Defence Online

Type of document: Contract Notice
Country: United Kingdom

1. Title: INFORMATION ASSURANCE SPECIALIST APPLICATIONS AND ONBOARDING SUPPORT – SHORT DEADLINE
2. Awarding Authority: Ministry of Defence – Information Systems and Services, GB. Web:
3. Contract type: Service contract
4. Description: The Awarding Authority delivers the core ICT platform for Defence. Cyber security professionals are required to work with the ASDT EMPORIUM programme in line with information assurance and Cyber security policy to introduce a number of assured cloud hosting services and associated projects to transform application and system hosting within the MoD.
5. CPV Code(s): 72262000, 72000000
6. NUTS code(s): UKK, UKK1, UKK15
7. Main site or location of works, main place of delivery or main place of performance: Location South West England
Address where the work will take place ISS (Information Systems and Services), Mustang Building, Rudloe Site, MoD Corsham, Westwells Road, Corsham, Wiltshire, SN13 9NR.
8. Reference attributed by awarding authority: RM1043/CCT825
9. Estimated value of requirement: Maximum day rate £900.00 (inc VAT) or £750.00 (ex VAT) maximum budget per day.
10. Closing date for applications 1.11.2019 (23:59).
11. Address to which they must be sent: For further information regarding the above contract notice please visit
12. Other information: Deadline for asking questions Tuesday 29 October 2019 at 11:59pm GMT
Latest start date Monday 2 December 2019
Expected contract length 12 Months with an extension option of 3 months pending internal financial approval.
Early market engagement
Who the specialist will work with The specialist will be required to work with the Crown Servant Security Assurance Coordinator in addition to the ASDT (Application Service Development Team) agile teams and Project Stakeholders. One specialist will be working with the hosting teams. One will focus on applications and on-boarding onto platforms and one will be concentrating on Data Centre rationalisation and migration of systems.
What the specialist will work on Review of HLD/LLD
Completion and maintenance of DART
Define CTAS scope
Production of Security Requirements Statements and Risk Balance Cases
Production and Review of RMADS and OSMP and other associated documentation to achieve accreditation
Review ITHC Testing and remediation plans
Audit supplier for correct level of due diligence
Production of Pre-PIA and PIA, MOD Code of Connection and MOD Statement of Connection Conformity
Chair of SWG and Security Surgeries and production/distribution of outputs
Audit of live operations and Inspection of Protective Monitoring System
Regular meetings with Accreditor and NCSC
Witness system performance post changes in the design
Working arrangements All tasking will take place from MoD Corsham and the specialist is required 5 days a week. The working day is 8 hours including 30 minutes for lunch. Travel may be required within the UK with Travel and Subsistence costs away from MoD Corsham recoverable in correspondence with MoD Departmental/Policy rates.
Security clearance Developed Vetting Clearance must be in place prior to and for the duration of the contract starting due to the projects the individual is required to work with.
Skills and experience
Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.
Skills and experience
Opportunity attribute name Opportunity attribute value
Essential skills and experience
Holds CCP Practictioner Status – 25 Points
Evidence of Information Risk Management in the HMG and/or Defence context – 20 Points
Evidence of security knowledge associated with Applications Security – 20 Points
Nice-to-have skills and experience
Holds CCP – Certified Cyber Professional Senior Practitioner status – 10 points
Holds CISSP – Certified Information Systems Security Professional status – 10 Points
Holds CISM – Certified Information Security Manager status – 10 Points
Knowledge and understanding of agile ways of working – 5 Points
How suppliers will be evaluated
How suppliers will be evaluated
Opportunity attribute name Opportunity attribute value
How many specialists to evaluate 3
Cultural fit criteria
Work as a team with our organisation and other suppliers
Be transparent and collaborative when making decisions
Have a no-blame culture and encourage people to learn from their mistakes
Take responsibility for their work
Share knowledge and experience with other team members
Additional assessment methods Interview
Evaluation weighting
Technical competence
75%
Cultural fit
5%
Price
20%
TKR-20191028-EX-1195379