers for more than 10% of the contract value if they are Russian citizens, residents, entities established in the Russian Federation, entities more than 50% owned by them, or representatives acting on their instructions. If the notice is not fully specific, the exact exclusion grounds and confirmations must be checked in the official tender documents.

The bidder must have, during the 36 months before publication of the tender, properly performed at least 2 Security Operations Center service contracts with a total value of at least EUR 100,000 excluding VAT, and those contracts must also have included information security management services. The bidder must submit the contract dates, contract values and the other party’s contact details, and the buyer may ask the other party to confirm performance. The bidder must ensure a team with sufficient competence for the whole contract period. The team must include at least 2 experts with Certified SOC Analyst or an equivalent certificate, at least 1 expert with CISSP or an equivalent certificate, at least 3 experts with a certificate or certificates proving competence related to the proposed vulnerability detection and management technology, and at least 1 expert with Microsoft Certified: Cybersecurity Architect Expert and/or Microsoft 365 Certified: Security Administrator Associate or an equivalent certificate.