The anticipated acquisition will include multiple indefinite-delivery indefinite-quantity (IDIQ) contracts with cost-plus-fixed-fee (CPFF) pricing. It is estimated that the period of performance will include a two-year base period and three one-year award term incentive periods.I don't know what exactly the work detail is, I didn't read into it too far. I do want to point out a few details though. 400,000 hours per year over 5 years comes to 2,000,000 hours. If this contract is for independent contract work, for federal contract workers the bids usually run about 50 weeks at 40 hours a week, or 2000 hours annually. The remaining 2 weeks of the year are generally not included because of the 10 federal holidays workers get off.
An updated Statement of Work (SOW) for the anticipated acquisition is attached. This SOW incorporates comments resulting from RFI MKTSVY-06F32A. Providing this SOW is intended to provide an advanced understanding of the anticipated requirements.
The estimated level of effort is 400,000 hours per year, with a total value of $249,824,063. The estimated level of effort will be divided among the multiple award contractors pursuant to the ordering process at FAR 16.505(b).
That means to fill 400,000 annual work hours, the contract is for 200 folks at 2000 hours annually for 5 years. At ~$250 million, that means ~$50 million annually for 200 folks. That comes in at a cost of around $250,000 each annually for the 200 hired contractors.
Sounds like a lot, right? Well, the middleman, who will be whomever wins the contract bid (Northrop Grumman, Lockheed Martin, General Dynamics, etc), will take a least 20% off the top, meaning you are really looking at $200,000 each contractor. $200,000 for 2000 hours comes to $100 an hour. That may sound great, but if this contract is for high end IT cyber security work, $100 an hour is well under market value for an experienced IT security consultant, in fact many federal and state government agencies, not to mention every fortune 500 private corporation, already pays $150 or more per hour to high end security professionals. While I haven't checked in awhile, I don't even think Symantec, Network Associates, Microsoft, or IBM even offers one of their high end security response consultants for less than $200 an hour.
That means if this contract is for 400,000 hours per year of high end hacker work, the Navy bid may be hoping to get high end talent offering 33% below market value for folks who may be expected to fill critical positions of national Cyber Warfare and Security. I think someone forgot to tell Uncle Sam that the experienced hackers don't come cheap, meaning this contract is likely to be filled with an excess of young folks who may be very skilled and smart, but are likely inexperienced.
If the DoD is going to take Cyber Security seriously, they may want to make themselves the best job in town when it comes to Cyber Warfare, instead of hoping to capitalize on a sense of patriotism or other such emotional attraction. Last I checked, which could be said to have been today... most hackers (including hard left socialists) have capitalists genes when it comes to their services. That is something anyone who has ever spent any time at all drinking at the invite parties at DEFCON can attest to.
Just an observation.
No comments:
Post a Comment