The City of Roseville is soliciting proposals from qualified cybersecurity firms to provide multi-year penetration testing services across its Information Technology, Business Technology, and Operational Technology environments. The selected consultant will conduct authorized controlled testing to identify vulnerabilities in networks, applications, wireless, cloud, and industrial control systems. Services must align with National Institute of Standards and Technology Special Publication 800-115, Open Worldwide Application Security Project Testing Guide, and Penetration Testing Execution Standard. The engagement includes annual testing, risk scoring, compliance mapping, and remediation guidance to strengthen the City’s cybersecurity posture.