Quebec SEAO #20135073

Professional Information Security Services for CISSS de Chaudière-Appalaches

CISSS de Chaudière-Appalaches, a regional health authority in Quebec, is seeking professional information security services to enhance its cybersecurity posture. - Government Buyer: - CISSS de Chaudière-Appalaches (regional health authority, Quebec, Canada) - Services Requested: - Penetration testing for applications, infrastructure, and cloud environments - Includes reconnaissance, automated and manual security tests, code review, vulnerability reporting, and remediation verification - Total of 3,000 hours of professional services - Requirements: - Minimum 3 years of experience in application penetration testing - Recognized certifications in information security - Knowledge of programming languages: HTML, SQL, Python, PHP - Fluency in French - Adherence to CISSS-CA's methodological and normative framework - Work primarily remote, with possible in-person meetings - Notable Details: - No specific OEMs or vendors named; open to qualified service providers - Part of broader health sector cybersecurity initiatives - Place of Performance: - Primarily remote, with possible meetings at CISSS de Chaudière-Appalaches offices in Lévis, Quebec

Description

This tender is for professional information security services, including penetration testing of applications, infrastructure, and cloud environments. The contractor will conduct reconnaissance, automated and manual security tests, code reviews, vulnerability reporting, and remediation verification. The contract is expected to start around May 15, 2026, lasting approximately 24 months with a total of 3,000 hours. Work will primarily be remote with possible in-person meetings, and bidders must have at least 3 years of experience in application penetration testing and relevant certifications.

View original listing