The Department of Homeland Security, U. S. Citizenship and Immigration Services has an ongoing requirement to provide DevSecOps services and to collect information on procurement strategies. This was previously known as Services for Product Engineering and Enterprise Deliver (SPEED).

U.S. Citizenship and Immigration Services (USCIS) strives to be a leader in Agile development, leveraging DevSecOps teams to delivery business-driven value by way of products, services and integration. The pandemic has pushed agencies to innovate and expand their digital and virtual environments. The trend toward more cloud-based solutions enables USCIS to be more agile and telework-friendly, reduce its reliance on on-premise/legacy systems, and scale its operational capacity.

The Systems Delivery Division (SDD) within USCIS’s Office of Information Technology (OIT) is seeking to acquire ad hoc high-performing DevSecOps services that will work within a multi-vendor environment utilizing Lean-Agile software development best practices and DevSecOps principles to deliver quality, secure and cost-effective digital solutions.

Given the limited strategic sourcing vehicles (SSV) available to USCIS, SDD is exploring procurement strategies for performing Lean-Agile development and DevSecOps services as part of the Rapid Application and Product Integrated Delivery (RAPID) contract vehicle. USCIS requests service providers and industry partners address the questions and provide comments as outlined in the RFI. More specifically, USCIS is seeking information and best practices on establishing a multiple-award contracting vehicle (e.g., IDIQ or BPA) that will allow USCIS to quickly acquire and implement Agile development and DevSecOps service offerings in a cloud-based and virtual environment.

HISTORICAL BACKGROUND

This was previously known as Services for Product Engineering and Enterprise Deliver (SPEED) which was a combination of the  JETS – Benefits, JETS – Customer Service, and myUSCIS task orders.

The Joint Engineering Teams Sustainment (JETS) (Opportunity 112400), consisted of four tracks (portfolios) provided under separate task orders.

Records (Opportunity 171453)
Benefits (Opportunity 179866)
Mission Services Portfolio (179871) consolidated int to SPEED
Biometrics (Opportunity 171448).

• Task 1: Solution Delivery (New Development)
  • Architecture and Database Design
  • Software Development
  • Systems Integration Human Centered Design
  • Lean Product Management

  Task 2: Legacy Delivery (Operations & Maintenance)

  • Troubleshooting
  • Corrective and Preventative Maintenance
  • Enhancements
  • Upgrades and Refactoring

  Task 3: DevSecOps Engineering Support

  • CI/CD Pipeline Development and Integration
  • Tools Setup and Configuration
  • Automated Deployments
  • Cloud Management
  • Performance and Security Monitoring

  Task 4: Innovation

  • Experimentation
  • Emerging Technologies, Tools, Practices, Process and Techniques
  • Automation

  Task 5: Analytics

  • Big Data
  • Business Intelligence Discoveries
  • Self-Service and Data Visualization

  Task 6: Artificial Intelligence (AI) and Machine Learning (ML)

  • Intelligent Models
  • Automated Analytics

  PREVIOUS OBJECTIVES AND REQUIREMENTS

  • eProcessing Objective: USCIS has a need to achieve end-to-end digital workflow processing, to include the ingestion of all applications and evidence through adjudication, decision making, and communication with applicants, in order to create digital immigration records at the point of receipt, which will serve as the official record throughout the immigration lifecycle. This effort involves stabilization and modernization efforts to the applications to include existing services mentioned above. From a technology standpoint, the use of micro-services, APIs, Kafka, event streaming, and related technologies in domain-driven design, will be emphasized and standardized across the enterprise.
  • Architecture Objective: Continuously improve and evolve USCIS’s product architecture, user experience, Agile development, and DevSecOps practices via business, solution, enterprise, data, and security architecture support. One of the greatest challenges facing USCIS is establishing consistent and effective use of cloud-based environments and modernizing some of the legacy applications.
  • Legacy O&M Objective: Continue to sustain current capabilities and maintain the current existing applications Service Oriented Architecture (SOA) Services, hosted in Data Center 1 (DC1), and Amazon Web Services (AWS). Security vigilance is a must to ensure legacy applications are meeting security standards.
  • Legacy Enhancement Objective: Extend the capabilities of existing legacy applications in the form of enhancements. This will allow for technical and business requirements that offer a greater level of innovation to lead to increased productivity.

  Additional Tasks / Requirements for Consideration

  • Agile Methodology: Ability to align with the U.S. Digital Services Playbook https://playbook.cio.gov and the Open Practice Library https://openpracticelibrary.com/ with familiarity of the concepts in each play/practice. Agile teams shall work collaboratively with other USCIS Agile teams and step outside the traditional channels by embracing automation and orchestration so they can work together more easily.
  • DevSecOps Requirement: Ability to use modern digital services that use DevSecOps techniques, which embrace cloud-based, scalable architecture, immutable infrastructure, automated testing, and continuous integration and continuous deployment Maintain secure and tested mobile and web designs and applications using automated testing frameworks, which utilize services, micro-services, and containers.
  • Production Support and Helpdesk (Tier 2/3) Support: Support for Critical and Non-critical Applications/Systems. Includes after-hours and weekend support responsibilities in responding to production emergencies (outages) and critical issues (Premium Processing or other ad-hoc critical needs). Tier 2 and Tier 3 helpdesk operational services support, which includes managing a high volume of incoming user/customer-submitted tickets and backlogs. Apply proactive lean strategies and Agile principles to production systems and customer support of enterprise applications.

  Provide information technology (IT) services to support USCIS mission-related operations including but not limited to:

  Information should include the size, scope, complexity, and number of IT projects developed using Agile processes and a DevSecOps CI/CD model in a cloud environment. Specifically, discuss projects developed using pure open source technology in Amazon Web Services (AWS) or other comparable cloud environments (e.g. Microsoft Azure and Google Cloud); specifically, these projects should be in production environments, not development or experimental in nature. The contractor must have acted as the prime or subcontractor and directly performed the work. For these projects, identify experiences with the following DevSecOps technology areas:

  • Programming Languages
    • −Java (and Java variants, such as JS, Angular and Node)
  • Microservices
    • SQL Databases
    • Postgres
    • MySQL
  • Containerized Services Platforms
    • Docker
    • Openshift
    • Other Container Technology
  • Message Streaming Platforms
    • Kafka
    • Other Message Streaming Platforms
  • CI/CD Pipeline Automation
    • Jenkins
    • Chef
    • Terraform