Defence Online

Type of document: Contract Notice
Country: United Kingdom

1. Title: NEW SAC FOR DLE PLATFORM ON ICE – SHORT DEADLINE
2. Awarding Authority: Ministry of Defence – Defence Digital, GB. Web:
3. Contract type: Service contract
4. Description: The Defence Learning Environment (DLE) is a component of DLMC and is currently hosted on MODCLOUD ICE (migrated from JSF on 25 Oct 2020).
We will be working to get Official Sensitive accreditation to host OS course material on the DLE.
5. CPV Code(s): 72000000, 72260000, 72200000, 72222300, 72262000
6. NUTS code(s): UKK, UKK1, UKK15
7. Main site or location of works, main place of delivery or main place of performance: Location South West England
Address where the work will take place Defence Digital, ASDT, Mustang Building, Rudloe Site, Westwells Road, MOD Corsham, SN13 9NR
8. Reference attributed by awarding authority: RM1043/CCT967
9. Estimated value of requirement: Maximum day rate £750.00 ex-VAT
10. Closing date for applications 14.1.2021 (23:59).
11. Address to which they must be sent: For further information regarding the above contract notice please visit
12. Other information: Deadline for asking questions Monday 11 January 2021 at 11:59pm GMT
Latest start date Monday 15 February 2021
Expected contract length 12 months (with an Option for a further 3 months)
About the work
Early market engagement N/A
Who the specialist will work with 1. CyDR ASDT SAC
2. CyDR Accreditor
3. ASDT managed Projects specifically DLE, and MODBOX and associated stakeholders, but may be called to assist with other ASDT projects if required.
What the specialist will work on Work with ASDT Programme in line with MOD Policies JSP604/JSP440 and Cyber Security best practice to:
Ensure proper procedures exist to support projects to achieve/maintain accreditation.
Assess and develop current security documentation.
Work with projects to ensure service developments are assessed and approved based on MOD Security protocols.
Be Project point of contact for Security Assurance with external stakeholders, attending meetings where required.
Work with designated Accreditor keeping them informed of Project status/issues.
Chair regular Security Working Group meetings with relevant stakeholders.
Produce testing scopes and ensure Vulnerability assessment or Penetration Testing is undertaken, reports produced, and remedial works completed
Working arrangements Most tasking will take place from MOD Corsham and you are required 5 days a week. The working day is 8 hours to include 30 minutes for lunch. Limited travel will be required within the UK. Travel and subsistence costs away from MOD Corsham will be recoverable in line with MOD Policy.
Security clearance Due to short timescales SC Clearance must be in place from the first day of this contract and for the duration of the contract, due to the Projects that the individual is required to work with.
Role is outside of IR35.
Cyber Risk Assessment RAR-D5PB3UQ3
There is a current incumbent
Additional information
Additional terms and conditions DEFCONs 658 Cyber & 659 Security.
Crown Patents drafting
“AUTHORISATION BY THE CROWN FOR USE OF THIRD PARTY INTELLECTUAL PROPERTY RIGHTS
Notwithstanding any other provisions of the Contract and for the avoidance of doubt, award of the Contract by the Authority and placement of any contract task under it does not constitute an authorisation by the Crown under Sections 55 and 56 of the Patents Act 1977 or Section 12 of the Registered Designs Act 1949. The Contractor acknowledges… with reference to the acts authorised and the specific intellectual property involved.” will apply.
Skills and experience
Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Essential skills and experience
Minimum of two years experience in an IA role with a similar sized organisation. 15%
CCP – Senior Practioner in one of the following disiplines SIRA or ISSM. 15%
Associate Member of the Institute of Chartered Institute of Information Security (CIISEC) 15%
Certified Information Systems Security Professional (CISSP) Qualification. 15%
Nice-to-have skills and experience
Experience of using Moodle 6%
Experience of ICT Projects in a similar sized organisation 6%
Certified Information Security Manager (CISM) Qualification 11%
Extensive practical knowledge of Cloud Security 11%
Knowledge of JSP440 & JSP604 6%
How suppliers will be evaluated
All suppliers will be asked to provide a work history.
How many specialists to evaluate 3
Cultural fit criteria
Experience of working in an Information Assurance role in a similar sized organisation. 35%
Work independently. 35%
Work or have knowledge of working in an Agile environment. 30%
Additional assessment methods Interview
Evaluation weighting
Technical competence
60%
Cultural fit
20%
Price
20%
Questions asked by suppliers
No questions have been answered yet
Log in to ask a question
TKR-202118-EX-1532639