The Internal Revenue Service (IRS) is preparing to launch PROTECTS II, a $20 billion, 10-year Blanket Purchase Agreement (BPA) that will serve as the IRS and Treasury’s primary vehicle for enterprise cybersecurity services.
The agency released a Draft Performance Work Statement (PWS) and Request for Information (RFI) and responses are due by 10:00 AM ET on June 10, 2025.
Opportunity Summary
- Opportunity Name: Providing Treasury Enterprise Cybersecurity Technology & Services (PROTECTS II)
- Contract Type: Blanket Purchase Agreement (BPA)
- Estimated Duration: 1-year base + 9 option years (through 2035)
- NAICS: 541519 – Other Computer Related Services
- Size Standard: $34M or 150 employees for IT VARs
- View on SAM.gov: https://sam.gov/opp/8025ad043898491eb9df34ff6365b082/view
Scope of Work
Under this BPA, contractors will provide enterprise-wide cybersecurity services to support Treasury’s mission to protect federal systems, data, and infrastructure.
Services may include:
- Governance, Risk, and Compliance (GRC)
- Continuous Diagnostics & Monitoring (CDM)
- Identity & Access Management (ICAM) and PIV enablement
- Security Architecture & Zero Trust Framework
- Threat intelligence, incident response, and recovery
- System assessments and control testing aligned to NIST and FISMA
- Integration with Executive Order 14028 initiatives
- Workforce development tied to the NICE Cybersecurity Workforce Framework
All services will align with federal security standards (NIST, FISMA, OMB A-130) and will be awarded via modular call orders under the BPA.
How OST Can Help
OST helps firms position early for large-scale BPAs and IDIQs through:
- Strategic RFI response development
- Capture planning and teaming strategy
- Price-to-Win analysis
- Full proposal support from PWS to production
We’ve supported clients on wins totaling over $27B in federal contracts, including cybersecurity, Zero Trust, and CDM programs across IRS, DHS, and DoD.
Want to submit a smart, strategic RFI response before June 10? Let’s get started today.
