1. Contracting Officer Representative (COR)

DRAFT 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 Contract Number: Task Order Number: United States Cyber Command (USCYBERCOM) OMNIBUS Performance Work Statement (PWS) USCYBERCOM Cyber Operations (J3) Task Order (TO) (As of December 16, 2014) (completed by the KO at time of TO award) (completed by the KO at time of TO award) 1. Contracting Officer Representative (COR) a. Primary COR Name: Organization: Department of Defense Activity Address Code (DODAAC): Address: Phone Number: Fax Number: E-Mail Address: b. Alternate COR Name: Organization: DODAAC: Address: Phone Number: Fax Number: E-Mail Address: United States Cyber Command (USCYBERCOM) F1ATNW United States Cyber Command 9800 Savage Rd. Ste. 6660 Ft. George G. Meade, MD 20755 TBD USCYBERCOM F1ATNW United States Cyber Command 9800 Savage Rd. Ste. 6660 Ft. George G. Meade, MD 20755 1

DRAFT 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 Table of Contents 1. Contracting Officer Representative (COR)...1 2. Task Order Title: USCYBERCOM Cyber Operations (J3)...4 3. Background...4 4. Objectives... 4 5. Scope... 4 6. Specific Tasks... 5 Task 1: Administrative Support...5 A. Graphic Artist Support... 6 Subtask 1.1. Joint Operations Center Emergency Intelligence Coordinator... 6 Task 2: Cyber Exercise... 7 A. Joint Information Environment Operations Sponsor Group Exercises...7 Task 3: Planning... 8 A. Readiness Planning...9 Task 4: Cyber Operations...9 A. Operational Requirements Development...9 B. Gap Analysis Activities... 10 C. Operations Orders Process... 10 D. Operational Assessment Process... 10 E. Critical Technical Research and Analysis...11 F. Policies and Governing Directives... 11 Subtask 4.1: JOSG Operations... 11 A. JOSG Requirements Support... 12 B. JOSG Operations Compliance & Implementation... 12 Subtask 4.2: DODIN Operations...13 A. Systems Fielding and Integration... 14 B. Data Analytics Program... 14 Subtask 4.3: International/National Cyber Operations...14 Subtask 4.4: Fires and Effects... 16 Subtask 4.4.1: Cyber Fires Planning and Analysis...16 A. Support to the Cyber Tasking Cycle...16 B. Fires SME Outreach and Exercise Program...17 C. Special Technical Operations/Special Access Program Cyber Fires Planning and Analysis... 18 Subtask 4.4.2: Information Assurance Vulnerability Management...18 2

DRAFT 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 A. Vulnerability Identification, Remediation, and Mitigation...18 B. Information Assurance Vulnerability Alerts Compliance... 19 Subtask 4.4.3: Command Cyber Readiness Inspection Compliance...20 A. Track the CCRI compliance of all sites with open Category Ones...21 Subtask 4.4.4: Fusion Support...22 Subtask 4.4.5: Media, Malware, Analysis...23 Subtask 4.4.6: Host Based Security System... 24 Subtask 4.4.7: Joint Advanced Targeting Analysis...25 Subtask 4.4.8: Cyber Capability Analysis...26 A. Cyber Requirements Cell Coordination...27 B. STO/SAP Cyber Capability Analysis...27 Subtask 4.4.9: Cyberspace Capability Registry Management...27 Task 4.5: The USCYBERCOM Joint Operations Center...29 A. Cyberspace Operations DODIN Controller... 29 B. Cyberspace Operations Deputy... 30 C. Cyberspace Operations DODIN Officer... 31 D. Enhanced Shared Situational Assessment Analyst...31 Task 5: Knowledge Management and Records Management...32 Task 6: Program Management & Analysis...32 A. Fires & Effects C2 System Development... 33 Task 7: Integrated Technology Services...34 A. Fires & Effects C2 System Development... 34 Task 8: Business Process Re-engineering...35 7. Period of Performance...35 8. Place of Performance... 36 9. Travel...36 10. Transition plan (if applicable)...36... 37 11. Deliverables... 37 12. Security...38 13. Government-Furnished Equipment (GFE)/Government-Furnished Information (GFI)... 38 14. Other Pertinent Information or Special Considerations...38 Acronym List...40 3

DRAFT 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 2. Task Order Title: USCYBERCOM Cyber Operations (J3) 3. Background USCYBERCOM requires contractor support to assist its vital mission. USCYBERCOM plans, coordinates, integrates, synchronizes, and conducts activities to direct the operations and defense of specified Department of Defense (DoD) information networks, to prepare, and when directed, conduct full-spectrum military cyberspace operations to enable actions in all domains, and to ensure United States (U.S.)/Allied freedom of action in cyberspace and deny the same to our adversaries. The Command is charged with pulling together existing cyberspace resources, creating synergy that does not currently exist and synchronizing war-fighting effects to defend the information security environment. USCYBERCOM centralizes command of cyberspace operations, strengthens DoD cyberspace capabilities, and integrates and bolsters DoD s cyber expertise. Consequently, USCYBERCOM improves DoD s capabilities to ensure resilient, reliable information and communication networks, counter cyberspace threats, and assure access to cyberspace. USCYBERCOM s efforts will also support the Armed Services ability to confidently conduct high-tempo, effective operations as well as protect command and control systems and the cyberspace infrastructure supporting weapons system platforms from disruptions, intrusions and attacks. USCYBERCOM is a sub-unified command subordinate to U. S. Strategic Command (USSTRATCOM). The Cyber National Mission Force (CNMF) is a USCYBERCOM Joint Force Headquarters (JFHQ) and the U.S. military s first joint tactical command with a dedicated mission focused on cyberspace operations: to plan, direct and synchronize cyberspace operations to deter, deny, and if necessary, defeat adversary cyber actors to defend the nation. 4. Objectives The Objectives of this task are to 1) establish and provide cyberspace capabilities to meet both deterrent and decisive National Security objectives, 2) optimize planning, integration, coordination, execution, and force management of the cyberspace operations mission in support of the Joint warfighter, and 3) provide situational awareness of adversary attack opportunities and exercise operational control (OPCON) and tactical control (TACON) of network forces and capabilities, as directed. Key Tasks include but are not limited to: 4

DRAFT 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 5. Scope 1. Conduct crisis action planning and operations for cyberspace operations 2. Plan, manage, coordinate, and deconflict Offensive Cyber Operations (OCO), Defensive Cyber Operations (DCO), Department of Defense Information Network Operations (DODIN OPS), Cyber Intelligence, Surveillance, Reconnaissance (ISR), Cyber Operational Preparation of the Environment (OPE), and other related activity with the Joint Staff, the Intelligence Community (IC), other key partners 3. Provide situational awareness, and deconfliction of DoD cyberspace operations with DoD and stakeholders 4. Prepare Courses of Action (COAs), to include Advanced level targeting, capabilities pairing, and Operational Assessments. The following Indefinite Delivery Indefinite Quantity (IDIQ) task areas are required to support this task order:? Administrative? Business Process Re-engineering? Cyber Exercise? Cyber Operations? Engagements? Integrated Technology Services? Knowledge Management and Records Management? Planning? Program Management and Analysis? Security 6. Specific Tasks Task 1: Administrative Support Administrative support is critical to the effective and efficient operations of the Command. Administrative support includes all aspects of administrative management, general office support, and coordination among organizations for day-to-day operations. The Contractor shall: 5

DRAFT 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211? Plan and organize daily activities in coordination with internal and external entities for day-to-day operations? Schedule and coordinate meetings, visits, and events, and prepare supporting briefs and reports? Prepare, process and track correspondence? Prepare and distribute meeting agendas, and meeting minutes /notes, and track action items? Track ancillary training requirements? Reserve meeting space and facilitate audio visual and telecommunication support for scheduled meetings? Produce and distribute the battle rhythms, activity reports, and staff meeting briefs? Maintain and update schedules, calendars, and the personnel accountability tracker for daily work status? Assist in preparing the office for office relocation and/or building move? Monitor, update, and report on the status of assigned Workflow Management System (WMS) tasks assigned. WMS is a web-based system that enables organizations within USCYBERCOM to task, track, and manage tasks. A. Graphic Artist Support The Contractor shall design graphical presentations utilizing products including Microsoft Office (especially PowerPoint) and Adobe Creative Suite in support of the USCYBERCOM Operations Directorate. Concepts shall be created from start to finish in a collaborative environment with attention to detail. The Contractor shall display creativity in designs, layout, and display. Subtask 1.1. Joint Operations Center Emergency Intelligence Coordinator The USCYBERCOM Joint Operations Center (JOC) provides Mission Essential 24x7/365 coverage to secure, operate, and defend the DODIN. The Emergency Intelligence Coordinator (EIC) maintains general situational awareness of the cyberspace environment and performs routine and emergency actions and communications within USCYBERCOM and between USCYBERCOM and all applicable staff elements, Joint- Force Headquarters (JFHQs), subordinate headquarters, Service Cyber components, Combatant Command (CCMD), components and agencies with cyber related missions. The EIC works with JOC personnel to pre-position information for use by the Cyber Battle Captain (CBC) during emergency or hasty situations. The Contractor shall provide 6

DRAFT 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 24x7/365 coverage and adjust staff schedule as needed for Continuity of Operations (COOP). The Contractor shall respond to USCYBERCOM requirements for real world and exercise Contingency Operations and National Capital Region (NCR) catastrophic events. This may require Contractor to travel and staff positions outside of routine USCYBERCOM facilities. The Contractor shall:? Perform routine and emergency actions critical to DODIN Operation support by voice communication, message routing, voice and video conference configuration and operation support, and monitoring, assessing, developing, reviewing and distributing communications as directed by the JOC CBC or Deputy CBC? Assist with updates, maintenance, and controls of the systems that project on the JOC Knowledge Walls? Assist the Joint Duty Officers (JDOs) in maintaining Video TeleConference (VTC) functionality within the JOC. Ensure that JOC communications equipment required for emergency action coordination is ready and available? Monitor the STRATCOM Skiweb portal and Automated Message Handling System (AMHS) for taskers, Incident Management Assistance Teams (IMATs), inbound orders and general situational awareness? Coordinate with the CBC for updates to send to the STRATCOM Global Operations Center (GOC), such as the STRATCOM Quad Chart and the daily 24HR Event Summary report. Task 2: Cyber Exercise Cyber exercises comprise a critical element of the Command's continuing efforts to refine the concepts, strategies, methods, and tools to plan and prepare for cyberspace operations. Joint exercises are the means by which the effectiveness of force planning and training investments are validated and refined. USCYBERCOM J3 works collectively with the USCYBERCOM J7 Directorate to support joint exercises, develop J3 training objectives for CCMD Tier 1 exercises, and manage J3 exercise participation. The Contractor shall:? Identify, track, and resolve issues impacting training, exercises, and daily operations? Coordinate with the USCYBERCOM J7 Directorate to ensure exercise activities adhere to USCYBERCOM exercise plans, policies, and procedures? Collaborate with J7 elements to establish overall objectives, priorities and plans for the Command s joint exercise program, assuring focus on issues and challenges critical to pursuit of cyberspace operations 7

DRAFT 254 255 256 257 258 259 260 261 262 263 264 265 266 267? Coordinate with other Divisions to provide inputs and resources for Command exercises? Elicit inputs for the planning process from cyberspace operations elements throughout the program community to assure inputs are representative of the community s full scope? Coordinate with team members in application of analytical methodologies to assess measures of effectiveness/performance for operational scenarios? Provide recommendations to Command authorities (e.g., J7) and resources for applicable staff elements, JFHQ, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions to dedicate to joint exercises? Develop documents to include after action reports, lessons observed, lessons learned, as well as results and conclusions with relevant organizations such as DoD organizations, Federal Agencies, and commercial partners. 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 A. Joint Information Environment Operations Sponsor Group Exercises The Joint Information Environment (JIE) Operations Sponsor Group (JOSG) is responsible for conducting tabletop exercises to validate each stage of JIE implementation. As part of the exercise approach the JOSG produces deliverables for the Planning and Coordination Cell (PCC), including assessment plans, test reports, and after action reports. The Contractor shall:? Plan, organize, coordinate and participate in JOSG Tabletop Exercises (TTXs) (estimates 6-10 per year) and other similar JIE events? Coordinate with JIE partners and stakeholders to develop and plan scenarios to meet JIE exercise objectives? Conduct post-exercise lessons learned studies and develop COAs in response to JOSG training objectives? Coordinate with the USCYBERCOM J7 Directorate to ensure JIE exercise activities adhere to USCYBERCOM exercise plans, policies, and procedures? Conduct technical research, analysis, and provide recommendations for the JOSG to support Joint Event Lifecycle (JELC) Events including CCMD exercises, TTXs, and scenario development/synchronization 291 8

DRAFT 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 Task 3: Planning The Joint Operational Planning Process (JOPP) spans both the J3 and J5 directorates of USCYBERCOM. The USCYBERCOM J3 plans, coordinates, integrates, synchronizes, and conducts activities directing the operation and defense of the DODIN and, when directed, plans the conduct of full spectrum military cyberspace operations in order to enable actions in all domains, ensure U.S./Allied freedom of action in cyberspace, and deny the same to our adversaries. Cyber research, analysis, and recommendations for the integration of cyber include: Operations Plan (OPLAN) development, intelligence and analysis requirements definition, cyber assessment development, Integrated Joint Special Technical Operations, Special Access Program (SAP) cyber capabilities coordination, and Evaluation Request and Response Messages (EReqM and EResM) integration. The Contractor shall:? Provide cyber analysis and develop documentation necessary for USCYBERCOM to develop future CCMD s campaign plans, operational, and contingency plans? Collect, analyze, and disseminate future processes and procedures to ensure the confidentiality, integrity, and availability of data related to network operations and warfare? Coordinate with all applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components, and agencies with cyber related missions? Ensure network operation plans are synchronized with major military exercises? Participate in cyber COA development for computer network operations to deter attacks against the DODIN? Assist in identifying and developing requirements, making recommendations for the prioritization of requirements for development? Assist in developing network operations plans, including identification and development of USCYBERCOM mission enhancement opportunities? Report on evolving cyber policies and cyber security trends that effect USCYBERCOM s ability to defends its networks? Review and evaluate cyber policy directives/documents and issue papers? Provide the information security and assurance analysis necessary to development of cyber Tactics, Techniques, Procedures (TTPs), Concepts of Operation (CONOPs) and Standard Operating Procedures (SOPs)? Review and assess existing DoD cyber documentation, cyber wargame reports, TTPs, and lessons learned? Provide the technical research, analysis, and recommendations for USCYBERCOM to develop cyberspace COAs, CONOPs, and TTPs in order to support cyberspace operations 9

DRAFT 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355? Provide recommendations on the synchronization of cyberspace operations with the collection, review, and assessment of existing DoD and service cyber documentation, exercise, and event scenario reports, CONOPs, TTPs, and lessons learned? Design and develop cyber technical and analytical documents for designated USCYBERCOM cyberspace operations efforts involving: A. Readiness Planning 1) Cyber collaboration among DoD and other organizations with cyber-related missions, 2) Standard approval processes for cyberspace operations, 3) Cyber de-confliction, coordination, and assessment policies and processes, and full-spectrum cyber coordination and reporting procedures. Readiness Planning consists of managing, assessing, and refining USCYBERCOM J3 Joint Mission Essential Tasks (JMETs) in support of current and evolving missions and emerging requirements. The Contractor Shall: 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371? Monitor, evaluate, and report findings derived from metrics generated using various data sources?prepare and submit JMET assessments to the J3 and ensure current readiness and training conditions are updated within the Defense Readiness Reporting System (DRRS) and Joint Training Information Management System (JTIMS).? Track and Report Cyber Mission Force (CMF) readiness? Provide the J3 and Command leadership with readiness Situational Reports (SITREP), DRRS reports, and reports of workforce resource availability? Prepare critical readiness inputs to the Joint Quarterly Readiness Review (JQRR), Joint Requirements Oversight Council (JROC), and the Command s Joint Mission Essential Task List (JMETL) located in the DRRS? Analyze available information to assess the readiness of deployable teams, personnel, and equipment? Review and provide recommendations in support of the J3 s Strategic Plans for capabilities and CONOPs to be assessed during future exercises. 372 10

DRAFT 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 Task 4: Cyber Operations A. Operational Requirements Development The Contractor shall assist in identifying requirements and making recommendations for the prioritization of requirements for development. The Contractor shall support USCYBERCOM s requirements process through facilitation of and participation in requirement boards and working group activities. B. Gap Analysis Activities The Contractor shall support Gap Analysis activities through comparing, documenting, and reporting shortfalls in cyber capabilities against validated requirements. The Contractor shall ensure capabilities align with DoD governing policies and meet the intent of the development objective or capability. The Contractor shall provide written documentation to address areas of concern for shortfalls and recommended COAs. 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 C. Operations Orders Process USCYBERCOM J3 is responsible for the USCYBERCOM orders development process, as well as ensuring plans and orders are feasible, acceptable, and compliant with USCYBERCOM guidance and doctrine. J3 facilitates the transition of plans to orders by developing, implementing, and managing the operational orders process. The Operations Orders (OPORDs) team serves as the focal point for all inbound and outbound orders routed through USCYBERCOM. The Contractor shall:? Develop, coordinate, and maintain USCYBERCOM orders and directives? Coordinate and collaborate on draft orders and directives from external partners, as required? Gather and prepare supporting documentation, coordinate drafts, obtain approval, and provide the final documents for publishing? Update orders and directives based upon evolving cyberspace environments? Assist Action Officers with orders process in accordance with the USCYBERCOM Orders Operating Instruction? Advise Leadership on all aspects of orders processing. 410 11

DRAFT 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 D. Operational Assessment Process The Operational Assessments process feeds the Commander s decision cycle, helping to determine the results of tactical actions in the context of overall mission objectives and providing potential recommendations for the refinement of future plans. Operational assessments provide the Commander with the current state of the operational environment, the progress of the campaign or operation, and recommendations to account for discrepancies between the actual and predicted progress. The Operational Assessments Process requires an Operations Research/System Analysis (ORSA) and/or mathematics/statistics background. The Contractor shall:? Develop, analyze, and update metrics to assess USCYBERCOM J3 operational performance and effectiveness? Incorporate metrics into a strategic assessment process? Maintain a repository of Measures of Performance (MOPs) and Measures of Effectiveness (MOEs) metric results? Continuously monitor and provide updates to a current situation within the construct of an operation and the progress of that operation? Evaluate an operation against MOEs and MOPs to determine progress relative to the mission objectives and end states? Develop recommendations and guidance to the staff or commander for improvement in the operation to help drive the commander s decision cycle. 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 E. Critical Technical Research and Analysis The Contractor shall conduct critical and technical research and analysis to define Commander s Critical Information Requirements (CCIR), Priority Intelligence Requirements (PIR), and Essential Elements of Friendly Information (EEFI) for reporting cybersecurity incidents. F. Policies and Governing Directives The Contractor shall contribute to the development of policies and governing directives to secure, operate, and defend the DODIN and to conduct Cyberspace Operations. The Contractor shall coordinate with Joint Staff, Office of Secretary of Defense, DoD Chief Information Officer (CIO), DoD Components and the IC to assist with establishing, reviewing, and adjudicating cyberspace policies and directives. 12

DRAFT 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 Subtask 4.1: JOSG Operations The JIE effort will realign, restructure, and modernize how the DoD information technology networks and systems are constructed, operated, and defended. JIE will consolidate and standardize the design and architecture of the DoD s networks to improve mission effectiveness, increase cyber security, and optimize resources and Information Technology (IT) efficiencies. USCYBERCOM leads the JOSG, which serves as the operational sponsor for the JIE. The JOSG is responsible for developing, integrating, and synchronizing operational procedures in support of the JIE initiative. The JOSG follows the direction of the JIE PCC and updates the JIE Executive Committee through the PCC. The Contractor shall:? Plan, organize, determine, and recommend necessary policies, regulations, directives, programs, doctrine, and procedures for the establishment and maintenance of assigned and anticipated changes to the DODIN in support of JIE? Draft plans and CONOPS required to execute the JIE? Develop operational artifacts required to support delivery of JIE? Support the JIE Technical Synchronization Office (JTSO) in identifying gaps and overlaps across existing DODIN Operations (OPS) and DCO technical capabilities? Support the DoD CIO JIE governance team in formulating policy? Assist in the development and refinement of the JIE Command and Control (C2) Construct and the JIE Operational CONOPs? Develop, integrate, and maintain operational TTPs and SOPs in support of the JIE? Coordinate and collaborate with JTSO and the USCYBERCOM Command, Control, Communications, Computers & Information Technology (C4IT) Directorate (J6) to ensure seamless integration of services, systems, and networks into existing and future joint DODIN infrastructure? Assess and recommend network management policies and procedures for implementation in JIE in coordination with JIE partners, stakeholders, and the C4IT Directorate? Organize, coordinate, and participate in JOSG working groups and other JIE workshop type of events? Develop, staff, and maintain accurate USCYBERCOM orders and directives? Develop and conduct update briefs, presentations, and papers to USCYBERCOM leadership to ensure situational awareness and status are conveyed related to the assigned project areas. 13

DRAFT 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 A. JOSG Requirements Support The Contractor shall:? Coordinate with JIE stakeholders to identify JIE operational requirements? Develop recommended prioritization and sequencing of JIE operational capability implementation and transition? Ensure capabilities align with DoD governing policies and meet the intent of the development objective or capability? Analyze proposed capabilities, recommend COAs, and develop solutions to address areas of concern for shortfalls in JIE implementation? Develop processes and procedures to implement and ensure JIE operational requirements are met DoD wide? Identify DODIN OPS and DCO enterprise management tool requirements and evaluate operational standards and tools for use within JIE? Coordinate with JIE stakeholders to advise and assist with the planning and identification of cyber defense requirements associated with JIE operational requirements. B. JOSG Operations Compliance & Implementation The Contractor shall:? Coordinate with DoD CIO and other stakeholders to develop, distribute, and sustain MOE and MOP for the JIE? Track DoD component s compliance with JIE MOEs/MOPs and applicable DoD policies? Support the Gap Analysis process through monitoring, acceptance testing, comparison, documenting, and reporting shortfalls in current and developing cyber capabilities against validated requirements? Devise methods to test and evaluate each component s compliance with JIE requirements and all other applicable standards? Develop and maintain processes, procedures, and TTPs for the Operations Center accreditation process? Develop and monitor JIE Service Level Agreement (SLA) performance and metrics? Provide evaluation results, reports, and recommendations to USCYBERCOM and JIE leadership? Support defensive cyber operations planning and mission execution through expert knowledge of USCYBERCOM components, processes, capabilities, authorities, and partner operations 14

DRAFT 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568? Analyze and evaluate voice/video/data system solutions and provide support for joint full spectrum (terrestrial and space) system and network integration in the JIE. Subtask 4.2: DODIN Operations DODIN Operations (OPS) conducts global, operational planning to secure, operate and defend the DODIN and its critical dependencies in order to provide full spectrum cyberspace operations ensuring freedom of maneuver in that domain and denying our adversaries the same. This task requires knowledge of DODIN operations, cyber defense TTP and systems, U.S. cyber operations community architecture, current and emerging cyber threats, and potential offensive and defensive capabilities for countering cyber threats. This task also requires a comprehensive knowledge and understanding of electronic communications concepts to include the systems development life cycle, equipment specifications, network management, and analytical techniques. The Contractor shall:? Analyze boundary protection statistics as provided by the Defense Information Systems Agency (DISA) and/or other organizations, and report issues to USCYBERCOM leadership? Publicize the current filtering/defense policy to the DoD community and evaluate requests for boundary defense policy changes or exceptions from applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions? Conduct research that focuses on rapidly emerging cyber threats and cyber adversary TTP? Conduct proof of concept development of cyber capabilities for countering ongoing or impending cyber adversary actions against U.S. Government networks? Recommend TTPs for countering cyber threats? Coordinate with applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions to identify, assess, and develop effective options to adjudicate Authorized Service Interruptions (ASI)? Coordinate with applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions to identify, assess, develop, and codify across the enterprise a common Cyber Key Terrain (CKT) Program 15

DRAFT 569 570 571 572 573 574 575 576 577 A. Systems Fielding and Integration This task requires advanced knowledge in telecommunications, networking, DoD network designs and operations in support of USCYBERCOM DODIN Operations Fielding and Integration. USCYBERCOM s mission is to direct the operations and defense of the DODIN. DODIN Operations Fielding and Integration is responsible for integrating cyberspace operational requirements into specified programs and projects in effort to execute the operate aspect of USCYBEROM s mission. 578 579 The Contractor shall: 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604? Analyze plans and technical strategies in support of the full spectrum of DODIN operations and coordinate the implementation of such solutions through the CC/S/A/FAs to support achievement of the USCYEBRCOM mission to provide secure, interoperable, and reliable operation of the DODIN? Monitor testing of systems, plan and direct Rehearsal of Concept (ROC) drills in coordination with DISA and applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions (as required) in efforts to validate operational procedures throughout the development of new defensive tools, including (but not limited to) Email Security Gateway from before Initial Operational Capability (IOC) to Full Operational Capability (FOC). B. Data Analytics Program Strategic Enterprise Analytics and Data Managing Initiative (SEADMI) is a data analytics system used to ingest large amounts of structured and unstructured data to provide data integrity for advanced data governance. SEADMI is tightly integrated with a text and data mining subsystem that will ingest operational reports into a relational database (Threat Matrix). This capability provides a synchronized real-time capability to discover, detect, and analyze threats and vulnerabilities based on adversary activities to defend DODIN assets. The Contractor shall: 16

DRAFT 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619? Maintain a centralize repository for threat and vulnerability data from external trusted sources in a searchable, standards-based database.? Ingest unstructured threat content from Operation Reporting and network sensors? Populate customized threat data with information from internal data sources, content from a commercial threat feed provider, and threat advisories reports/emails? Analyze and refine threat data to provide situational awareness for vulnerabilities and malicious code based on the impact to the DODIN? Alert leadership and DODIN users to emerging threats, provide notification to responsible personnel so they can proactively address emerging threats thru output screens (cyber dashboards)? Report on threat levels and countermeasures, produce real-time reports utilizing machine to machine technologies, and user-specific dashboards to view threats by severity, type, and impact to the DODIN. 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 Subtask 4.3: International/National Cyber Operations The USCYBERCOM J3 conducts activities in support of the various CCMDs, including strengthening relationships with key partner nations, coordinating, synchronizing, deconflicting, and integrating operational planning efforts for full spectrum cyberspace operations. This task requires a broad, expert knowledge of the Command s Cyber missions, authorities, and capabilities as well as equivalent information regarding the roles and responsibilities of the Command s external program partners, which includes (but not limited to) other DoD commands and agencies, other U.S. Government agencies and key partners. The Contractor shall:? Communicate complex programmatic cyber planning information, orally and in writing, to elicit understanding and support from professional peers and nonspecialists? Contribute to the development and refinement of COAs and other Cyber guidance materials employed by the Command and its external Cyber program partners? Monitor and evaluate national/international operations to identify opportunities for the Command to execute authorities to meet DoD Cyber objectives 17

DRAFT 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679? Provide expert information and recommendations to applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions to support implementation of strategies and plans? Assist and advise various Operational Planning Groups (OPGs) and Operational Planning Teams (OPTs) by providing functional expertise and guidance as to the intent of negotiated and established national/international agreements? Participate in post-event analyses to determine the success of Cyber strategies, initiatives, or plans? Attend strategic working group meetings, facilitate discussions, gather information, analyze the data, and produce written products in support of USCYBERCOM s force management efforts? Review and provide feedback on cyber related strategy, policy, and doctrine received from higher headquarter(s)? Report on evolving cyberspace policy trends and issues within the U.S. Government? Review and evaluate cyberspace policy directives and CONOPs? Assist with responses to Congressionally Directed Actions (CDA) and Congressional Questions for the Record (QFR)? Provide input to the JQRR submission for USCYBERCOM? Provide support with technical and policy analyses of cyber issues? Attend conferences, seminars, and special meetings? Contribute to the Office of the Secretary of Defense (OSD) and USSTRATCOM/USCYBERCOM policies and directives on cybersecurity and internet access? Provide substantive input in converting cybersecurity policies into operational plans for defense of the DODIN, as well as maintain a set of detailed options and filtering/defense policies for expected DODIN operations and defense scenarios, attacks, and changes in DODIN defensive posture? Assist in advocating USCYBERCOM cyberspace policy and doctrine within the DoD and across the U.S. Government through the Joint Interagency Coordination Group (JIACG). Provide analysis, recommendations, and guidance on cyberspace policy? Assist in establishing USCYBERCOM engagement through a JIACG and provide representation to policy and doctrine forums of the DoD? Recommend policy for the de-confliction of military cyberspace operations with other U.S. Government organizations, specified partners, and allies as necessary. 18

DRAFT 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 Subtask 4.4: Fires and Effects The Fires and Effects Division de-conflicts, integrates, and coordinates full spectrum operational fires in and through the cyber domain with service cyber components, subordinate headquarters, multinational forces, and the whole of government. Planned OCO and DCO are de-conflicted by following the Joint Fire Support Planning Process and the Joint Targeting Cycle, to include integrating fires into plans, pairing capabilities to create specific effects on targets, and identifying capability gaps. Subtask 4.4.1: Cyber Fires Planning and Analysis Cyber Fires Planning and Analysis supports planning in OCO and DCO throughout the entire JOPP. Cyber Fires Planning and Analysis requires the coordination of joint strategic and operational planning and execution of joint fires, to include targeting, capability pairing, and threat mitigation in support of CMF and other operations. Knowledge of cyber TTPs is required in order to provide recommendations to USCYBERCOM leadership on all aspects of joint fires and threat mitigation. The Contactor shall:? Plan, organize, determine, and recommend necessary policies, regulations, directives, programs, doctrine, and procedures for the establishment and maintenance of assigned and anticipated joint fires coordination and execution? Provide support to future operations planners to integrate cyber capabilities into plans? Collaborate with DISA, NSA, service providers, and other organizations to ensure that USCYBERCOM requirements are implemented? Collaborate with operators in the JOC, subordinate headquarters, and cyber teams to integrate capabilities? Coordinate with all applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions? Act as liaison between capability Subject Matter Experts (SMEs) and the planning teams in order to assist the planners understand the technical aspects of specific capabilities in support of a specific planning effort? Identify and develop cyber TTPs that advise the future operations planners on achieving Cyberspace Operations in support of operations and exercise objectives? Recommend requirements for the development of cyberspace capabilities. Provide recommendations to prioritize requirements for automated cyberspace capabilities in support of operations and assessments 19

DRAFT 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744? Participate in USCYBERCOM requirements working groups as a capability SME to define cyber capabilities/tools and recommend COAs? Analyze and report on technical issues relating to current and future DoD plans, programs, policies, and activities related to cyberspace operations? Participate in special programs and teams for fires planning and analysis. A. Support to the Cyber Tasking Cycle The Cyber Tasking Cycle (CTC) is the official method used to task cyber forces to execute missions. The cyber tasking cycle is utilized at all echelons of joint command to globally synchronize and de-conflict forces. The J3 is responsible for managing the products that are driven by the CTC. The Contactor shall:? Assist and support the CTC? Assist with the creation, implementation, and management of the Master Cyber Operations Plan (MCOP) creation and implementation? Synchronize and de-conflict the Cyber Tasking Order (CTO)? Attend and provide input during the Operations Synchronization meetings? Coordinate with CMF and other subordinate units to facilitate the Cyber Tasking Cycle processes? Provide time sensitive, critical data inputs into the C2 system and validate data? Make recommendations on changes in the C2 system based upon evolving task cycle. 745 746 747 748 749 750 751 752 753 754 755 756 B. Fires SME Outreach and Exercise Program The Fires SME outreach program provides information and knowledge to different groups, courses, units, and organizations outside of USCYBERCOM on the USCYBERCOM fires process as it continues to evolve. This program has become even more important with the standup of the CMF units. The Contactor shall:? Conduct outreach programs on USCYBERCOM Fires processes? Maintain the master Fires Brief with the most updated information 20

DRAFT 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784? Represent USCYBERCOM and brief at selected courses, events, to include selected exercise academics, the Joint Advanced Warfighter Course (JACWC), the Army Cyberspace Operations Course, the Air Force Weapons School, and the Joint Targeting School? Maintain contact with the external groups, courses, units, and organizations and provide approved, updated fires briefings and supporting documentation in a timely manner? Participate in exercises, including CCMD exercises and planning conferences, and provide feedback and after action reports. C. Special Technical Operations/Special Access Program Cyber Fires Planning and Analysis Special Technical Operations/Special Access Program (STO/SAP) Cyber Fires Planning and Analysis entails the synchronization and de-confliction of collateral and SAP/STO capabilities within the JOPP. STO/SAP Cyber Fires Planning and Analysis requires the ability to pass an additional layer of security review and must adhere to need-to-know and material contribution criteria. Knowledge of cyberspace operations and cyber fires is required in order to effectively integrate with USCYBERCOM Fires and Effects. The Contactor shall:? Support the Review and Approval (RAP) process, and develop CONOPs for employment of STO/SAP capabilities in support of (ISO) USCYBERCOM supported and supporting cyberspace operations? Integrate STO/SAP capabilities in current and future operations and plans ISO USCYBERCOM and CCMDs? Assist with STO/SAP assessments and document findings. 785 786 21

DRAFT 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 Subtask 4.4.2: Information Assurance Vulnerability Management A. Vulnerability Identification, Remediation, and Mitigation The Information Assurance Vulnerability Management (IAVM) Program supports secure cyberspace operations through the identification and analysis of disclosed vulnerabilities to determine their operational impact to the DODIN. Vulnerabilities found to pose a significant risk to the DODIN are addressed by the IAVM Program through dissemination of IAVM Directives (Information Assurance Vulnerability Alerts (IAVA) and Information Assurance Vulnerability Bulletins (IAVB) mandating DODIN-wide implementation of mitigation or remediation actions. This task area requires technical knowledge in computer network theory, IT standards and protocols, as well as an understanding of the lifecycle of cyberspace threats, attack vectors, and methods of exploitation. The Contractor shall:? Identify and draft mitigation guidance for vulnerabilities with no vendorprovided remediation? Establish communications with vendors for the release of newly identified vulnerabilities to ensure they understand specialized and proprietary DODIN asset requirements? Analyze publicly disclosed vulnerabilities of vendor software/hardware products and develop the mitigation/remediation orders? Compile daily, weekly, monthly and annual vulnerability metrics associated with affected and non-compliant DoD assets? Utilize tracking tools/capabilities in a vulnerability management system to review manually uploaded and automated information from DoD component to report vulnerability orders and directives compliance? Develop, coordinate, and maintain accurate USCYBERCOM orders and directives? Create situational awareness products to provide USCYBERCOM leadership and DoD components with detailed information related to vulnerabilities and appropriate mitigation strategies? Identify, analyze, and develop mitigation or remediation actions for system and network vulnerabilities? Assist with the prioritization of newly identified software/hardware vulnerabilities based upon severity, potential operational impact, exploitation, and other factors to assess risk to DODIN assets? Conduct open source research to identify and analyze known and unknown vulnerabilities 22

DRAFT 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868? Analyze known issues affecting DoD components with vendor provided fixes and contact the appropriate vendor for a defined and attainable solution? Collaborate and coordinate with DISA Field Security Office (FSO), DoD CC/S/A/FA, Intelligence Agencies, Law Enforcement (LE), and U.S. Government organizations? Track and provide threat notification to DoD components of vulnerabilities, exploits, propagation of worms, and virus migration? Develop, document, and convey IAVM operational requirements to enhance capabilities to identify, track, and remediate system and network vulnerabilities as well as automated vulnerability management capability? Monitor the progress of and collaborate with internal and external organizations to ensure IAVM operational requirements are fulfilled? Analyze, brief and develop reports on new and existing adversary TTPs. B. Information Assurance Vulnerability Alerts Compliance Information Assurance Vulnerability Alerts (IAVA) directives address recently disclosed vulnerabilities that introduce immediate and severe risk to DODIN assets. Corrective actions are mandatory due to the severity of the vulnerability. USCYBERCOM directs corrective actions through IAVA directives. This task area requires technical knowledge of the IAVM Program and automated cybersecurity capabilities, including Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS), Continuous Monitoring Risk Score (CMRS), and the USCYBERCOM IAVM System. The Contractor shall:? Track compliance of USCYBERCOM orders and directives for implementation of appropriate security controls against DODIN assets? Interface with CC/S/A/FAs to compile statistics and generate reports on compliance levels and alert leadership to negative trending and systemic issues? Communicate (written and oral) with CC/S/A/FAs concerning IAVA compliance, Plan of Action and Milestones (POA&M) approval and documentation, implementation of appropriate system security controls, and DoD policies? Utilize the IAVM Vulnerability System or approved automated cybersecurity capabilities to generate reports and review POA&M for vulnerability compliance tracking 23

DRAFT 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908? Provide status reports and metrics to USCYBERCOM leadership for DoD Components on IAVA compliance? Provide daily, weekly, monthly, and annual compliance metrics to support various USCYBERCOM operations? Compile POA&M audits and watch lists statistics to provide vulnerability compliance status, develop situational awareness reports, and develop briefings? Generate monthly POA&M audits on selected IAVA orders and directives to validate DoD components compliance status? Develop and provide technical review for IAVA POA&M audits, noncompliant assets, and incidents resulting from unmitigated vulnerabilities? Develop, coordinate, and maintain accurate USCYBERCOM orders and directives? Maintain the IAVM program, associated policies, and provide guidance for DoD component implementation.? Provide compliance information to the Command Cyber Readiness Inspection (CCRI) and Scorecard teams prior to inspections? Conduct analysis of incidents to determine compliance with USCYBERCOM orders and directives? Collaborate with affected and supporting organizations on unacceptable DODIN ratings, CCRI inspection failures, and incidents to develop briefs, watch lists, and responses to requests for information? Maintain situational awareness of IAVA compliance issues and brief quarterly IAVA compliance watch list. Subtask 4.4.3: Command Cyber Readiness Inspection Compliance The Command Cyber Readiness Inspection (CCRI) Program is a rigorous inspectionoriented process designed to validate security compliance across the DODIN. The intent of the inspection program is to establish a framework to enforce security control compliance for DoD components and senior command accountability. This process is accomplished by utilizing following capabilities to determine risks of non-compliance assets: Network Infrastructure (e.g. Network Intrusion Detection System (NIDS), Host Intrusion Detection System (HIDS), routers, switches, and firewalls), Network Vulnerability Scanning, e.g. vulnerability patching, Domain Name System, Traditional Security (e.g. Physical security), HBSS, Continuous Monitoring, Cross Domain Solutions (CDS), Releasable Networks, and Wireless Technologies. This task requires expertise and understanding of DCO mitigation and remediation strategies related to CCRI deficiencies, emerging threats, vulnerabilities, and inspection findings. The Contractor shall: 24

DRAFT 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948? Provide and maintain situational awareness of CCRI inspection results and mitigation status to include identification of key issues and priorities affecting the defense of the DODIN? Provide USCYBERCOM guidance to DoD Components for DCO mitigation and remediation strategies related to CCRI deficiencies, emerging threats, vulnerabilities, and inspection findings? Acquire threat and vulnerability data for inspected site and its geographical Area of Responsibility (AOR) to determine mitigation and remediation strategies? Maintain weekly situational awareness of threat activity directed toward DoD Components, Cleared Defense Contractors (CDC s), and non-dod Federal Organizations? Analyze and evaluate mitigation/remedial action plans of inspected sites? Develop Situational Awareness Reports (SAR) and USCYBERCOM orders and directives? Participate in technical working groups and discussions and provide technical recommendations with appropriate COAs? Analyze threats and vulnerabilities of DODIN assets based on aggregated CCRI data, and develop recommended actions to significantly improve the readiness and defensive posture of DODIN? Identify systemic causes of inspection/assessment failures and develop recommended courses of corrective actions to increase defensive posture of the DODIN? Provide analytical support to the CCRI process by reviewing CCRI results, operational reporting, and USCYBERCOM Threat Mitigation Framework (TMF)? Coordinate inspection results with USCYBERCOM Staff elements and Service Cyber Centers? Provide input to the development of DoD and USCYBERCOM policies, processes, procedures and operations. Possess and maintain cognizance of national-level cyber security policies, plans, processes, and coordination procedures? Establish and maintain working relationship with the Intelligence, Law Enforcement, and Homeland Defense Communities? Analyze and report on technical issues of current and future DoD plans, programs, policies, and activity related to the assessment of the DODIN? Identify shortfalls and capability gaps in DoD, USCYBERCOM, Defense Security Service (DSS), and Department of Homeland Security (DHS) policies and guidance? Analyze implementation plans and policies; analysis shall be specific to DOD but include familiarity with National Industrial Security Program (NISP) and National Institute of Standards and Technology (NIST) cybersecurity requirements and 25

DRAFT 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 leverage industry and/or academia methods for addressing current and emerging cyberspace requirements? Provide technical analysis, develop and assess current DODIN plans and policies supporting cybersecurity assessments, to include emerging technologies? Assist the Government in providing collaborative mission support with Joint Staff, NSA, DISA, Services, and other DoD components deemed essential working groups in assessing, prioritizing and developing guidance for the DoDwide implementation plans for the cybersecurity Strategy? Develop white papers, briefs and analysis reports. All products shall include clear, concise summaries of complex technical concepts suitable for presentation to senior leaders. A. Track the CCRI compliance of all sites with open Category Ones Category One s (CAT 1 s) are considered any vulnerability, the exploitation of which will directly and immediately result in loss of Confidentiality, Availability or Integrity of DODIN assets. DoD components that have CAT 1 findings resulting from CCRI are required to mitigate or remediate vulnerabilities immediately. The Contractor shall:? Prepare weekly CCRI Compliance reports? Coordinate the weekly CCRI Compliance Monitor review meeting? Engage CC/S/A/FA s and Computer Network Defense Service Provider (CNDSPs) on a daily/weekly basis concerning CCRI reporting within the Vulnerability Management System (VMS) and other automated capabilities? Coordinate and collaborate throughout the inspection lifecycle with DISA FSO, DISA Operations Directorate (GO), DISA Service (Connection Approval Office), and local inspected site personnel to include, but not limited to: System Administrators, Database Administrators, Information System Security Officers, Information System Security Managers, Information Assurance Managers, and Information Assurance Officers? Review and determine effectiveness of IAVM compliance program at reported sites? Review and determine effectiveness of CC/S/A/FA s POA&Ms and After Action Plans? Conduct POA&M audits of all CC/S/A/FA s sites? Attend monthly DISA FSO meetings? Review CCRI reports, Certification and Accreditation (C&A), Security Test and Evaluation (ST&E), and Information Assurance Readiness Review (IARR) reports 26

DRAFT 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030? Attend weekly DISA FSO CCRI teleconference, VTCs or DISA DCO sessions as the USCYBERCOM SME and prepare weekly CCRI VTC summaries, if needed (e.g. Significant CAT I findings) prepare weekly CCRI VTC briefings to the Director and Deputy Combatant Commander (DCDR)? Produce Letters of Concern and staff to DCDR/Commander (CDR) as required? Identify root causes of failures in cybersecurity compliance within the DoD? Identify corrective actions to increase cybersecurity compliance within the DoD. Subtask 4.4.4: Fusion Support Fusion is the collaboration, correlation, and analysis of cyberspace incident reports derived from reliable sources, network sensors, vulnerability management devices, open source information, and DoD component provided situational awareness of known adversary activities. Threat detection analysis and coordination provides monitoring, correlation, and prevention of cyber threat activity targeting the DODIN. This task requires technical knowledge on the utilization of government and industry capabilities, best security practices, advanced log analysis, forensics, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, and anti-virus capabilities. Additionally, this task requires technical knowledge of forensics analysis to determine adversary methods of exploiting information system security controls, the use of malicious logic, and the lifecycle of network threats and attack vectors. The Contractor shall: Analyze the details of Named Areas of Interest (NAI) and advanced persistent threats that impact the DODIN, track, correlate, harvest, trend, and report on the unique TTPs utilized Conduct incident handling/triage, network analysis and threat detection, trend analysis, metric development, and security vulnerability information dissemination Configure, maintain, and utilize USCYBERCOM and CC/S/A/FA capabilities in order to detect, monitor, track, and analyze malicious activity targeting the DODIN Consume, review, correlate, and report on high priority DoD, Intelligence, and U.S. Government operational reporting of threats and vulnerabilities to correlate similar incidents/events, malicious tradecraft, TTPs of malicious activity, and indicators utilized to impact or target the DODIN Develop consolidated notifications and updates to the USCYBERCOM JOC on threat and vulnerability activity 27

DRAFT 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 Develop, obtain government approval of, and release situational awareness reports/products, operational directives/orders/messages, and quarterly threat analysis reports/metrics Review, analyze, and maintain the content of a DoD indicator database to aid in the detection and mitigation of threat activity Update DoD shared situational awareness mechanisms, including USCYBERCOM websites, Wikipedia style solutions, and collaboration/chat mechanisms Develop and present cyber threat briefings, presentations, and papers to USCYBERCOM leadership to ensure situational awareness and status are conveyed related to the assigned project areas Operate as the DoD community leader for the discovery of threat activity and associated indicators Determine sophistication, priority, and threat level of identified malware and intrusion related TTPs Develop metrics and trending/analysis reports of malicious activity used to compromise the DODIN Develop, staff, and release analysis findings in technical analysis reports to DoD Community Manage a DoD prioritization process to identify priority threats and vulnerabilities that impact the DODIN Develop signatures for use within DoD threat detection capabilities to detect potentially malicious activity on the DODIN Coordinate with USCYBERCOM partner organizations to receive, distribute, and conduct analysis on vulnerability and threat information that impacts the DODIN and the Defense Industrial Base (DIB) Assess vulnerability of DODIN operations in support of defensive cyber operations Draft and propose USCYBERCOM guidance, directives and products Maintain situational awareness of Intrusion Problem Sets, including NAI for collaboration with the DoD cyber analysts and cyberspace partners Develop, review, and report on defensive cyber operations and cybersecurity products Develop, review, and comment on incident handling procedures and reporting Coordinate analysis projects related to Intrusion Sets and NAI compromises Assist in developing processes and procedures designed to facilitate increased awareness, intelligence, and technical data fusion support 28

DRAFT 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 Provide recommended improvements on Cybersecurity posture through technical research and analysis Provide technical research and analysis of computer forensic evidence Provide recommendations to aid USCYBERCOM in assessment reporting and mitigation strategies Analyze Cybersecurity/Defensive Cyber Operation activities on Government systems and make recommendations for actions to protect the DODIN Evaluate operational information, intelligence information, assessments and reports, Computer Emergency Response Team (CERT), LE/Counter Intelligence (CI), allied/coalition, and open-source information to assess potential impacts on the DODIN Develop and propose processes and procedures designed to facilitate all-source intelligence analysis of the foreign threat picture. Subtask 4.4.5: Media, Malware, Analysis Media, Malware and Analysis (MMA) is the forensic analysis of media and software reverse engineering. The analysis consists of reviewing the contents of a compromised system, documenting unusual files and data, and identifying the TTPs used by an adversary to gain unauthorized access to DODIN assets. This includes detailed technical work on media analysis and exploitation of data from compromised systems in support of ongoing analysis. This task requires knowledge of computer network theory, ability to understand communication methods and malicious properties, and TTPs of advanced persistent threats. Additionally, this task requires technical knowledge of malware analysis, incident handling, ethical hacking, and drafting and implementing security incident response policies. The Contractor shall:? Analyze malware discovered in DoD intrusions; perform dynamic and static analysis and reverse engineering of intrusion artifacts? Develop and release government approved analysis findings in technical analysis reports? Identify unique indicators, TTPs, patterns, or heuristics from malware artifacts for the development of detection and mitigation strategies? Collaborate with anti-virus vendors for malware submissions to aid vendor antivirus updates? Extract malicious files from digital media and sources? Identify, analyze, and document adversarial activities to gain unauthorized access to DoD systems 29

DRAFT 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147? Analyze to determine sophistication, priority, and threat of identified malware? Examine media and malware analysis reports and operational reporting from DoD incidents to correlate similar events, tradecraft, and TTPs of malicious activity? Develop metrics and trending/analysis reports of malicious activity used to compromise the DODIN? Develop, document, and convey operational requirements for the development, procurement, or implementation of media, malware analysis capabilities such as the Joint Malware Catalog (JMC), Joint Indicator Database (JID), Joint Incident Management System (JIMS), and Unified Cyber Analytics Portal (UCAP)? Develop and conduct update briefs, presentations, and papers to USCYBERCOM leadership to ensure situational awareness and status are conveyed related to the assigned project areas? Conduct log and system analysis for various system and network capabilities to include routers, Windows, and UNIX? Update DoD shared situational awareness mechanisms to include USCYBERCOM websites, Wikipedia style solutions, and collaboration/chat mechanisms? Identify new exploits and security vulnerabilities, analyze behavior of malicious code, research open source data, document host/network signatures, and develop mitigation and remediation strategies? Provide MD5 Hash updates. Validate, update, post and maintain MD5 Hash list for signature repository? Conducts analysis on the lifecycle of adversary anatomy of attack and exploitation and the associated tools, malware, and encryption mechanisms utilized? Identify patterns in reported compromises and identify additional compromises as part of the same incident. Subtask 4.4.6: Host Based Security System Host Based Security System (HBSS) is a continuous monitoring capability used to identify misconfigurations and erroneous connections, vulnerabilities and malicious signatures on the DODIN. HBSS monitors, detects, prevents, tracks, reports and remediates malicious computer related activities and incidents on the DODIN. Data and reports from HBSS provide situational awareness, and are analyzed to drive decision making in the defensive planning cycle. The Contractor shall: 30

DRAFT 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186? Assist in identifying shortfalls and capability gaps on DoD policy and guidance as well as shortfalls on network/system architectural designs? Develop white papers, briefs, analysis reports and provide input to official inquiries? Provide operational, technical, and analytical support to implement HBSS across the DODIN? Provide input to and update implementation policy and guidance for the configuration of HBSS? Monitor and analyze DoD network trends, performance and functionality? Analyze various forms of network traffic in support of incident response. Identify new exploits and security vulnerabilities, analyze behavior of malicious code, research open source data, document host/network signatures and develop mitigation and remediation strategies? Conduct analysis and coordinate with the JOC and CC/S/A/FAs to address areas of concern.? Assist in developing requirements for future HBSS capabilities and collaborate with DISA and other stakeholders Subtask 4.4.7: Joint Advanced Targeting Analysis The Joint Advanced Targeting Analysis (Fires) identifies gaps with pairing capabilities against targets to achieve an effect in accordance with tactical objectives, operational goals, and strategic end-states. Targeting Analysis involves collaboration and coordination of USCYBERCOM targets with the IC and DoD Components. This task requires technical targeting knowledge on the best methods to allocate fires against deliberate and dynamic targets in and through cyberspace. The Contractor shall:? Coordinate targeting strategy development and engagement responsibilities with components and supporting commands. Provide input to USCYBERCOM on the approval process for targeting and fires? Assist in the development of USCYBERCOM joint targeting policies and procedures? Facilitate preparation of the Joint Targeting Working Group (JTWG) and the JTCB? Attend targeting Boards, Bureaus, Centers, Cells and Working Groups (B2C2WGs) such as the JTWGs inside and outside the Command to prioritize target requirements 31

DRAFT 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227? Assist with all aspects of preparing strike packages and cyber request and approval packages to validate targets via the Joint Targeting Coordination Board (JTCB)? Assist in the synchronization and implementation and prioritization of targeting methodologies? Monitor and facilitate all targeting list at the intermediate level and above? Draft commanders targeting guidance? Provide input to the cyber joint targeting cycle to include interagency planning, joint targeting board support, cyber weapons capability analysis, collateral effects estimate, and planning support? Identify desired effects, methods of engagements, target aim points and cyber forces in which to deliver fires or effects against military targets in and through cyberspace? Facilitate the stand up and transition of Fires tasks to the CMF tactical level headquarters. Subtask 4.4.8: Cyber Capability Analysis Cyber Capability Analysis develops and coordinates operational and technical requirements for enhancing cyberspace capabilities based on operational needs throughout the entire lifecycle. This process requires coordination of a time-phased implementation of capabilities to align with USCYBERCOM and CMF strategic orders and directives. Cyber Capability Analysis identifies, prioritizes, and develops capability requirements. The Contractor shall:? Facilitate, coordinate, and assist in the development, review, and edit of briefings and technical content for the Integrated Capabilities Requirements Working Group (ICRWG) and associated Operational Boards and participate in activities that prepare for the USCYBERCOM Requirements and Investment Board (CRIB)? Facilitate, coordinate, and assist in the development, review, and edit of briefings and technical content for the DoD level Cyber Operational Capabilities Board (COCB)? Collaborate with internal USCYBERCOM and external organizations to identify capability gaps that prevent mission accomplishment? Synchronize & prioritize capability requirements and new tactical uses of existing capabilities across to applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions 32

DRAFT 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267? Prepare and deliver operational capability requirements specifications and regular updates to USCYBERCOM leadership? Provide recommendations to developers and users on the technical aspects of cyberspace requirements? Identify and recommend cyberspace operations best practices, streamline processes, and methods to integrate emerging cyber technologies? Research capabilities to identify potential target pairing and make timely assessments on munitions effectiveness? Recommend guidance to the field. Assist in the transition of operational capability requirements to applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions? Support Cyber Capabilities and Targeting Gap Analysis through comparison, documenting, and reporting short falls in cyber capabilities against validated targeting requirements. A. Cyber Requirements Cell Coordination The Cyber Requirements Cell (CRC) coordination is a critical process regarding capabilities. The CRC coordination requires knowledge of cyber capability development processes within the IC. The Contractor shall:? Participate in the NSA CRC process and collaborate with NSA for capability support requests from applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions? Analyze and track capability support requests sent to the CRC and maintain communication with the requesting organization until request is fulfilled? Maintain and de-conflict requirements of external organizations and update related databases? Prepare status briefs to facilitate interagency communication on cyber capabilities B. STO/SAP Cyber Capability Analysis STO/SAP Cyber Capability Analysis is the process of pairing operational requirements with STO/SAP capabilities. STO/SAP Cyber Capability Analysis requires the ability to pass an additional layer of security review and must adhere to need-to-know and material 33

DRAFT 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 contribution criteria. Knowledge of capability development processes and STO/SAP capabilities is required IOT efficiently facilitate the process. The Contractor shall:? Identify and develop STO/SAP cyber capability resources to address operational gaps and requirements? Attend and provide input to the ICRWG and COCB IOT synchronize the collateral and STO/SAP capability development efforts? Brief and update STO/SAP planners on issues; make capability improvement and development recommendations to the staff/command? Maintain and update STO/SAP capability documents Subtask 4.4.9: Cyberspace Capability Registry Management The Cyberspace Capability Registry (CCR) is a database that is charged by the Joint Staff with becoming the Program of Record for all DoD cyberspace capabilities and associated data in order to be utilized for planning by the operator during mission, and for post operations assessment. The CCR requirement originated in the J3, and the J3 is charged with operational management and data maintenance. The technical solution provider may not be in the J3. CCR management provides input to operational use, requirements, and capability limitations that impact the decision and policy making processes and improves CCR usability and accessibility. The Contractor shall:? Analyze user requirements for system improvements to the CCR and submit changes to the solution provider. Collaborate with the solution provider through the system lifecycle process? Review technical capability documentation upon submission to the CCR to ensure it is clear, consistent, and complete? Assist in establishing and implementing a maintenance program that improves the operational usefulness, fosters Information Operations (IO) community collaboration in the development and employment of cyber warfare capabilities? Assist with functional testing and recommending further development of cyber warfare capabilities that could be made operationally effective with minimal additional development? Review, analyze, and maintain data provided from end users and developers on their operational cyber capabilities. Recommend validation of the data for usability and/or implementation by the operational users? Assess performance, readiness, and reliability of the CCR 34

DRAFT 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350? Collaborate with various internal and external cyber capability development organizations? Monitors the CCR, provides documented recommendations for process and procedure improvements, enhancements, and refinements creating streamlined Quality Assurance processes that leverages the enhanced functionality of the CCR. Subtask 4.4.10: Cyber Joint Munitions Effectiveness The Cyber Joint Munitions Effectiveness Manual (JMEM) initiative falls under the joint staff program of record for non-kinetic weaponeering, called the Joint Capability and Analysis Assessment System (JCAAS). J3 Fires is the Functional Area Lead (FAL) for the cyber JMEM under the Joint Targeting Coordination Group/Munitions Effectiveness (JTCG/ME). Cyber JMEM is following the kinetic model to include determining relevant weapons characteristics, targeting vulnerabilities, and developing analytical models, database, algorithms, and metrics necessary to estimate the effectiveness of specific weapons employed against specific targets in specific scenarios. This task entails recommending, developing, evaluating, analyzing, and integrating cyber weapons/tools/capabilities. The Contractor shall:? Act as a liaison between USCYBERCOM and the JTCG/ME program managers and their partner organizations? Assist in managing and running Operational User Working Groups and Functional Area Working Groups? Coordinate with the IC tool developers, the CMF tool developers, and other weapon/tool/capability providers? Coordinate with the C2 Systems, CCR managers, Cyber Network Operations Database (CNODB), Modernized Integrated Database (MiDB), and other system managers and/or engineers to link data, methodologies, and operational assessment processes? Assist with the project management of testing and evaluation of tools? Develop and propose strategic analysis cyber weapons/tools? Evaluate strategic analysis weapons/tools. Evaluate software tools to support the Strategic Analysis of data and the dissemination of analysis data? Assist in identifying gaps in cyber weapons/tools/capabilities. Develop and propose Mission Needs Statements (MNS) based on the identified gaps? Evaluate and integrate existing network analysis tools and software and related system media analysis tools and software databases? Develop SOPs and CONOPs that describe weapon/capability/tool functionality and operational capabilities. 35

DRAFT 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 Task 4.5: The USCYBERCOM Joint Operations Center The USCYBERCOM Joint Operations Center (JOC) provides Mission Essential 24x7/365 coverage to support cyberspace operations. The JOC receives, tracks, and resolves cyber issues and provides the Commander situational awareness of cyberspace operations. JOC Operators identify key issues and priorities affecting the operations and defense of USCYBERCOM areas of responsibility. The Contractor shall provide 24x7/365 coverage and adjust staff schedule as needed for COOP. The Contractor shall respond to USCYBERCOM requirements for real world and exercise Contingency Operations and National Capital Region (NCR) catastrophic events, which may require the Contractor to travel and staff positions outside of routine USCYBERCOM facilities. The Contractor Shall:? Maintain awareness and conduct analysis of USSTRATCOM/USCYBERCOM directives, orders, alerts and messages, and respond to related cyberspace operations community questions? Develop, release, track, and update mission-related orders to include Tasking Orders (TASKORDs), Warning Orders (WARNORDs), and Fragmentary Orders (FRAGOs)? Update DoD shared situational awareness mechanisms i.e., websites, blogs, and Wikipedia style mechanisms? Brief all applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components, agencies, Intelligence Agencies, LE, and US Government organizations on the status of cyberspace operations? Analyze operational reporting from other cyber organizations and provide input to briefings, reports, and staff actions? Respond to official questions through Request For Information (RFI) tools? Participate in command exercises and provide feedback in after action reports? Coordinate cyberspace operations, including C2, with DoD and all applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions, Intelligence Agencies, LE, U.S. Government organizations; communicate with Industry and Academic entities on network operations/defense activities A. Cyberspace Operations DODIN Controller The Cyberspace Operations DODIN Controller (CODC) [formerly Dynamic Network Defense Operations Duty Officer (DNDO-DO) & End-Point Countermeasures Duty Officer (EPCMDO)] executes in real time, in accordance with mission requirements, 36

DRAFT 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 incident handling, triage of events, network analysis and threat detection, trend analysis, metric development, and vulnerability information dissemination. The CODC shall have a technical knowledge and understanding of the lifecycle of the network threats, attack vectors, methods of exploitation, computer network theory, and network vulnerability exploitation. The Contractor shall:? Assist in preparation and delivery of daily situational awareness and operational update briefings to USSTRATCOM and USCYBERCOM leadership? Review and monitor incident response and status for accuracy and clarity from all applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies utilizing current and future tools, including the JIMS? Monitor, analyze, and report on events, asset data, and compliance data that meet or exceed established thresholds? Identify attack trends across multiple enclaves on the DODIN; determine the risk and report as necessary? Utilize HBSS and the ArcSight Security Information Event Management (SIEM) to prevent and eliminate cyber threats and vulnerabilities across the DODIN? Identify compromises and patterns in reported compromises as part of the incident where countermeasures tools were or should have been involved? Coordinate with all applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions, Intelligence Agencies, LE, and U.S. Government organizations with respect to HBSS findings? Develop COOP procedures and update DODIN Ops SOPs? Update DODIN Ops training plans and related policy, directives, and instructions? Identify processes for use in a 24x7 operations environment and evolve those processes for 24x7 operations. B. Cyberspace Operations Deputy The Cyberspace Operations Deputy (COD2) [Formerly Countermeasures Duty Officer (CMDO) and Fusion Duty Officer (FDO)] applies knowledge of DoD assessment resources, processes, and policy to guide global countermeasure at the enterprise, regional, and local level. The COD2 shall have a technical knowledge and understanding of DoD cybersecurity activities, including: detection, monitoring, correlating, and preventing cyber threat activity that impacts the DODIN and the lifecycle of the network threats, attack vectors and methods of exploitation to prevent and eliminate threats to the DODIN. 37

DRAFT 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 The Contractor shall:? Monitor, analyze, and report on DoD data sources, reports from all applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components, and agencies with cyber related missions, and indications and warnings from all partner organizations? Prioritize DODIN incidents, emerging cyber threat activity, or emerging network vulnerabilities for USCYBERCOM leadership and DoD Component situational awareness and/or action? Monitor, correlate, detect, and share malicious activity impacting the DODIN as well as adversary TTPs and indicators that can be used to detect, monitor, and counter the activity with USCYBERCOM and DoD Components? Identify potentially malicious activity on the DODIN; coordinate with DoD Components for CNDSP actions, and present consolidated information for leadership awareness? Monitor updates from the Joint CERT Database (JCD) and JIMS and review incident responses from all applicable staff elements, JFHQs, subordinate headquarters, Service Cyber components, CCMD, components and agencies with cyber related missions for accuracy and clarity? Monitor, correlate, and analyze all operational reporting received from DoD, Intelligence, and LE sources pertaining to intrusion-related activities? Coordinate and ensure DoD incident handling procedures are adhered to in accordance with (IAW) DoD guidance, regulations, and directives? Create incident reports, Wikipedia-like updates, collaboration/chat tippers and notifications, DoD incident handling database queries, metrics, and trend reports? Conduct the preparation and delivery of daily situational awareness and operational update briefings to USSTRATCOM and USCYBERCOM leadership? Ensure situational awareness of USCYBERCOM priorities and provide best practices to CNDSPs and DoD Components? Coordinate and de-conflict network operations teams to include incident response, penetration, remediation, vulnerability assessment teams? Analyze data to determine the best countermeasure to be deployed at each network level? Utilize host-level security capabilities to enhance detection and prevention of computer vulnerabilities and threats. C. Cyberspace Operations DODIN Officer 38

DRAFT 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 The Cyberspace Operations DODIN Officer (CODO) [Formerly Dynamic Network Defense Operations (DNDO)] coordinates Cyberspace Operations DODIN (COD) orders and maintains situational awareness with subordinate Headquarters. The Contractor Shall:? Maintain situational awareness and analysis of USSTRATCOM/USCYBERCOM directives, orders, alerts and messages, and respond to related network operations community questions? Assist CBC in coordinating RFIs and Cyber Effects Request Forms (CERF) D. Enhanced Shared Situational Assessment Analyst The JOC s central point for collaboration of cyberspace operations and activities across the Enhanced Shared Situational Awareness (ESSA) and LE community. The Contractor Shall:? Provide situational awareness, intelligence support, and counterintelligence (CI) de-confliction of DODIN network warfare activities within the DODIN and IC.? Facilitate communication between CYBERCOM JOC and other ESSA centers? Ensure information systems and collaboration tools are identified and used where possible? Participates in requirement process for ESSA collaboration tools and information systems for JOC equities and requirements. 1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 Task 5: Knowledge Management and Records Management Knowledge management and information sharing are essential functions to conduct operations in USCYBERCOM. Knowledge Managers enable collaboration of cyber operational data, and provide leadership with relevant information to make informed decisions. The Knowledge Manager and Records Manager shall coordinate activities with the USCYBERCOM Chief Knowledge Officer (CKO) to ensure continued compliance with Command policies and procedures. Knowledge managers utilize information sharing portals to have information readily accessible to USCYBERCOM and external stakeholders. This task requires expertise in developing Microsoft SharePoint portals, database management, and Microsoft office suite applications. The Contractor shall: 39

DRAFT 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554? Post, edit, distribute and maintain appropriate content on USCYBERCOM classified and unclassified website/portals? Develop and maintain an accurate, consistent, repeatable process for responses to official questions through RFI tools by collecting, consolidating, and preparing written responses to external RFI or internal query from USCYBERCOM leadership? Create and maintain records in compliance with DoD Records Management policies and directives? Organize data, establish file structures, and ensure information is captured and stored in locations accessible to various user groups? Develop TTPs for coordinating the flow of information and work with CYBERCOM training branches to periodically test these TTPs during exercises. Task 6: Program Management & Analysis Program management and analysis are essential functions to conduct operations in USCYBERCOM. Program Management is the process of managing multiple projects that are all related and working toward the same goal or result. It includes oversight of project-level activities to ensure overall program goals are likely to be met. It also includes identifying and coordinating cross-project dependencies to ensure consistency of progress toward accomplishing programmatic goals. Program Management may apply to the management of this task order. The Contractor shall:? Conduct a kick off meeting No Later Than (NLT) 7 days after program commences? Ensure Contractor personnel provided have necessary education, experience, job skills, and training? Ensure contractor and subcontractor personnel sign Non-Disclosure Agreements (NDA) prior to commencement of work onsite? Assist the Government in preparing or conducting briefings on program related activities? Develop and maintain work breakdown structures and integrated master schedules for all assigned programs? Perform evaluations of existing procedures, processes, techniques, models, and/or systems to identify areas for improvement and recommend solutions? Interface with partners and stakeholders to perform enterprise-wide horizontal integration planning? Perform program management to control risk and cost, mitigate schedule delay, and ensure timely delivery? Assist with the review of risk and risk mitigation activities and recommend budget allocation for the Government approval 40

DRAFT 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591? Provide the Government with clear insight into program cost, schedule, and technical performance? Ensure compliance with all regulatory and administrative requirements imposed by the contract in coordination with the Contractor s contracts staff? Assist with the review of all earned value, Estimate to Complete, Funds and Manhour Expenditure Report, or other financial reports as appropriate for the Government approval? Consolidate Government inputs to the Quality Assurance Surveillance Plan reviews or Award Fee reviews, as appropriate? Communicate issues and solutions to the Government Program Manager (PM) and COR in a timely and transparent manner? Coordinate the preparation of Engineering Change Proposals (ECPs) and value engineering proposals to the Government PM. A. Fires & Effects C2 System Development The Fires & Effects C2 System Development requires program management for Cyber Command and Control Portal for Operations (C3PO) and future C2 systems adopted by the command. C3PO is the current system mandated for use by the CMF to implement the Cyber Tasking Cycle. This task will also advise on other C2 systems capabilities and usage. The Contractor shall:? Assist with end-to-end technical requirement lifecycle of C3PO and future C2 systems? Identify, analyze, and refine initial requirements for C3PO and future C2 systems? Recommend priorities for USCYBERCOM s operational requirements regarding C3PO and future C2 systems? Analyze requirements and develop various levels of system requirements and documentation development required for the design and build of a solution for C2 problem sets? Assist in integrating selected C3PO and future C2 systems with selected situational awareness systems to include providing documentation. 41

DRAFT 1592 1593 1594 1595 1596 1597 1598 1599 Task 7: Integrated Technology Services USCYBERCOM J3 is responsible for identifying requirements and concepts of operation which enable and align with the C2 and defense of the DODIN. Supporting this task requires duties such as system evaluations, system analysis, and infrastructure assessments. Additionally, this task requires knowledge of planning and engineering of enterprise architectures management of system configuration, system administration support, and system engineering support. 1600 1601 The Contractor shall: 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623? Contribute to the design and development of systems and associated enterprise architectures? Review and provide comments on technical materials consisting of, but not limited to, technical documentation and reports, cyber policy and procedures, and planning materials? Provide technical edits to engineering documentation, software documentation, manuals, reports, or any other documents or presentations? Coordinate and collaborate with the USCYBERCOM C4IT Directorate (J6) to ensure seamless integration and management of services, systems, and networks into existing and future joint DODIN infrastructure? Analyze and assess enterprise architecture design and development proposals? Assist in collecting and organizing information required for preparation of documents, training materials, guides, proposals, and reports? Develop program, system, operations, implementation, and user documentation? Develop concept papers, technical white papers, and related documentation detailing network practices for implementation throughout the DoD? Provide detailed hands-on training and training documentation to include system capabilities and functionality, system logon/logoff procedures, 42

DRAFT 1624 1625 understanding of data fields, information processing, report production, file retrieval, system security features, and system error messages. 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 A. Fires & Effects C2 System Development The Fires & Effects C2 System Development task requires an extensive knowledge, understanding and familiarity of the Joint Targeting Cycle and the JOPP. This task requires a knowledge, understanding and the ability to explain C2 of Cyberspace Operations to include the Cyber TASKORD development and execution, CERFs, Joint Tactical Cyber Requests, and the Cyber Tasking Cycle. Additionally, this task requires the understanding and the ability to develop applications and systems in accordance with 508 compliance. The Contractor shall:? Provide C2 systems development, management, and systems engineering support to network and Web-based initiative functions of the Government, executed in real time in accordance with mission requirements? Develop and maintain Government C2 Systems across multiple platforms to suit real-time operational needs? Provide database administration related information security and maintenance, as needed, in support of evolving C2 systems? Provide real-time Cyber C2 system support and system administration for exercises, crisis, or contingencies (this could be a 24x7 on call type position)? Review functional requirements with other technical experts for feasibility in implementing technical solutions for USCYBERCOM, including requirements analysis, and provide recommendations to the Government on implementing solutions. Task 8: Business Process Re-engineering Business process re-engineering (BPR) is the analysis and redesign of workflows within and between organizations. The J3 uses business process re-engineering to implement changes in processes such as operational priorities, requirements management, mission management, operational assessments, and event/incident response. BPR requires the knowledge of several BPR theories and change management methods IOT make the most efficient recommendations to the command. The Contractor shall: 43

DRAFT 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 1680 1681 1682 1683 1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702? Interview personnel within various J-codes, subordinate units, and appropriate external units to determine processes, including expected inputs and outputs versus actual inputs and outputs? Analyze processes in the command and subordinate units and identify weaknesses, areas to sustain, and areas of improvement based upon proven methods? Make recommendations to the USCYBERCOM leadership on process changes to optimize efficiency and increase accurate productivity. 7. Period of Performance Base Period: 22 May 2015 21 May 2016 Option Period 1: 22 May 2016 21 May 2017 Option Period 2: 22 May 2017 21 May 2018 Option Period 3: 22 May 2018 21 May 2019 Option Period 4: 22 May 2019 21 May 2020 8. Place of Performance The primary place of performance will be at USCYBERCOM government facilities within the Ft. George G. Meade, MD local area. Local area is any facility within 50 mile radius of Ft. Meade. 9. Travel The Contractor may be required to travel from their primary work location to other USCYBERCOM locations, other U.S. Government locations and contractor facilities, as well as partner sites worldwide in support of Command activities. 10. Transition plan (if applicable) 10.1 Phase-In Plan (Please note that this plan will be a firm fixed price item.) The Contractor shall develop a contract transition plan for phasing-in contractor performance. The period between the award date and full performance start date constitutes the contract phase-in-period. During the phase-in period, the Contractor shall prepare to meet all contract requirements and ensure all incoming personnel are trained and qualified on the full performance start date. The Government will make all facilities, equipment, and materials accessible to the contractor during the phase-in period. 44

DRAFT 1703 1704 1705 1706 1707 1708 1709 1710 1711 1712 1713 1714 1715 1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 10.2 Phase-Out Plan (Please note that this plan will be a firm fixed price item.) The Contractor shall develop a Phase-Out plan NLT 60 calendar days prior to expiration of the task order for an orderly and efficient transition from current operations to a successor s operation to ensure continuity of critical operations. The Contractor shall coordinate the transition-out plan with COR and successor Contractor prior to contract performance expiration date. The Contractor shall identify how they will coordinate and transfer knowledge to the inbound contractor and Government personnel regarding the following:? Project management processes? Points of contact? Location of technical and project management documentation? Status of ongoing technical initiatives? Appropriate contractor to contractor coordination to ensure a seamless transition? Schedules and milestones? Actions required of the Government? Establish and maintain effective communication with the incoming Contractor/Government personnel for the period of the transition via weekly status meetings? As the incumbent, the Contractor will provide personnel to conduct a joint inventory of all Government-Furnished Property (GFP). 1726 1727 1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 11. Deliverables The Contractor shall prepare a Project Management Plan/Task Order Management Plan and Quality Assurance Surveillance Plan (QASP) describing the technical approach, organizational resources and management controls to be employed to meet the cost, performance and schedule requirements throughout execution. The Contractor shall meet at least once monthly with the Government Task Monitor to discuss activities, identify resource issues, and clarify priorities. The Contractor shall provide a monthly status report monitoring the quality assurance, progress/status reporting and program reviews. Within the monthly status report, the Contractor shall provide the following information: sub-tasks worked, hours expended by labor category, costs by labor category, and cost estimate through period of performance. The Contractor shall document its accounting procedures for tracking labor hours. The Contractor shall meet with the Government within 15 days after contract award for the purpose of reviewing requirements and establishing firm dates for the Contract Data Requirements List (CDRL). 45

DRAFT 1747 1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 The Contractor shall prepare a Plan of Accomplishment (POA) that will address any changes made at the time and serve as the vehicle for establishing firm dates for incremental deliverables. The table below provides the requested deliverables. Task # All All All All Deliverable Title Monthly Status Report Program Management Plan Quality Assurance Plan After action reports and meeting minutes 12. Security Format Quantity Frequency Contractor Provided Format, Government Approved CPGA CPGA Standardized Format One (1) copy to COR; One (1) copy to Division Chief One (1) Copy to COR, (1) Copy to Division Chief One (1) Copy to COR, One (1) Copy to Division Chief One (1) copy to TM, One (1) copy to Division Chief or Action Officer Monthly, on the 15 th workday NLT 15 calendar Days After Contract Award (DACA) and updates as requested by COR NLT 15 calendar DACA and updates as requested by COR Within three (3) business days of event. This effort supports classified and unclassified programs. The Contractor shall provide cleared personnel with Top Secret/Sensitive Compartmented Information (TS/SCI), Counter-intelligence Polygraph, qualified on the start date of the period of performance. The nature of the contract requires contractor personnel to possess a high degree of security awareness. All contractors will be screened by National Security Agency (NSA) security and must be approved for access to NSA facilities and systems. Additional security requirements are defined in the OMNIBUS IDIQ PWS. 46

DRAFT 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809 13. Government-Furnished Equipment (GFE)/Government- Furnished Information (GFI) The Government may provide workspace, computers, connectivity and other resources required to accomplish the tasks outlined in this Statement of Work. All Government property should be maintained IAW the terms and conditions provided in the base contract. The Government will provide access to non-procurement sensitive documentation, information on various weapon systems, program process and schedules as well as intelligence and information pertaining to cyber activities in support of military information operations, related activities and associated follow-on tasks to enable contractors to complete their assigned tasks. The Government may provide personnel with signed Non-Disclosure Agreement (NDA) access to procurement sensitive information, see Paragraph 11. Information will include reports, briefings and other related reference material. Government furnished equipment related to this task may be provided. The Government will provide the Contractor with the timely information, to include access to both unclassified and classified government information networks, required for the completion of this effort and facilitate contractor personnel interfaces with other Department of defense staff, service staff, national agency offices, as required to complete this effort. 14. Other Pertinent Information or Special Considerations 14.1 Non-Disclosure Agreement The Contractor shall sign one version of the following Non-disclosure Statement (Appendix B) (Deliverable 1) on behalf of the company, only if applicable, and shall also ensure that all staff assigned to, including all subcontractors and consultants, or performing on this Delivery Order execute and adhere to the terms of the following nondisclosure statement, protecting the procurement sensitive information of the Government and the proprietary information of other contractors. Assignment of staff who have not executed this statement or failure to adhere to this statement shall constitute default on the part of the Contractor. 14.2 Identification of Contractor Employees All contractor personnel attending meetings, answering Government telephones, and working in other situations where their contractor status is not obvious to third parties are required to identify themselves as such. They must also ensure that all documents or reports produced by contractors are suitably marked as contractor products or that contractor participation is appropriately disclosed. 47

DRAFT 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 1821 1822 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 1851 1852 1853 1854 ACAS ACL AMHS AOR ASI B2C2WG BPR C2 C3PO C4IT C&A CAT CBC CC/S/A/FA CCMD CCR CCRI CDA CDC CDR CDS CEH CERF CERT CI CKT CMRS CNDSP CI CIO CIR CJCSM CKO CMF CMDO CND CNDSP CNMF CNODB COA COCB COD Acronym List Assured Compliance Assessment Solution Access Control List Automated Message Handling System Area of Responsibility Authorized Service Interruptions Boards, Bureaus, Centers, Cells and Working Groups Business Process Re-engineering Command and Control Cyber Command and Control Portal for Operations Command, Control, Communications, Computers & Information Technology Certification and Accreditation Category Cyber Battle Captain Combatant Command/Service/Agency/Field Activity Combatant Command Cyberspace Capability Registry Command Cyber Readiness Inspection Congressionally Directed Actions Cleared Defense Contractor Commander Cross Domain Solution Certified Ethical Hacker Cyber Effects Request Form Computer Emergency Response Team Counter Intelligence Cyber Key Terrain Continuous Monitoring and Risk Scoring Computer Network Defense Service Provider Counterintelligence Chief Information Officer Critical Information Requirements Commander Joint Chiefs of Staff Manual Chief Knowledge Officer Cyber Mission Force Countermeasures Duty Officer Computer Network Defense Computer Network Defense Service Providers Cyber National Mission Force Cyber Network Operations Database Courses of Action Cyber Operational Capabilities Board Cyberspace Operations DODIN 48

DRAFT 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 1894 1895 1896 1897 1898 1899 1900 COD2 CODC CODO CONOP CONUS COOP COR CRC CRIB CTO DCDR DCO DHS DIB DISA DISA DCO DNDO DNDO-DO DNS DoD DODAAC DODIN DRRS DSS ECP EEFI EIC EPCMDO EResM EReqM ESSA FAL FDO FOC FRAGO FSO GCIH GFE GFI GIAC GOC GSEC GSNA Cyberspace Operations Deputy Cyberspace Operations Department of Defense Information Network Controller Cyberspace Operations DODIN Officer Concept of Operation Contiguous United States Continuity of Operations Plan Contracting Officer Representative Cyber Requirements Cell USCYBERCOM Requirements and Investment Board Cyber Tasking Order Deputy Combatant Commander Defensive Cyber Operations Department of Homeland Security Defense Industrial Base Defense Information Systems Agency Defense Information Systems Agency Defense Connect Online Dynamic Network Defense Operations Dynamic Network Defense Operations Duty Officer Domain Name Service Department of Defense Department of Defense Activity Address Code Department of Defense Information Network Defense Readiness Reporting System Defense Security Service Engineering Change Proposals Essential Elements of Friendly Information Emergency Intelligence Coordinator End-Point Countermeasures Duty Officer Evaluation Response Messages Evaluation Request Messages Enhanced Shared Situational Assessment Functional Area Lead Fusion Duty Officer Full Operational Capability Fragmentary Orders Field Security Office Global Information Assurance Certification Certified incident Handler Government Furnished Equipment Government Furnished Information Global Information Assurance Certification Global Operations Center Global Information Assurance Certification Security Essentials Global Information Assurance Certification Systems and Network Auditor 49

DRAFT 1901 1902 1903 1904 1905 1906 1907 1908 1909 1910 1911 1912 1913 1914 1915 1916 1917 1918 1919 1920 1921 1922 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 1933 1934 1935 1936 1937 1938 1939 1940 1941 1942 1943 1944 1945 1946 HBSS HIDS IARR IAVA IAVB IAVM IAW IC ICRWG IDIQ IDS IMATs IO IOC IOT IPS ISCM ISO IT JCAAS JCD JDO JELC JFHQ JIACG JID JIE JIMS JMC JMEM JMET JMETL JOC JOPP JOSG JQRR JROC JTCB JTCG JTIMS JTSO JTWG LE MCOP MD5 ME Host Based Security System Host Intrusion Detection System Information Assurance Readiness Review Information Assurance Vulnerability Alerts Information Assurance Vulnerability Bulletins Information Assurance Vulnerability Management In Accordance With Intelligence Community Integrated Capabilities Requirements Working Group Indefinite Delivery Indefinite Quantity Intrusion Detection System Incident Management Assistance Teams Information Operations Initial Operational Capability In Order To Intrusion Prevention System Information Security Continuous Monitoring In Support Of Information Technology Joint Capability and Analysis Assessment System Joint CERT Database Joint Duty Officer Joint Event Lifecyle Joint Force Headquarters Joint Interagency Coordination Group Joint Indicator Database Joint Information Environment Joint Incident Management System Joint Malware Catalog Joint Munitions Effectiveness Manual Joint Mission Essential Task Joint Mission Essential Task List Joint Operations Center Joint Operational Planning Process Joint Information Environment Operations Sponsor Group Joint Quarterly Readiness Review Joint Requirements Oversight Council Joint Targeting Coordination Board Joint Targeting Coordination Group Joint Training Information Management System Joint Information Environment Technical Synchronization Office Joint Targeting Working Group Law Enforcement Master Cyber Operations Plan Message Digest-5 Munitions Effectiveness 50

DRAFT 1947 1948 1949 1950 1951 1952 1953 1954 1955 1956 1957 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972 1973 1974 1975 1976 1977 1978 1979 1980 1981 1982 1983 1984 1985 1986 1987 1988 1989 1990 1991 1992 MiDB MMA MNS MOE MOP NAI NCR NDA NIDS NIPRNet NISP NIST NLT NSA OCO OCONUS ODNI OPCON OPE OPG OPLAN OPORD ORSA OPS OPT OSD OSI PCC PIR PLANORDS PM POA POA&M QFR RAP RFI ROC SAP SAR SCM SEADMI SIPRNet SITREP SLA SME SOP Modernized Integrated Database Media, Malware, Analysis Mission Needs Statements Measure of Effectiveness Measure of Performance Named Areas of Interest National Capital Region Non-Disclosure Agreement Network Intrusion Detection System Non-Secure Internet Protocol Router Network National Industrial Security Program National Institute of Standards and Technology No Later Than National Security Agency Offensive Cyber Operations Outside the Contiguous United States Office of the Director of National Intelligence Operational Control Operational Preparation of the Environment Operational Planning Groups Operations Plan Operations Order Operations Research/System Analysis Operations Operational Planning Teams Office of the Secretary of Defense Open Systems Interconnection Planning and Coordination Cell Priority Intelligence Requirements Planning Orders Program Manager Plan of Accomplishment Plan of Action and Milestones Questions for the Record Review and Approval Request for Information Rehearsal of Concept Special Access Program Situational Awareness Report Secure Configuration Management Statistical Enterprise Analytics and Data Management Initiative Secret Internet Protocol Router Network Situational Reports Service Level Agreement Subject Matter Expert Standard Operating Procedures 51

DRAFT 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 SOW SSCP ST&E STO TACON TASKORD TMF TS//SCI TTP TTX U//FOUO UCAP U.S. USCENTCOM USCYBERCOM USEUCOM USPACOM USSTRATCOM VMS VTC WARNORD WMS Statement of Work System Security Certified Practitioner Security Test and Evaluation Special Technical Operations Tactical Control Tasking Order Threat Mitigation Framework Top Secret//Sensitive Compartmented Information Tactics, Techniques, Procedures Tabletop Exercise Unclassified//For Official Use Only Unified Cyber Analytics Portal United States United States Central Command United States Cyber Command United States European Command United States Pacific Command United States Strategic Command Vulnerability Management System Video Teleconference Warning Order Workflow Management System 52

Welcome, John Young Accessibility User Guide Logout SYNOPSIS: USCYBERCOM Omnibus Contract Solicitation Number: HC1047-14-R-0005 Agency: Defense Information Systems Agency Office: Procurement Directorate Location: DITCO-NCR Notice Details Packages Interested Vendors List Keywords: Search Items 1-180 of 180 OBJECT CTALK, INC. 344 ABRAMS MILL RD KING OF PRUSSIA, PA 194061704 USA Email: atul@octalk.com Phone: 610-265-7300 Minority-Owned business, Self-Certified Women-Owned Woman-Owned Subcontinent Asian (Asian- Indian) American Owned,, S Corporation 1 of 81 5/10/2015 10:26 AM

-SIKKA SUNIL A-THRU-Z INC. 8309 OLD SEVEN LOCKS RD STE A BETHESDA, MD 208172009 US Email: sunils@a1logic.com Phone: 2028887765 Minority-Owned business, Self-Certified Subcontinent Asian (Asian- Indian) American Owned,, S Corporation AABON AARON US Federal Goverment Proposal Writing Group + More US Email: marvin@feddesignbuild.com Phone: 5137068098 Allen Craig FRAGCITY LLC 24 SANFORD FERRY CT FREDERICKSBURG, VA 224065446 US Email: craig.allen@fragcity.com Phone: 7605863151 Minority-Owned business, Self-Certified Economically 2 of 81 5/10/2015 10:26 AM

Women-Owned Women-Owned Woman-Owned Limited Liability Company, Hispanic American Owned, Armstead Jeremiah ELAUNCH TECHNOLOGIES, INC. 201 SAINT CHARLES AVE./STE. 2500 NEW ORLEANS, LA 701702500 USA Email: federal@elaunchonline.com Phone: 2017169737 Self-Certified DoT Certified Business Enterprise, Service Disabled, Arya Pamela OPTENSITY, INC. 1592 CARLIN LN MCLEAN, VA 221014156 USA Email: parya@optensity.com Phone: 7038685248 3 of 81 5/10/2015 10:26 AM

Avery Cecil SECURITY MANAGEMENT AND INTEGRATION COMPANY 1423 E 29TH ST TACOMA, WA 984044008 USA Email: cavery@dcid63.com Phone: 8592508739 Minority-Owned business, Self-Certified DoT Certified Business Enterprise, Black American Owned, Service Disabled,, SBA Certified Hub Zone Firm 4 of 81 5/10/2015 10:26 AM

BANSAL OM AINET CORPORATION 11700 MONTGOMERY RD BELTSVILLE, MD 207051159 USA Email: OM.BANSAL@AI.NET Phone: 8883246383 Minority-Owned business, Subcontinent Asian (Asian- Indian) American Owned, 5 of 81 5/10/2015 10:26 AM

barnes fred TAC INTEGRATED SOLUTIONS, LLC 6820 AMBER HILL COURT FORESTVILLE, MD 207471560 USA Email: fbarnes@tacintegrated.com Phone: 2026796212 Self-Certified Limited Liability Company,, SBA Certified Hub Zone Firm Barr Darrell CREATIVE BUSINESS SOLUTIONS, INC. 1918 13TH ST SE WASHINGTON, DC 200207002 USA Email: db@cbsxcels.com Phone: 3014610799 Minority-Owned business, Self-Certified SBA 6 of 81 5/10/2015 10:26 AM

Certified 8(a) Program Participant, Black American Owned, Service Disabled,, S Corporation, SBA Certified Hub Zone Firm Bartlett Kent S4, INC. 209 BURLINGTON ROAD SUITE 105 BEDFORD, MA 017301422 USA Email: kent.bartlett@s4inc.com Phone: 2025508664 Minority-Owned business, Self-Certified Subcontinent Asian (Asian- Indian) American Owned,, S Corporation Bashara Tim INNOVATIVE MANAGEMENT & TECHNOLOGY APPROACHES, INC. 2100 CRYSTAL DR STE 750 ARLINGTON, VA 222023789 USA Minority-Owned business, 7 of 81 5/10/2015 10:26 AM

Email: bashara-tim@imtas.com Phone: 2029620000 Subcontinent Asian (Asian- Indian) American Owned,, S Corporation Birdsell Timothy TnT Capture & Proposal Services, Inc. 8319 Sunset Drive Manassas, VA 20110 US Email: tnt.birdsell@gmail.com Phone: 7034246455 Bowers Richard INDU, LLC 2760 PEACHTREE INDUSTRIAL BLVD STE D DULUTH, GA 300972201 USA Email: richard.bowers@intigrow.com Phone: 7036527671 Self-Certified Limited Liability Company, Brooks Yvette GAW ASSOCIATES INC. 670 DEER RD BLDG A CHERRY HILL, NJ 080341438 USA Email: yvetteb@gawtechnology.com Phone: 8566081428 Women-Owned Woman-Owned Brown Paul ITIC CORPORATION 817 AVONSHIRE CT. SYKESVILLE, MD 217848113 USA 8 of 81 5/10/2015 10:26 AM

Email: business@iticcorp.com Phone: 443-821-3283, S Corporation Bullock Jeffrey Clear Ridge Defense, LLC 1622 Hardwick Court Suite 402 Hanover, MD 21076-1987 US Email: jeffrey.bullock@clridge.com Phone: 2025052855 Limited Liability Company Bundy Troy AVID TECHNOLOGY PROFESSIONALS LLC 6996 COLUMBIA GATEWAY DR. SUITE 204 COLUMBIA, MD 210463352 USA Email: troy_bundy@avidtec.com Phone: 30131763571 Minority-Owned business, Self-Certified SBA Certified 8(a) Program Participant, DoT Certified Business Enterprise, Limited Liability Company, Black American Owned, Butler Brian VISTRA COMMUNICATIONS, LLC 15436 N. FLORIDA AVE, SUITE 160 TAMPA, FL 33613 USA Email: Brian@ConsultVistra.com Minority-Owned business, Self-Certified 9 of 81 5/10/2015 10:26 AM

Phone: 813.961.4700 SBA Certified 8(a) Program Participant, DoT Certified Business Enterprise, Limited Liability Company, Black American Owned, Service Disabled,, S Corporation Cady Mark RAZOR TECHNOLOGY - LLC 4529 ROSEMOUNT LN CATLETT, VA 201191770 USA Email: fed-biz-ops@razor-technology.com Minority-Owned business, Self-Certified 10 of 81 5/10/2015 10:26 AM

Phone: 5715729391 Limited Liability Company, Native American Owned, Carey Natalie VALIANT SOLUTIONS, LLC 601 S CHESTNUT ST HENDERSON, NC 275364540 USA Email: ncarey@valiantsolutions.com Phone: 2025588428 Limited Liability Company,, SBA Certified Hub Zone Firm Castrinos Nick GRANITE GOV SOLUTIONS, LLC 1307 PLEASANT CREEK CT SOUTH CHESTERFIELD, VA 238346841 USA Email: nickcastrinos@granitegovsolutions.com Phone: 8042433412 Limited Liability Company, Service Disabled 11 of 81 5/10/2015 10:26 AM

, 12 of 81 5/10/2015 10:26 AM

Cawlfield Mallory ZAVDA TECHNOLOGIES, LLC 9250 BENDIX RD STE 540 COLUMBIA, MD 210451832 USA Email: mcawlfield@zavda.com Phone: 2405236253 Minority-Owned business, Self-Certified Economically Women-Owned Women-Owned Woman-Owned SBA Certified 8(a) Program Participant, DoT Certified Business Enterprise, Limited Liability Company, Black American Owned, Service Disabled, Cerrito Jonathan CER CONSULTING, LLC 707 G ST SW WASHINGTON, DC 200242407 US 13 of 81 5/10/2015 10:26 AM

Email: jjcerrito@cerconsultingllc.com Phone: 2024840642 Limited Liability Company, chenault stephanie VENIO INC. 12909 LUCA STATION WAY WOODBRIDGE, VA 221927701 USA Email: stephanie.chenault@venioinc.com Phone: 5712139937 Service Disabled,, S Corporation Childs Christopher CE SCIENCE INC 8105 TAMAR DR STE 001 COLUMBIA, MD 210452884 USA Email: chris.childs@cescience.com Phone: 4104875187 Minority-Owned business, Black American Owned, Clarke Robert MONSTER GOVERNMENT SOLUTIONS, LLC 8280 GREENSBORO DR STE 900 MC LEAN, VA 221023807 USA Email: robert.clarke@monster.com Phone: 703-424-6791 14 of 81 5/10/2015 10:26 AM

Clifton Henry QBE LLC 14604 WASHINGTON ST HAYMARKET, VA 201694980 USA Email: henry.clifton@qbe.net Phone: 571-334-0656 Limited Liability Company,, S Corporation Cole Dawn KERBEROS INTERNATIONAL, INC. 19 NORTH MAIN STREET, SUITE 2711 TEMPLE, TX 765017629 USA Email: dawn.cole@kerberosinc.com Phone: 7136774674 Self-Certified Economically Women-Owned Women-Owned 15 of 81 5/10/2015 10:26 AM

Woman-Owned SBA Certified 8(a) Program Participant,, S Corporation Contractor Sales Payment Office Monitoring Service Track DFAS invoices automatically & catch problems early. US Email: fbo@payofficemonitor.com Phone: 202-517-6800 Service Provider Coughlin Peter PIPERCOUGHLIN, LLC 19179 FERRY FIELD TERRACE LEESBURG, VA 201761276 US Email: pcoughlin@pico-llc.com Phone: 5719690729 Limited Liability Company, Service Disabled, Cramer Myron BCT LLC 10810 GUILFORD RD STE 105 ANNAPOLIS JUNCTION, MD 207011102 USA Email: myron.cramer@bct-llc.com Phone: 4105701216 Women-Owned Woman-Owned Limited Liability Company, 16 of 81 5/10/2015 10:26 AM

Daigle Gary INOVEX INFORMATION SYSTEMS INCORPORATED 7240 PARKWAY DR STE 140 HANOVER, MD 210761367 USA Email: gary.daigle@inovexcorp.com Phone: 4437567197 Dascalu Dragos STRATUS SOLUTIONS, INC. 3771 OLD COLUMBIA PIKE ELLICOTT CITY, MD 210434642 USA Email: dede@stratussolutions.com Phone: 5626456227, S Corporation DeCarteret Rodney CYBER DEFENSE SOLUTIONS LLC 18729 FULLER HEIGHTS RD SUITE 100 TRIANGLE, VA 221722003 USA Email: rodney.decarteret@cdscti.com Phone: 7033506779 Minority-Owned business, Limited Liability Company, Hispanic American Owned, Service 17 of 81 5/10/2015 10:26 AM

Disabled, Demmon John ASHBURN CONSULTING 43848 GOSHEN FARM CT LEESBURG, VA 201761254 USA Email: jdemmon@ashburnconsulting.com Phone: 7038615576 Minority-Owned business, Self-Certified Asian-Pacific American Owned, Limited Liability Company, Dempsey David MIAMI VALLEY ANALYTICS CONSULTING, LLC 120 W SECOND ST STE 602 DAYTON, OH 454021604 US Email: dmdempsey@mvanalyticsllc.com Phone: 9375062045 Self-Certified Limited Liability Company, Service 18 of 81 5/10/2015 10:26 AM

Disabled, Dessaso Theresa MATRIX INGENUITY, INC. 4661 DAPPLE COURT ELLICOTT CITY, MD 21043 USA Email: tdessaso@matrixingenuity.com Phone: 9168570561 Minority-Owned business, Black American Owned,, S Corporation DeWolfe Sam De Wolfe Industries Incorporated 506 Mirasol Circle #103 Celebration, FL 34747 US Email: sdewolfe@dewolfeindustries.com Phone: 3045189077 Dickens Charles ICIO, INC. 1373 RIDGE COMMONS BLVD HANOVER, MD 210761140 USA Email: cdickens@icioinc.com Phone: 4109034166 Service Disabled,, S Corporation 19 of 81 5/10/2015 10:26 AM

Dietrich Ethan SIXGEN LLC 2405 WINDING RIDGE RD ODENTON, MD 211132516 USA Email: ethand@sixgenllc.com Phone: 7038610954 Self-Certified Dobbs David BALTIMORE INFORMATION GROUP 8232 ELKO DR ELLICOTT CITY, MD 210437481 US Email: biginfo@aol.com Phone: 4104184966 Service Disabled, Donaldson Bruce INTEC, LLC 10306 EATON PLACE, SUITE 520 FAIRFAX, VA 220302233 USA Email: brucedonaldson@intecllc.net Phone: 703-255-1524 Limited Liability Company, Service Disabled, 20 of 81 5/10/2015 10:26 AM

Dowling Edmund QUANTUM RESEARCH INTERNATIONAL, INC. 991 DISCOVERY DR NW HUNTSVILLE, AL 358062811 USA Email: edowling@quantum-intl.com Phone: 2569711800 Doyle Joe GLOBALPUNDITS TECHNOLOGY CONSULTANCY, INC. 4715 SUNSET BLVD UNIT D LEXINGTON, SC 290729151 USA Email: joe@globalpundits.com Phone: 8033549400 Minority-Owned business, Subcontinent Asian (Asian- Indian) American Owned, 21 of 81 5/10/2015 10:26 AM

Dryer John ZOLON TECH INC. 13921 PARK CENTER RD STE 500 HERNDON, VA 201713270 USA Email: john.dryer@zolontech.com Phone: 7036363543 Minority-Owned business, Self-Certified DoT Certified Business Enterprise, Subcontinent Asian (Asian- Indian) American Owned, Dunlap Phil SLS Government Funding Solutions Las Vegas, NV 89129 US Email: Phil.Dunlap@SLSgovernmentfundingsolutions.com 22 of 81 5/10/2015 10:26 AM

Phone: 702-938-3297 Dunlap Phil SLS Government Funding Solutions Las Vegas, NV 89129 US Email: SLSGovernmentFunding@gmail.com Phone: 201-800-1927 Dyer Bryan YORKTOWN SYSTEMS GROUP, INC. 2905 WESTCORP BLVD SUITE 116 HUNTSVILLE, AL 358056471 USA Email: bdyer@ysginc.com Phone: 2564254616 Service Disabled,, S Corporation Edwards Brian VARIQ CORPORATION 2055 L ST NW STE 650 WASHINGTON, DC 200364983 USA Self-Certified 23 of 81 5/10/2015 10:26 AM

Email: brian.edwards@variq.com Phone: 2022924236 DoT Certified Business Enterprise, Hispanic American Owned,, S Corporation, SBA Certified Hub Zone Firm Engineering Byte BYTE ENGINEERING SOLUTIONS, INCORPORATED 331 N NEW BALLAS RD #37113 SAINT LOUIS, MO 631415589 USA Email: info@byte-engineering.com Phone: 3148274664 Minority-Owned business, Self-Certified Economically Women-Owned Women-Owned Woman-Owned Black American Owned, 24 of 81 5/10/2015 10:26 AM

, S Corporation Faletti Alexander TRIPLE-STRAND LLC 5872 W AUTUMN DUSK COVE HERRIMAN, UT 840961794 USA Email: alex@triple-strand.com Phone: 8012018438 Limited Liability Company, Service Disabled, FarmerPhD Jackie D & A TECHNOLOGIES, GOVERNMENT SOLUTIONS, LLC 3805 YORKTOWN DR HOPEWELL, VA 238605360 USA Email: jfarmer@datechnet.com Phone: 7069511051 Minority-Owned business, Self-Certified Limited Liability Company, Black American Owned, Service Disabled, 25 of 81 5/10/2015 10:26 AM

Fedewa John armcor.com Contractor Capital Nationwide US Email: fbo@armcor.com Phone: 800-873-4161 Service Provider, Limited Liability Company Feinstein Stanley PROJECT REMEDIES INC. 15920 W SUNSET BLVD UNIT 7 PACIFIC PALISADES, CA 902723497 USA Email: stanf@projectremedies.com Phone: 3102301722 DoT Certified Business Enterprise,, S Corporation Felts Kevin AMX, LLC 3000 RESEARCH DR RICHARDSON, TX 750823546 USA Email: kevin.felts@amx.com Phone: 858.249.9620 Limited Liability Company, Manufacturer of Goods, Fleet Jamila INDICIUM TECHNOLOGIES INC. 484 WILLIAMSPORT PIKE SUITE 135 MARTINSBURG, WV 254045707 USA Email: jamila.fleet@istech-corp.com Phone: 7039458265 Minority-Owned business, Self-Certified Economically 26 of 81 5/10/2015 10:26 AM

Women-Owned Women-Owned Woman-Owned SBA Certified 8(a) Program Participant, Other than one of the preceding, Service Disabled,, S Corporation Fox Paul CHIEF TECHNOLOGIES LLC 305 HARRISON ST SE STE 200C LEESBURG, VA 201753729 USA Email: pfox@chief-technologies.com Phone: 7033388012 Self-Certified Limited Liability Company,, SBA Certified Hub Zone Firm Freeland Dennis LONGVIEW INTERNATIONAL TECHNOLOGY SOLUTIONS, INC. 27 of 81 5/10/2015 10:26 AM

11950 DEMOCRACY DRIVE SUITE 275 RESTON, VA 201905692 USA Email: dfreeland@longviewinc.com Phone: 703-657-5516 Service Disabled,, S Corporation Fudala James LINCHPIN CYBER SOLUTIONS LLC 14326 NORTHBROOK LN GAINESVILLE, VA 201553897 USA Email: jamesfudala@linchpincybersolutions.com Phone: 7576465440 Self-Certified Limited Liability Company, Glasscock Andrew SAGE MANAGEMENT ENTERPRISE, LLC 6731 COLUMBIA GATEWAY DR STE 150 COLUMBIA, MD 210462136 USA Email: andrew.glasscock@sage-mgt.net Phone: 4103024391 Limited Liability Company, 28 of 81 5/10/2015 10:26 AM

Gore Tony RED TRIDENT INCORPORATED 320 LINDA LN WEBSTER, TX 775985073 US Email: tgore@redtridentinc.com Phone: 8324700994 Self-Certified Service Disabled,, S Corporation Goveia John SPYROS INFORMATION & TECHNOLOGY CONSULTING, LLC 7556 HUMMINGBIRD CT SYKESVILLE, MD 217847155 USA Email: spyros_consulting@verizon.net Phone: 4107954194 Limited Liability Company, Service Disabled, 29 of 81 5/10/2015 10:26 AM

Grady Michael Grady and Company 2712 Soapstone Dr Reston, VA 20191 US Email: tmgrady@gradyandcompany.com Phone: 703-620-9123 Hammond Brandon CLEAR RESOLUTION CONSULTING, LLC 5523 RESEARCH PARK DR STE 240 BALTIMORE, MD 212284689 USA Email: brandon.hammond@crctoday.com Phone: 4017435216 Minority-Owned business, Self-Certified Limited Liability Company, Black American Owned,, SBA Certified Hub Zone Firm Harrington Robert COMPASS, INC. 465A CARLISLE DRIVE HERNDON, VA 201705616 USA Email: bob.harrington@cmpsinc.com Phone: 7033473851 Women-Owned Woman-Owned, S Corporation Harry James PRTM MANAGEMENT CONSULTANTS, LLC 30 of 81 5/10/2015 10:26 AM

1730 PENNSYLVANIA AVE NW STE 600 WASHINGTON, DC 200064506 USA Email: james.harry@us.pwc.com Phone: 2027561700 Hawkins Christopher SCALABLE NETWORK TECHNOLOGIES, INC. 600 CORPORATE POINTE, SUITE 1200 CULVER CITY, CA 902307626 USA Email: chawkins@scalable-networks.com Phone: 2566983623 Minority-Owned business, Manufacturer of Goods, Subcontinent Asian (Asian- Indian) American Owned, Hegarty Aran HEGARTY RESEARCH LLC 8201 GREENSBORO DR STE 605 MC LEAN, VA 221023816 USA Email: hegarty@hegartyresearch.com Phone: 7039926719 Limited Liability Company, Heileman Sean PROSOURCE TECHNOLOGY, INC. 4845 UNIVERSITY SQ HUNTSVILLE, AL 358161875 USA Email: sheileman@prosourcetechnology.com Phone: 2562833030 Minority-Owned business, Self-Certified 31 of 81 5/10/2015 10:26 AM

DoT Certified Business Enterprise, Black American Owned, Service Disabled,, S Corporation Hein Larry SYNERGY ECP, LLC 6996 COLUMBIA GATEWAY DR STE 101 COLUMBIA, MD 210463302 USA Email: Larry.Hein@SynergyECP.com Phone: 4432542092 Limited Liability Company, 32 of 81 5/10/2015 10:26 AM

Hemingway Robert ANALYTICAL CONSULTING GROUP LLC 2510 HUNTER PL. SUITE 202 WOODBRIDGE, VA 221923938 USA Email: hemingwayrm@analyticalcg.com Phone: 703.439.4692 Minority-Owned business, Self-Certified Limited Liability Company, Black American Owned, Service Disabled, Hickman Jeffrey INTELLIGENT DECISIONS, INC. 21445 BEAUMEADE CIR ASHBURN, VA 201476036 USA 33 of 81 5/10/2015 10:26 AM

Email: jhickman@intelligent.net Phone: 4109991204 34 of 81 5/10/2015 10:26 AM

Hilbert Kristin PROVIDEO MANAGEMENT INC. 21740 BEAUMEADE CIRCLE, STE 148 ASHBURN, VA 201476236 USA Email: khilbert@provideomanagement.com Phone: 7034738848 Minority-Owned business, Self-Certified SBA Certified 8(a) Program Participant, Hispanic American Owned, 35 of 81 5/10/2015 10:26 AM

Hoening Donald WEB-HED TECHNOLOGIES, INC. 1710 N MAIN AVE SAN ANTONIO, TX 782123938 USA Email: dhoening@att.net Minority-Owned business, Self-Certified Economically Women-Owned Women-Owned Woman-Owned DoT Certified Business Enterprise, Hispanic American Owned,, SBA Certified Hub Zone Firm Hudd Suzanne FIVE TWELVE, LLC 3685 CHILDRESS TR BURTONSVILLE, MD 208662040 USA Email: suzanne.hudd@fivetwelvellc.com Phone: 4432237322 Limited Liability Company, 36 of 81 5/10/2015 10:26 AM

Hussein Mohamed SOFTIVIA SYSTEMS CORPORATION 6152 FARVER RD MCLEAN, VA 221013223 USA Email: mhussein@softiviasystems.com Phone: 703 477 7662 Self-Certified Economically Women-Owned Women-Owned Woman-Owned Black American Owned,, S Corporation Ibekwe Uchenna SIFACORE TECHNOLOGY LLC 5956 BENT WILLOW DR ALEXANDRIA, VA 223101797 USA Email: uchenna.ibekwe@sifacore.com Phone: 703-967-1758 Minority-Owned business, Self-Certified Community Development Corporation, Community Development Corporation Owned Firm, Limited Liability 37 of 81 5/10/2015 10:26 AM

Company, Black American Owned, II Thomas KNOWLEDGE INSTITUTE INC, THE 5120 CAMERON FOREST PKWY ALPHARETTA, GA 300226654 USA Email: tvarnedoe@knowledgeinstitute.com Phone: 678-314-1244 Minority-Owned business, Self-Certified Limited Liability Company, Black American Owned, Service Disabled, Ilodianya Kingsley INFOCONE, INC. 800 CORPORATE DR STE 301 STAFFORD, VA 225544889 USA Email: kingsley@infocone.com Phone: 703.884.3872 Minority-Owned business, Self-Certified Black American Owned,, S Corporation 38 of 81 5/10/2015 10:26 AM

Iyer Satish CAPSTONE CONSULTING, INC. 11218 JOHN GALT BLVD STE 202 OMAHA, NE 681372358 US Email: satish.iyer@capstonec.com Phone: 4024406606 Self-Certified Jackson Tim M D A TECHNOLOGIES LLC 3310 NOBLE POND WAY STE 223 WOODBRIDGE, VA 221931458 USA Email: tjackson@mdatech.com Phone: 703-730-9444 Limited Liability Company, Jaime J TAUREAN GENERAL SERVICES, INCORPORATED 26545 IH 10 W BOERNE, TX 780066500 USA Email: jeffrey.jaime@taurean.net Minority-Owned business, Self-Certified 39 of 81 5/10/2015 10:26 AM

Phone: 2102597847 SBA Certified 8(a) Program Participant, DoT Certified Business Enterprise, Hispanic American Owned, Service Disabled,, S Corporation James William WOODBURY TECHNOLOGIES, INC. 1725 E 1450 S STE 240 CLEARFIELD, UT 840152286 USA Email: bjames@woodburytech.com Self-Certified Economically Women-Owned Women-Owned Woman-Owned SBA 40 of 81 5/10/2015 10:26 AM

Certified 8(a) Program Participant,, S Corporation Jankowski Matthew DEFENSE ENGINEERING INC. 4401 FORD AVE 6TH FL ALEXANDRIA, VA 223021473 USA Email: mjankowski@defenginc.com Phone: 7038880206 Service Disabled, Jing Mike CYBERDATA TECHNOLOGIES INC 455 SPRINGPARK PL STE 300 HERNDON, VA 201705527 USA Email: bd@cyberdatainc.com Phone: 202-409-6671 Minority-Owned business, Self-Certified 41 of 81 5/10/2015 10:26 AM

Economically Women-Owned Women-Owned Woman-Owned Asian-Pacific American Owned, Jr Arthur abnc Technology 2104 Fothergill Dr Evans, GA 30809 US Email: alsanders12@gmail.com Phone: 7068631502 Kathleen McCosker CADRE Proposal Services 108 West Saint Paul Avenue Wildwood Crest, NJ 08260-1124 US Email: jmccosker@cadrewins.com Phone: 6097295739 Kelleher Paddy High Country Solutions, Inc 9903 E. 146th Ave Brighton, CO 80602 US Email: paddy@highcountrysolutions.net Phone: 7193104257 Service Disabled, S Corporation 42 of 81 5/10/2015 10:26 AM

Khanna Manu COMPTEL INC. 2114 TYSONS EXECUTIVE CT DUNN LORING, VA 220271047 USA Email: mkhanna@comptelinc.com Phone: 703-582-7817 Minority-Owned business, Asian-Pacific American Owned, Kiffney Robert BRAINTRUST HOLDINGS LLC 4362 STONECREST DR ELLICOTT CITY, MD 210436113 US Email: robert.kiffney@braintrust-us.com Phone: 4434208007 Limited Liability Company, Kimble William CYBER DEFENSE TECHNOLOGIES LLC 20933 HOUSEMAN TERRACE ASHBURN, VA 201484332 USA Email: william.kimble@cyberdefensetechnologies.com Phone: 800-658-1846 Limited Liability Company, Kirkman Edric PROJECTXYZ Inc. 1500 Perimeter Parkway Suite 126 Huntsville, AL 35806 US Email: edric.kirkman@projectxyz.com Phone: 2567219001 Ext 125 Kozak Walter PRICEWATERHOUSECOOPERS LLP 1800 TYSON BLVD 9TH FL MCLEAN, VA 221024257 USA 43 of 81 5/10/2015 10:26 AM

Email: walter.j.kozak@us.pwc.com Phone: 7039181581 Kuhn Gary CYBERCORE TECHNOLOGIES, LLC 6605 BUSINESS PKWY ELKRIDGE, MD 210756349 USA Email: gkuhn@cybercoretech.com Phone: 4105617102 Limited Liability Company, Landes Stephen BMC SOFTWARE FEDERAL, LLC 2101 CITYWEST BLVD HOUSTON, TX 770422829 US Email: stephen_landes@bmc.com Phone: 571-528-7785 Limited Liability Company, Lee Grady SAFEWARE ENGINEERING CORPORATION 672 NEWBRIDGE CT ARNOLD, MD 210122072 USA Email: lee@safeware-eng.com Phone: 2063284880, S Corporation Lewis Kenneth TRESYS TECHNOLOGY, LLC 44 of 81 5/10/2015 10:26 AM

8840 STANFORD BLVD STE 2100 COLUMBIA, MD 210455848 USA Email: klewis@tresys.com Phone: 3039566152 Limited Liability Company, Lewis Mark TECHNICAL AND MANAGEMENT ASSISTANCE CORPORATION 55 GINA CT SYKESVILLE, MD 217849053 USA Email: mark.lewis@tmac-sb.com Phone: 4439940827 Lima Vinnie VVL SYSTEMS & CONSULTING, LLC 8840 STANFORD BLVD STE 1550 COLUMBIA, MD 210455974 USA Email: vlima@vvlsystems.com Phone: 4108648659 Minority-Owned business, Self-Certified SBA Certified 8(a) Program Participant, DoT Certified Business Enterprise, Limited Liability Company, Hispanic American Owned, 45 of 81 5/10/2015 10:26 AM

Link Bob RYCOM INC 9805 LAKE GEORGIA DR FL 2 ORLANDO, FL 328173118 USA Email: blink@rycom.net Phone: 4076793828, S Corporation Long Mary JAVIS AUTOMATION & ENGINEERING INC 17461 JEFFERSON DAVIS HWY DUMFRIES, VA 220262244 USA Email: johnlongsr@javis.com Phone: 7032092020 Minority-Owned business, Black American Owned, Service Disabled, Lowe Belinda AGIL3 TECHNOLOGY SOLUTIONS LLC 14506 SAINT GREGORY WY ACCOKEEK, MD 206072928 USA Email: belinda.lowe@agil3tech.com Phone: 3013351323 Minority-Owned business, Self-Certified Economically Women-Owned Women-Owned 46 of 81 5/10/2015 10:26 AM

Woman-Owned Limited Liability Company, Black American Owned, Service Disabled, Lyman Lance TACTICAL ELECTRONICS CORP 5589 CAJEPUT CT MELBOURNE, FL 329042334 USA Email: lance@tacel.com Phone: 3212530845 Minority-Owned business, Women-Owned Woman-Owned Asian-Pacific American Owned,, S Corporation Magee Ben INNOVATIVE GLOBAL SECURITY SOLUTIONS LLC 6960 BUCKTOWN ROAD HUGHESVILLE, MD 206372934 USA Email: bmagee@iglobalsecuritysolutions.com Phone: 7037078400 Minority-Owned business, Economically Women-Owned 47 of 81 5/10/2015 10:26 AM

Women-Owned Woman-Owned Limited Liability Company, Black American Owned, Service Disabled, Mathis Brian ANSOL INC. 13766 TORREY GLENN RD SAN DIEGO, CA 921294630 USA Email: brian.mathis@ansolinc.com Phone: 7577352625 Matlock Tracey MULTINATIONAL GROUP LLC 19184 GAINSBOROUGH RD DETROIT, MI 482231344 USA Email: tracey_matlock@m-ng.com Phone: 3133995374 Minority-Owned business, Self-Certified Economically Women-Owned Women-Owned Woman-Owned 48 of 81 5/10/2015 10:26 AM

Limited Liability Company, Black American Owned, 49 of 81 5/10/2015 10:26 AM

McGovern Amy TIGERSWAN INC. 3452 APEX PEAKWAY APEX, NC 275025756 USA Email: a.mcgovern@tigerswan.com Service Disabled,, S Corporation McNamara Daniel SYSTEMS PLANNING AND ANALYSIS, INC. 2001 N BEAUREGARD ST., SUITE 100 ALEXANDRIA, VA 223111748 USA Email: dmcnamara@spa.com Phone: 7033997716 Michelson Brad INFINITY SYSTEMS ENGINEERING, LLC 13560 NORTHGATE ESTATES DRIVE COLORADO SPRINGS, CO 809217654 USA Email: michelson@infinity.aero Phone: 719-548-9712 x303 Limited Liability Company, 50 of 81 5/10/2015 10:26 AM

Miller James OAKLAND CONSULTING GROUP, INC. 9501 SHERIDAN ST STE 200 LANHAM, MD 207062630 USA Email: jmiller@ocg-inc.com Phone: (301) 577-4111 Minority-Owned business, Self-Certified DoT Certified Business Enterprise, Black American Owned, 51 of 81 5/10/2015 10:26 AM

Minnick Larry SBG TECHNOLOGY SOLUTIONS INC. 2 BRITTANY LN STAFFORD, VA 225547687 USA Email: LMinnick@sbgts.com Minority-Owned business, Self-Certified SBA Certified 8(a) Program Participant, Hispanic American Owned, Service Disabled,, S Corporation Mintus David GRAYBAR ELECTRIC COMPANY, INC. 34 N MERAMEC AVE SAINT LOUIS, MO 631053844 USA Email: david.mintus@graybar.com 52 of 81 5/10/2015 10:26 AM

Phone: 314-573-7152 Monaghan Colin WINDWARD CONSULTING GROUP, INC. 2201 COOPERATIVE WAY STE 400 HERNDON, VA 201715392 USA Email: colin.monaghan@windward.com Phone: 7038120144 Morningstar Allen SPEXUS INCORPORATED 6849 OLD DOMINION DR STE 420 MC LEAN, VA 221013724 USA Email: kamorningstar@spexus.com Phone: 7036371357, SBA Certified Hub Zone Firm Mullen Robert LEIDOS, INC. 6841 BENJAMIN FRANKLIN DR STE 400 COLUMBIA, MD 210463181 USA Email: robert.w.mullen@leidos.com Phone: 4433677505 53 of 81 5/10/2015 10:26 AM

Murphy Brennan SOFTWARE AG GOVERNMENT SOLUTIONS INC. 11700 PLAZA AMERICA DR STE 230 RESTON, VA 201904793 USA Email: brennan.murphy@softwareaggov.com Phone: 5715990397 Myers Christopher SALIENT FEDERAL SOLUTIONS, INC. 4000 LEGATO ROAD STE 600 FAIRFAX, VA 220332893 USA Email: chris.myers@salientfed.com Phone: 7192191988 54 of 81 5/10/2015 10:26 AM

Myers Jim METIER DEFENSE SOLUTIONS INC 27390 BRIDLE PL CHANTILLY, VA 201526410 USA Email: jim.myers@metierdefense.com Phone: 7034729515 Service Disabled, Napper Leo VICAR STUDIOS, LLC 13119 PENNERVIEW LN FAIRFAX, VA 220333025 USA Email: leo@vicarstudios.com Phone: 7035936321 Minority-Owned business, Self-Certified 55 of 81 5/10/2015 10:26 AM

Limited Liability Company, Black American Owned, Service Disabled, Narang RJ RENEGADE TECHNOLOGY SYSTEMS, INC. 11150 SUNSET HILLS ROAD, SUITE 306 RESTON, VA 201905335 USA Email: owilliams@rtsiinc.com Phone: 571-926-8347 Minority-Owned business, Self-Certified Subcontinent Asian (Asian- Indian) American Owned,, S Corporation Nazario Vevelyn TLN WORLDWIDE ENTERPRISES, INC. 68 E131ST ST STE 700 NEW YORK, NY 100372900 USA Email: Vevelyn.Nazario@theleadingniche.com Phone: 301.254.8988 Minority-Owned business, Self-Certified Economically 56 of 81 5/10/2015 10:26 AM

Women-Owned Women-Owned Woman-Owned SBA Certified 8(a) Program Participant, Black American Owned,, S Corporation, SBA Certified Hub Zone Firm Nelson Bradford BINERA, INC. 203 COLLEEN DR YORKTOWN, VA 236932407 USA Email: b.nelson@binera.com Phone: 2563488538 Minority-Owned business, Economically Women-Owned Women-Owned Woman-Owned Asian-Pacific American Owned, DoT Certified 57 of 81 5/10/2015 10:26 AM

Business Enterprise, Nestell Bryan BARNETT ENGINEERING AND SIGNALING LABORATORIES, LLC 1559 Vapor Trail Colorado Springs, CO 80916 US Email: bryan.nestell@besl.org Phone: 210-241-5953 Business Nixon Michael RAMPANT TECHNOLOGIES, LLC 13601 BROWN THRASHER PIKE LAKEWOOD RANCH, FL 342028257 USA Email: Nixon@RampantTechnologies.com Phone: 9417266390 Self-Certified Oakley Doug AGENCY CONSULTING GROUP, INC. 5457 TWIN KNOLLS RD COLUMBIA, MD 210453259 USA Email: doakley@acg-hq.com Phone: 4433554528 Service Disabled, 58 of 81 5/10/2015 10:26 AM

, S Corporation Ockuly Tom APPLIED INTEGRATED TECHNOLOGIES, INC. 7120 SAMUEL MORSE DR STE 150 COLUMBIA, MD 210463420 USA Email: tom.ockuly@ait-i.com Phone: 410 872-0022 Minority-Owned business, Self-Certified Black American Owned,, S Corporation OConnor Deanna INTELLIGENCE, COMMUNICATIONS AND ENGINEERING, INC 1850 PASEO SAN LUIS SIERRA VISTA, AZ 85635 USA Email: deanna.oconnor@iceinc.us.com Phone: 5204584321312 Minority-Owned business, Self-Certified SBA Certified 8(a) Program Participant, Black American Owned, Service Disabled, 59 of 81 5/10/2015 10:26 AM

, S Corporation Opalka Stephan QUANTUM DYNAMICS, INCORPORATED 1749 OLD MEADOW RD STE 610 MC LEAN, VA 221024789 USA Email: sopalka@qdyncorp.com Phone: 9105142549 Self-Certified Women-Owned Woman-Owned DoT Certified Business Enterprise, Black American Owned,, S Corporation 60 of 81 5/10/2015 10:26 AM

Overby James MUSCOGEE INTERNATIONAL, LLC 1018 SOUTH WOOD DR OKMULGEE, OK 744476030 USA Email: joverby@muscogeeinternational.com Phone: 9187527040 Tribally Owned Firm, Minority-Owned business, Self-Certified SBA Certified 8(a) Program Participant, Limited Liability Company, Native American Owned,, SBA Certified Hub Zone Firm Pait Michael STAFFORD CONSULTING COMPANY, INC 3005 BRAXTON WOOD COURT FAIRFAX, VA 220311336 USA Email: mike.pait@staffordservices.net Phone: 7033148287 Service Disabled, 61 of 81 5/10/2015 10:26 AM

Palmer Robert CREATIVE BUSINESS SOLUTIONS, INC. 1918 13TH ST SE WASHINGTON, DC 200207002 USA Email: rp@cbsxcels.com Phone: 3015099954 Minority-Owned business, Self-Certified SBA Certified 8(a) Program Participant, Black American Owned, Service Disabled,, S Corporation, SBA Certified Hub Zone Firm Perkins Edward EZ-A CONSULTING, LLC 513 ANN PL BEL AIR, MD 210156223 USA Email: ebperkins1@gmail.com Phone: 4437621261 Self-Certified 62 of 81 5/10/2015 10:26 AM

Economically Women-Owned Women-Owned Woman-Owned Limited Liability Company, Picco Mell PICCOTEK INC 930 SANTANA LN SYKESVILLE, MD 217845516 USA Email: mapicco@piccotek.com Phone: (410) 313-9133, S Corporation Pieper Ron Sapphire Research LLC 800 Corporate Dr, Ste 301 Stafford, VA 22554 US Email: RPieper@SapphireResearchLLC.com Phone: 6033186062 Business Piper Duane PIPERCOUGHLIN, LLC 19179 FERRY FIELD TERRACE LEESBURG, VA 201761276 US Email: dpiper@pico-llc.com Phone: 703-789-2148 Limited Liability 63 of 81 5/10/2015 10:26 AM

Company, Service Disabled, Plebuch Donald ENTERPRISE INFORMATION SERVICES, INCORPORATED 1945 OLD GALLOWS RD STE 500 VIENNA, VA 221823996 USA Email: DPlebuch@GoEIS.com Phone: 7037525520 Minority-Owned business, Subcontinent Asian (Asian- Indian) American Owned,, S Corporation Rassier D'Etta RISK MITIGATION CONSULTING INC 3895 SAND DUNE CT DESTIN, FL 325413209 USA Email: drassier@rmcinc.us Phone: (501) 766-1719 Service Disabled,, S Corporation 64 of 81 5/10/2015 10:26 AM

Redeen Bill KNOWLEDGE MEDIA INC. 3 BETHESDA METRO CENTER STE 700 BETHESDA, MD 208146300 USA Email: wredeen@knowledge-media.com Phone: 3015717200 Private University or College, Minority-Owned business, Educational Institution, Hispanic American Owned, Reilly Frank FRANK REILLY, BID PROTEST ATTORNEY AND FEDERAL PROCUREMENT LAWYER 101 NE 3rd Avenue Suite 1500 Fort Lauderdale, FL 33301 US Email: frank@frankvreilly.com Phone: (561) 400-0072 Reinhold Tara INTELLIGENESIS, LLC 7164 COLUMBIA GATEWAY DR STE 120 COLUMBIA, MD 210462979 USA Email: tara.reinhold@intelligenesisllc.com Phone: 4435631861 Woman-Owned Limited Liability Company, 65 of 81 5/10/2015 10:26 AM

Renner Don L-3 NATIONAL SECURITY SOLUTIONS, INC. 11955 FREEDOM DR STE 12000 RESTON, VA 201905687 USA Email: donald.renner@l-3com.com Phone: 7034345516 Reynolds Kevin RBR-TECHNOLOGIES 1997 ANNAPOLIS EXCHANGE PARKWAY, SUITE 300 ANNAPOLIS, MD 214013273 USA Email: kevin.reynolds@rbr-technologies.com Phone: 7064147655 Self-Certified 66 of 81 5/10/2015 10:26 AM

Service Disabled, Ricciardi Michael DOMENIX CORPORATION, THE 4229 LAFAYETTE CENTER DR STE 1800 CHANTILLY, VA 201511270 USA Email: mr@domenix.com Phone: 7036570010, S Corporation Rooney Paul APPLIED NETWORK SOLUTIONS, INC. 9891 BROKEN LAND PKWY STE 100 COLUMBIA, MD 210461156 USA Email: prooney@ansfederal.com Phone: 4435171110203, S Corporation Ross Arielle ICIO, INC. 1373 RIDGE COMMONS BLVD HANOVER, MD 210761140 USA 67 of 81 5/10/2015 10:26 AM

Email: aross@icioinc.com Phone: 3039036621 Service Disabled,, S Corporation Rountree Dexter AGEMO TECHNOLOGY, INC 11302 CROSS RD TRL BRANDYWINE, MD 206138842 USA Email: Dexter.Rountree@AgemOTechnology.com Phone: 3017827335 Minority-Owned business, Economically Women-Owned Women-Owned Woman-Owned DoT Certified Business 68 of 81 5/10/2015 10:26 AM

Enterprise, Black American Owned, Service Disabled,, S Corporation Schreiber Michael AMDEX CORPORATION 8403 COLESVILLE RD STE 850 SILVER SPRING, MD 209103349 USA Email: mschreiber@amdexcorp.com Phone: 3015884000 Self-Certified Women-Owned Woman-Owned DoT Certified Business Enterprise, Subcontinent Asian (Asian- Indian) American Owned,, S Corporation Scott Rickey E QUALITY CORPORATION 5787 SOUTH HAMPTON ROAD, SUITE 205 DALLAS, TX 752322255 USA Email: rickeyequality@yahoo.com Phone: 4693370274 Minority-Owned business, Self-Certified 69 of 81 5/10/2015 10:26 AM

Economically Women-Owned Women-Owned Woman-Owned DoT Certified Business Enterprise, Black American Owned,, S Corporation, SBA Certified Hub Zone Firm Scuilla Charles EMF1V, INCORPORATED 6520 RAFTELIS RD BURKE, VA 220154142 USA Email: charlie@scuilla.com Phone: 7034409319 Manufacturer of Goods, Senholzi Peter G2 Inc 302 Sentinel Drive, Suite 300 Annapolis Junction, MD 20701 US Email: pete.senholzi@g2-inc.com Phone: 4102157445 70 of 81 5/10/2015 10:26 AM

Simmons Chris RAINMAKERZ CONSULTING, LLC 4511 POTOMAC AVE NW WASHINGTON, DC 200072535 USA Email: chris@rainmakerz.biz Phone: 2022552355 Limited Liability Company, Sorensen Christian QMULOS LLC 13443 MELVILLE LN CHANTILLY, VA 201512466 USA Email: christian@qmulos.com Phone: 2024949317 Limited Liability Company, Service Disabled, Spooner Peter SOLATRIS, LLC 35 ROGUE CT FREDERICKSBURG, VA 224064963 USA Email: peter.spooner@solatris.com Phone: 5714906908 Self-Certified Limited Liability Company, Service Disabled, Steadman James TESSCO INCORPORATED 11126 MCCORMICK RD HUNT VALLEY, MD 210311404 USA 71 of 81 5/10/2015 10:26 AM

Email: steadmanj@tessco.com Phone: 703-659-5928 Steinhauer Joshua TAILORED SOLUTIONS AND CONSULTING, INC 10125 COLESVILLE RD UNIT SILVER SPRING, MD 209012457 USA Email: jsteinhauer@tscadvantage.com Phone: 5713318682 Self-Certified Service Disabled, Stewart Bill SAP NATIONAL SECURITY SERVICES, INC. 3809 W CHESTER PIKE BLDG 1 NEWTOWN SQUARE, PA 190732331 USA Email: bill.stewart@sapns2.com Phone: 2404619913 Stockley Robert STRATEGIC SYSTEMS TECHNOLOGY 23024 GUNSTON DR LEXINGTON PARK, MD 206536307 USA Email: stockley_robert@strategic-systemstechnology.com Phone: 3018634825 / Cell#3019049951 Women-Owned Woman-Owned, S Corporation Stout Jon ASPIRATION SOFTWARE LLC 6529 JOHN MOSBY HWY MIDDLEBURG, VA Minority-Owned business, 72 of 81 5/10/2015 10:26 AM

201175324 USA Email: jon.stout@aspirationsoftware.com Phone: 540-687-3870 Self-Certified Woman-Owned Asian-Pacific American Owned, Limited Liability Company, Strasberg Daniel AXOM TECHNOLOGIES INC. 10010 JUNCTION DR STE 213-S ANNAPOLIS JUNCTION, MD 207011111 USA Email: dstrasberg@axomtech.com Phone: 4432838752 Service Disabled,, S Corporation Stuart Frank GLOBAL PROFESSIONAL SOLUTIONS, INC. 4723 B EISENHOWER AVE ALEXANDRIA, VA 223044805 USA Email: fstuart@gps-hq.com Phone: 7039210200 Minority-Owned business, Self-Certified 73 of 81 5/10/2015 10:26 AM

Black American Owned, Sweet Andrew APPLYLOGIC CONSULTING GROUP, LLC 8300 GREENSBORO DRIVE SUITE 800 MCLEAN, VA 221023661 USA Email: andrew.sweet@applylogic.com Phone: 7034050676, S Corporation Tait Richard KAIZEN APPROACH, INC. 6631 CHRISTY ACRES CIR MOUNT AIRY, MD 217717474 USA Email: richard.tait@kaizenapproach.com Phone: 3019284296 Service Disabled,, S Corporation 74 of 81 5/10/2015 10:26 AM

Tierney Tim EDGESOURCE CORPORATION 909 NORTH WASHINGTON STREET SUITE 200 ALEXANDRIA, VA 223141555 USA Email: ttierney@edgesource.com Phone: 7038370550 Toro Radames BARNETT ENGINEERING & SIGNALING LABORATORIES, LLC. 1559 VAPOR TRL COLORADO SPRINGS, CO 809162722 USA Email: radames.toro@besl.org Phone: 7196481711 Limited Liability Company,, S Corporation Tyler Gregory ELEVI ASSOCIATES, LLC 8820 COLUMBIA 100 PKWY STE 301 COLUMBIA, MD 210452172 USA Email: gtyler@elevi.net Phone: 4109927510 Limited Liability Company, 75 of 81 5/10/2015 10:26 AM

Varner Andrew NINEFX, INC. 2744 HEYWARD ST COLUMBIA, SC 292052524 USA Email: drew.varner@ninefx.com Phone: 8037674236 Self-Certified Service Disabled,, S Corporation, SBA Certified Hub Zone Firm Venezia Paul STAFFING 360 GROUP, INC. 607 NORTH AVE STE 15-2 WAKEFIELD, MA 018801305 USA Email: paul.venezia@cyber360solutions.com Phone: 7573379721 Wagner Mark ARTEMIS, INC. 14301 FNB PKWY STE 100 OMAHA, NE 681547200 USA Email: mark.wagner@artemis-ne.com Phone: 4026515190 Service Disabled,, S Corporation Ward Peter SAGE MANAGEMENT ENTERPRISE, LLC 76 of 81 5/10/2015 10:26 AM

6731 COLUMBIA GATEWAY DR STE 150 COLUMBIA, MD 210462136 USA Email: pete.ward@sage-mgt.net Phone: 4106274909 Limited Liability Company, Whaley Gregory ACADEMY SOLUTIONS GROUP, LLC 6700 ALEXANDER BELL DR STE 195 COLUMBIA, MD 210462183 USA Email: gwhaley@asg-llc.com Phone: 4102900871 Limited Liability Company, Service Disabled, 77 of 81 5/10/2015 10:26 AM

Wieland Howard DATAVISE INFORMATION TECHNOLOGY SERVICES, INC. 800 CR 330 BURNET, TX 786113803 USA Email: Howard.wieland@datavise.net Phone: 5124722932110 Minority-Owned business, DoT Certified Business Enterprise, Black American Owned, Service Disabled, Williams John NETAPP US PUBLIC SECTOR INC 1921 GALLOWS RD STE 600 VIENNA, VA 221823995 USA Email: john.williams@netapp.com Phone: 7032443999 Wilson Sander LOW VOLTAGE WIRING, LTD 1540 QUAIL LAKE LOOP COLORADO SPRINGS, CO 809064652 USA Email: awilson@lvw.com Phone: 7195408900 Service Disabled, 78 of 81 5/10/2015 10:26 AM

Woodman Julie PERSHING TECHNOLOGIES, LLC 2148 GRANT FARM CT MARRIOTTSVILLE, MD 21104 USA Email: julie.woodman@pershingtech.com Phone: 6028217611 Limited Liability Company, Wright Randall TORIS TECHNOLOGIES, LLC 1301 GATESMEADOW WAY RESTON, VA 201941426 USA Email: randall.s.wright@gmail.com Phone: 5713181747 Minority-Owned business, Limited Liability Company, Black American Owned, Wyatt Chad MANAGEMENT AND ENGINEERING TECHNOLOGIES INTERNATIONAL, INC. 8600 BOEING DR EL PASO, TX 799251226 USA Email: cwyatt@meticorp.com Phone: 915-772-4975 Minority-Owned business, Self-Certified Black American Owned, 79 of 81 5/10/2015 10:26 AM

Yonus Rohail CLOUDEN TECHNOLOGIES, LLC 43965 MAIDEN CREEK CT ASHBURN, VA 201473923 US Email: ryonus@cloudentechnologies.com Phone: 5713317295 Minority-Owned business, Self-Certified Limited Liability Company, Subcontinent Asian (Asian- Indian) American Owned, Zapata Randall ZAPATA TECHNOLOGY, INC. 1450 GREENE ST STE 500 AUGUSTA, GA 309015246 USA Email: RandallZapata@ZapataTechnology.com Phone: 706-955-4809 Minority-Owned business, Self-Certified 80 of 81 5/10/2015 10:26 AM

DoT Certified Business Enterprise, Hispanic American Owned,, S Corporation, SBA Certified Hub Zone Firm Zenzen Fran ASU RESEARCH ENTERPRISE 1475 N. SCOTTSDALE RD SCOTTSDALE, AZ 852573504 USA Email: zenzen@asu.edu Phone: 4805186228 Nonprofit Items 1-180 of 180 Add Me To Interested Vendors User Guide For Help: Federal Service Desk Accessibility 81 of 81 5/10/2015 10:26 AM