Information Technology Vulnerability Management Services

A government authority in British Columbia is seeking information technology vulnerability management services to secure its corporate IT environment. The agency needs to resolve and manage vulnerabilities across approximately 170 Windows servers, 20 Linux servers, 1,700 Windows workstations, and various commercial software applications. The primary goal is to establish scheduled remediation, continuous improvement, and proper device enrollment across all existing management and update platforms. The scope of work requires the selected vendor to prioritize vulnerabilities based on impact, severity, and prevalence using risk-based assessments. The chosen provider must manage updates for third-party applications, reconcile device enrollment, and resolve device state issues such as patch failures and onboarding gaps. While the agency specifies that all work must be completed remotely using least-privilege and just-in-time access, the overall performance of the work is designated as onsite. Eligible bidders must be located onshore within Canada. The agency is requesting budget proposals from interested parties rather than providing a pre-determined funding limit. Bidders must submit their responses digitally via email or through the online portal.