Managed Security Service Provider

Purpose of this Request: The Representative of the Secretary-General (RSG) has been delegated the responsibility and authority to act on behalf of the Secretary General in all matters relating to the investment of the assets of the Fund. The RSG is assisted by the Office of Investment Management (OIM). Investments must, at the time of initial review, meet the criteria of safety, profitability, liquidity, and convertibility. As a signatory to the United Nations’ Principles of Responsible Investing or PRI since 2006, the Office of Investment Management (OIM) incorporates Environmental, Social, and Governance (ESG) considerations throughout the investment decision-making process for all asset classes.Identifying, measuring, and managing all aspects of risks to which the Fund is exposed is the primary responsibility of our Risk Management and Compliance department, along with implementing key compliance measures such as adequate monitoring and control processes covering the Fund’s investments. OIM is ISO 27001 and ISO 22301 Certified for their ISMS and BCMS. OIM seeks qualified Managed Security Services Providers (MSSP). A “managed security services provider” (“MSSP”) is defined as a third-party cybersecurity company that provides outsourced monitoring and management of security devices and systems for its customers utilizing the latest technologies and best practice procedures. The MSSP should be with an industry leading Security as a Service (“SECaaS) solution which provides 24/7 managed security services (“MSS”) that include, but is not limited to, the following services: (i) managed detection and response; (ii) vulnerability detection and prioritization; (iii) managed intrusion prevention and detection; (iv) threat hunt/monitoring; (v) MSSP provided industry leading SIEM solution; (vi) incident response team; (vii) program management; (viii) information security assessments; (ix) external penetration testing; (x) wireless penetration testing; (xi) deep dark web searches; and (xii) firewall audit with configuration recommendations (xiii) Forensic analysis. The proposer must be a managed security services provider with at least 7 years of experience. Must have expertise in one of the highly excepted Information Security Frameworks such as ISO 27001, NIST Cybersecurity Framework (CSF) or COBIT. Must have 5 years’ experience in the Financial / Bank sector..Must have a partnership with an industry leading SIEM solution vendor for at least two years.