2024 - 0205 Desktop Engineering Support Spec Scripting (NS) - FRI 29 AUG Relaunch

Desktop Engineering Support With Specialization in Scripting

The NATO Communications and Information Agency (further referred to as "Purchaser") is seeking a qualified Service provider to provide efficient and effective desktop computing engineering support services (further referred to as the Service) focused on commercial technologies augmenting the capabilities of the Purchaser.

The NATO Digital Workplace Centre (NDWC), part of NCI Agency, provides simple yet innovative solutions that underpin the Digital Transformation of NATO by providing feature-rich Digital Workplace, which enable NATO staff members to connect, communicate, and collaborate.

Workspace service area deliver the following user-facing services to NATO Commands, NATO Force structure and Nations in all 32 Allied Nations:

• Windows-based and iOS/iPadOS-based end user device provisioning, management, operation, and lifecycle across multiple separate networks of different classifications and various form factors;
• Workstream collaboration including email and instant messaging server backend and client frontend provisioning, management, operation and lifecycle across multiple separate networks of different classifications.

The services integrate with other services such as print/scan/copy, voice, video-teleconference (VTC), collaboration portals and enable NATO-specific functional applications higher up the software stack.

Through several on-going streams of work in Q4'24 and onwards, the services are rapidly evolving from using fully on premise to a mixture of on premise and public cloud technologies.

The Purchaser support structure is organized in three levels:

• Level 1 support provided by virtual Centralized Service Desk;
• Level 2 touch-labor and more specialized support provided by CIS Support Unit or IT Service Kiosk;
• Level 3 provided by centralized team of engineers.

With this Statement of Work (SoW), the Purchaser aims to achieve the following objectives:

• Leverage industry expertise and best practices in installation, configuration, monitoring and daily operation of commercial off the shelf (COTS) technologies and software in the end user computing area.
• Ensure healthy and functional end user computing environment providing to the end users devices that are compliant with the security and functional requirements.
• Improve the fault tolerance and disaster recovery of the IT systems thus enhancing the overall business continuity.
• Improve the maturity of the IT Operations by standardizing and optimizing activities and documenting procedures.

To achieve these objectives, the Purchaser is looking for a qualified Scripting engineer (Level 3) with estimation that the number of sprints require one person.

During performance of the contract, the Contractor personnel will act as part of the Purchaser's IT support organization.

The SoW covers the following activities and tasks:

• Develop, improve, implement, monitor and troubleshoot scripts in the following technologies using primarily PowerShell and Windows scripting languages (VBScript, batch scripting):
• Active Directory (AD) - Automate AD tasks using PowerShell, including user management, group membership, and remote access. Ensure efficient handling of AD objects, routine administrative tasks, and compliance audits through scripting;
• Group Policy Management (GPOs) – Assist in automating GPO creation, modification, and maintenance using PowerShell. Enforce security policies, manage user environments, and streamline GPO troubleshooting through automation;
• SCCM (System Center Configuration Manager) - Use scripting to automate software deployments, OS upgrades, and monthly patches. Monitor deployment statuses, troubleshoot failures, and improve SCCM processes through automation.
• Trellix - Automate device encryption, firewall rule configuration, and USB access control within Trellix. Streamline security tasks using scripting for consistent policy enforcement.
• Network / DHCP - Automate IP provisioning and DHCP reservations through scripts. Troubleshoot network-related issues and ensure consistent network configurations for end-user devices.
• Application COTS Troubleshooting - Automate the installation, configuration, and integration of COTS applications. Streamline troubleshooting and ensure seamless application operations with minimal manual intervention;
• Windows 10/11 Troubleshooting - Automate diagnosis and resolution of OS issues on Windows 10/11. Utilize scripts for OS updates, configuration changes, and application support to reduce downtime.
• Remote Protocols - Automate management and troubleshooting of remote access (RDP, VPN, SSH) to ensure secure, reliable access for remote users and improve remote support operations.
• Automate incident detection, logging, and escalation. Use scripts to resolve issues quickly and collaborate with the incident management team to improve response times.
• Demonstrate understanding of ITIL concepts and best practices - Apply ITIL best practices to automate incident, problem, and change management tasks, improving efficiency and aligning automation with ITIL service management standards.
• Develop, implement, improve and follow standard operating procedures and instructions on IT operation activities related to the Trellix setup.
• Develop, disseminate and improve instructions for Level 1 and Level 2 technicians.
• Perform on the job trainings as needed to team members, Level 1 and Level 2 technicians.
• Assist with resolving and delivery backlog activities/ projects on Kanban system
• Provide minimum 2 Continued Service Improvement(CSI) in the area of work per 4 sprints
• Identify opportunities for automation across AD, SCCM, and Trellix. Develop custom automation solutions to reduce manual workload and increase efficiency.

The payment shall be dependent upon successful acceptance of the Certificate of Acceptance – (Annex A).

Invoices shall be accompanied by the Certificate of Acceptance (Annex A) signed by the Contractor and Purchaser's authorized point of contact.

The Purchaser reserves the possibility to exercise a number of options described herein, based on the same sprint deliverable cost, at a later time, depending on the priorities and requirements.