Cyber Training

Performance Work Statement (PWS)

To provide advanced individual cyber training, low-density subject matter expertise enhancement, and certifications for the U.S. Army Cyber Protection Brigade (USACPB) at Fort Eisenhower, GA. The training aims to develop critical skill sets for enhancing operational capability in direct support of the United States Cyber Command (USCC) Cyber Mission Force (CMF).

• Provide instruction and support services in a classroom environment.

• Offer advanced technical cyber security expertise and knowledge not readily available in the U.S. Army training inventory.

• Prepare personnel to defend, monitor, detect, analyze, audit, and mitigate threats to Department of Defense (DoD) and U.S. Army networks.

• Focus on defending tactical through strategic networks, wired and wireless telecommunications systems, and enterprise-wide networks.

• Provide instructors, curriculum development (including new curriculum), course materials, labs, assessments, and textbooks.

• Specific training includes Security Onion 2 Detection Engineering and Analysis In-Depth, and Security Onion 1 Fundamentals for Analysts & Admins.

• Instructors must meet specific qualifications (certifications, 10 years of experience).

• Training materials must be updated quarterly or semi-annually.

• Contractor must maintain and report student attendance and statistics.

• Quality Control Plan (QCP) required, detailing methods for defect prevention and service improvement.

• Performance is monitored, with specific acceptable levels of performance (ALP) for content delivery, error rates, and customer complaints.

• Period of Performance: 12 months from September 30, 2024, through September 29, 2025.

• Place of Performance: 3150 Perimeter Parkway, Augusta, GA 30906.

• Security: Contractor personnel must be U.S. citizens. A minimum of a National Agency Check with Inquiries (NACI) investigation is required for network access. Anti-Terrorism (AT) Level I Training and iWATCH training are mandatory.

• Personnel Qualifications: Instructors require specific certifications and extensive experience.

• Deliverables: Monthly Progress Reports, Training Certificates, Quality Control Plan, and End of Course Feedback.

• Contract Type: Firm-Fixed Price.

• Invoicing: Must be submitted via Wide Area Workflow (WAWF).

Justification and Approval (J&A)

This document justifies a brand name procurement for Cyber Protection Brigade (CPB) Cyber Training. The anticipated funding is from Fiscal Year (FY) 26 Army Cyber Protection Brigade funding, and the contract will be Firm-Fixed Price.

The procurement includes:

• Exam vouchers
• Personnel, equipment, supplies, tools, materials, and other items
• Non-personal services for instruction and support in a classroom environment.

Specifically, the training includes:

• Two (2) Security Onion 2 Detection Engineering and Analysis In-depth courses (20 seats per course).
• One (1) Security Onion 1 Fundamentals for Analysts & Admins-Onsite/Live course (up to 20 students).

The justification is made under FAR 13.106-1(b)(1), citing conditions for purchases not exceeding the simplified acquisition threshold (SAT) where only one source is reasonably available, or due to urgency, exclusive licensing agreements, brand name, or industrial mobilization.

U.S. Army Contracting Command Aberdeen Proving Ground (ACC-APG), Huachuca Division, Fort Huachuca, AZ.

Performance Work Statement (PWS)

To provide advanced individual cyber training, low-density subject matter expertise enhancement, and certifications for the U.S. Army Cyber Protection Brigade (USACPB) at Fort Eisenhower, GA. The training aims to develop critical skill sets for enhancing operational capability in direct support of the United States Cyber Command (USCC) Cyber Mission Force (CMF).

• Provide advanced technical cyber security expertise and knowledge not readily available in the U.S. Army training inventory.

• Focus on forensics, industrial control systems, management, and security.

• Prepare personnel to defend, monitor, detect, analyze, audit, and mitigate threats to Department of Defense (DoD) and U.S. Army networks.

• Cover tactical to strategic networks, wired/wireless telecommunications, and enterprise-wide networks.

• Provide instructors, curriculum development/maintenance, course materials, blended training solutions, and assessment.

• Specifically includes providing two (2) separate classes of "Security Onion 2 Detection Engineering and Analysis In-Depth".

• Instructors must meet security requirements and maintain classroom standards.

• Student materials must be updated quarterly or semi-annually.

• Performance will be monitored via 100% inspection, random sampling, planned inspection, periodic inspection, and customer surveys.

• Acceptable Level of Performance (ALP) generally requires meeting specifications 95% of the time, with specific metrics for content delivery, error rates, and customer complaints.

• Period of Performance: September 30, 2024, through September 29, 2025 (12 months, no option periods).

• Place of Performance: 3150 Perimeter Parkway, Augusta, GA 30906.

• Personnel Qualifications: Instructors require specific certifications, a minimum of 10 years of direct career field experience within the last 15 years, and English proficiency.

• Security: Contractor employees must be U.S. citizens. Access to information systems requires a favorable security investigation. Network access requires a minimum NACI investigation. Anti-Terrorism Level I training and iWATCH training are mandatory.

• Quality Control: Contractor must establish and maintain a Quality Control Plan (QCP) for Government approval.

• Deliverables: Include Monthly Progress Reports, Training Certificates, Quality Control Plan, and End of Course Feedback.

• Government Furnished Property: Government will provide workspace, classroom, desk space, chairs, and computers.

• Contractor Provided: Textbooks, hardware, software, licensing, shipping, printed materials, testing products, media resources, lab packages, and other courseware products.

Solicitation / RFP / RFQ

This solicitation is for Cyber Training for the Cyber Protection Brigade. The requirement is for "Security Onion Detection Engineering and Analysis In-depth courses" and "Security Onion Fundamentals for Analysts & Admins-Onsite/Live".

• Two distinct training courses are required, both related to "Security Onion".

• Item 0001: "Security Onion Detection Engineering and Analysis In-depth courses" with 20 seats per course.

• Item 0002: "Security Onion Fundamentals for Analysts & Admins-Onsite/Live" with up to 20 students.

• The Performance Work Statement (PWS) will be provided as a separate attachment.

• All equipment and services must comply with applicable laws and manufacturer policies.

• Offerors must be Manufacturer Authorized Channel Partners/Sellers.

• The contract is subject to the availability of FY 2026 funding.

• The period of performance for both items is from September 30, 2026, to September 29, 2027.

• Pricing arrangement is Firm Fixed Price for both items.

• Offerors must complete blocks 17a, 30a, 30b, 30c on the SF 1449, including all pricing and taxes.

• Quotes must include delivery lead-time.

• A detailed breakdown or narrative of what is being provided is required; direct copy-pasting from the RFQ will be considered non-responsive.

• Quotes must identify the price for items and cost/details for shipping.

• The solicitation is a Small Business Set-Aside.

• Offerors must complete specific FAR provisions (52.212-3, 52.204-24, 52.204-26) if not already completed in SAM.

• Questions regarding the solicitation must be emailed to monica.a.gjerde.civ@army.mil before 9:00 AM Arizona Standard Time on Tuesday, March 24, 2026.

• Quotes/Proposals are due electronically via email no later than 9:00 AM Arizona Standard Time on Tuesday, March 31, 2026.

• This acquisition is a Small Business Set-Aside.

• Payment will be made via Wide Area Workflow (WAWF).

• Funds are not presently available for this contract; obligation is contingent upon availability of appropriated funds.