Defence Online

Type of document: Contract Notice
Country: United Kingdom

1. Title: SECURITY ASSURANCE COORDINATOR TO SMOPS INTEROPERABILITY DEPLOYED (RADIO) – SHORT DEADLINE
2. Awarding Authority: Ministry of Defence, GB. Web:
3. Contract type: Service contract
4. Description: The Security Assurance Coordinator (SAC) will be the main focal point for all Security Assurance related support tasks; dependant on the business need. Checks and balances must be maintained and monitored in accordance with policy and standards and supported by production of a formal document set to achieve accreditation
5. CPV Code(s): 72000000, 72212000, 72262000
6. NUTS code(s): UKK, UKK1, UKK15
7. Main site or location of works, main place of delivery or main place of performance: Location South West England
Address where the work will take place Defence Digital, Ministry of Defence Corsham
However, at-the-time of-writing, government measures to reduce Covid-19 are in operation and as-such, work should be done remotely and in observance of social distancing and shielding guidance. MOD will continue to observe all government advice in the coming months aimed at reducing the spread of the disease
8. Reference attributed by awarding authority: CCT 991
9. Estimated value of requirement: Maximum day rate £766.71, including VAT, any agency fees and travel & subsistence
HMRC employment status check returns – inside off-payroll working rules so (IR35) will apply
10. Closing date for applications 28.4.2021 (23:59).
11. Address to which they must be sent: For further information regarding the above contract notice please visit
12. Other information: Deadline for asking questions Friday 23 April 2021 at 11:59pm GMT
Specialist role Cyber security consultant
Latest start date Monday 10 May 2021
Expected contract length 9 months with an option to extend for a further 12 months
Who the specialist will work with Civilian, Military and contractors within the MOD and wider Defence industry
What the specialist will work on Act as the principal Security Assurance professional for SMOPs Interoperability Deployed (RADIO).
Work closely with each Service Manager, Service Stakeholders, MSP and Authority Security Assurance governance to achieve accreditation and through life management of all live services.
Establish and Chair Security Working Groups to review Security Assurance functions and assure risk is appropriately managed with the correct tools.
Review, assess, address and evidence effective security controls for threats facing the programme through the life of the service.
Support all live services with the production of a formal document set to be maintained in line with policy standards and reviewed annually
Working arrangements Work onsite 4/5 days a week in Corsham as agreed with the Project Manager in order to support Project Teams in all of their Security Assurance activities.
Currently with Covid19 until the foreseeable future all activity is likely to be remote. Unless it is to attend sight to carryout work on systems not available remotely, but this would be managed in accordance with site COVID policies, Head of Establishment and Head of Department approval and at line management discretion.
Security clearance Valid SC clearance must be in place prior to the contract starting.
Additional information
Additional terms and conditions
Skills and experience
Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.
Essential skills and experience
Have a minimum of three years’ experience within the last five years in an IA role in a similar sized organisation 10%
Evidence of high- level plan to your approach for identifying and managing Security Risks, Issues and Dependencies in mature business/project area, including evidence of managing RMADS, managing TSIs 10%
Evidence how you have provided Security Assurance documentation to enable an organisation to continue the route to full rollout and adoption of policies and templates within delivery areas 10%
Demonstrate experience of conducting Technical security reviews / approvals of Supplier and MoD Design and Test documentation to ensure that it is compliant with Defence Security policy 10%
Demonstrate experience of Defence Digital and/or MOD Security Accreditation and MOD Security Assurance process 10%
Demonstrate previous working experience of Coordinating technical security documentation in support of CyDR (previously ISS DAIS) to support achievement of accreditation 10%
Certified Cyber Professional (CCP) – at least SIRA Practitioner level 10%
Nice-to-have skills and experience
Certified Information Systems Security Professional (CISSP) Qualification or Certificate in Security Management (CISM) 5%
Associate Member of the Institute of Chartered Institute of Information Security (CIISEC) 5%
Member of the British Computer Society 5%
Experience of ICT Projects in a similar sized organisation 5%
Knowledge of JSP440 & JSP604 5%
Specific project experience such as cloud security, apps security 5%
How suppliers will be evaluated
All suppliers will be asked to provide a work history.
How many specialists to evaluate 3
Cultural fit criteria
Has experience of delivery in a complex defence IT environment, understanding the challenges and approaches to delivery (25%)
Worked as a team with our organisation and other suppliers, including knowledge and experience of scaled Agile ways of working (25%)
Remain transparent and collaborative when making decisions (25%)
Excellent communication, presentation, collaboration and client/stakeholder engagement skills with a wide variety of grades/positions. (25%)
Additional assessment methods
Reference
Interview
Evaluation weighting
Technical competence
75%
Cultural fit
5%
Price
20%
TKR-2021422-EX-1598822