Defence Online

Type of document: Contract Notice
Country: United Kingdom

1. Title: CYBER ATTACK RECOVERY PLANNING (CARP) CYBER SECURITY BUSINESS ANALYST – FRAMEWORK AGREEMENT – SHORT DEADLINE
2. Awarding Authority: MoD, GB. Web:
3. Contract type: Service contract
4. Description: There is a requirement to deliver short-term outputs/gains to develop Awarding Authority capability to ‘Recover’ from a Cyber-Attack. The Discovery Phase for Cyber Attack Recovery Planning (CARP) highlighted 14 areas where immediate benefit can be realised in defence recovery. The requirement involves enabling an improved stance against these areas.
5. CPV Code(s): 72000000, 72200000, 72221000
6. NUTS code(s): UKI, UKI3, UKI32, UKK
7. Main site or location of works, main place of delivery or main place of performance: Location South West England
Address where the work will take place MoD Corsham, MoD London or Remotely
8. Reference attributed by awarding authority: Not provided.
9. Estimated value of requirement: Not provided.
10. Closing date for applications 10.5.2022 (11:59 pm).
11. Address to which they must be sent: For further information regarding the above contract notice please visit
12. Other information: Deadline for asking questions Thursday 5 May 2022 at 11:59pm GMT
Specialist role Business analyst
Off-payroll (IR35) determination Supply of resource: the off-payroll rules will apply to any workers engaged through a qualifying intermediary, such as their own limited company
Latest start date Wednesday 25 May 2022
Expected contract length The resource is required until the 31st October 2022
About the work
Early market engagement
Who the specialist will work with Resilient by Design Project Board
Theme Lead
Cyber Attack Recovery Planning Project Manager
Principal Technical Consultant
Cyber Security Consultant
Defensive Cyber Future – Project Manager – CRP
Policy team – CRP
What the specialist will work on Assess the maturity of existing systems and processes based on whether they meet a set of identified recovery best practices (Short Term Gains).
Support the Cyber Security Consultant in delivering the technical strategy for enabling an improved stance against the recovery best practices to reduce cyber risk and to improve MOD capability to recover from a cyber attack.
Data capture from system owners to measure and report on performance.
Working arrangements Your primary location will be a hybrid of remote working, MOD Corsham and possibly MOD Main Building London .
Expenses will be within your daily rate for your regular work location. Additional travel expenses will be available should you need to travel to other sites beyond MOD Corsham,. The MOD supports flexible working (when possible), at the discretion of the programme manager.
Security clearance Active SC clearance is required by the start date of the contract and this will not be sponsored by the MOD.
Additional information
Additional terms and conditions
Skills and experience
Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.
Essential skills and experience Have proven experience within MOD (or a similar sector) and comprehensive knowledge of Cyber security NIST Framework
Nice-to-have skills and experience
. Worked on similar projects within the cyber ‘Recover’ space.
BSc/BA in Computer Science, Engineering or relevant field; graduate degree.
How suppliers will be evaluated
All suppliers will be asked to provide a work history.
How many specialists to evaluate 7
Cultural fit criteria
Work as a team with our organisation and other suppliers
Be transparent and collaborative when making decisions
Have a no-blame culture and encourage people to learn from their mistakes
Take responsibility for their work share knowledge and experience with other team members
Additional assessment methods Interview
Evaluation weighting
Technical competence
50%
Cultural fit
15%
Price
35%
TKR-202253-EX-1812876