Ministry of Defence. ISS.

ISG High Threat Gateway Security Assurance Co-Ordinator

Incomplete applications

30
Incomplete applications
28 SME, 2 large

Completed applications

11
Completed applications
10 SME, 1 large
Important dates
Opportunity attribute name Opportunity attribute value
Published Tuesday 1 October 2019
Deadline for asking questions Thursday 3 October 2019 at 11:59pm GMT
Closing date for applications Tuesday 8 October 2019 at 11:59pm GMT

Overview

Overview
Opportunity attribute name Opportunity attribute value
Specialist role Cyber security consultant
Summary of the work This role is aimed at an experienced Security Assurance Coordinator and involves meeting the requirements of JSP440, the Defence Manual of Security and ensuring systems meet accreditation standards. Extensive knowledge of Government and Defence Systems is essential.
Latest start date Friday 1 November 2019
Expected contract length 24 months. Contract end date. 31/10/2021. Extension Option: 6 Months (Subject to financial approval)
Location South West England
Organisation the work is for Ministry of Defence. ISS.
Maximum day rate £783 (Ex VAT) per day.

Limit of Liability for T&S is £4,000. (Ex VAT). (At extant MOD rates)

About the work

About the work
Opportunity attribute name Opportunity attribute value
Early market engagement
Who the specialist will work with Civilians, the Military, and Contractors within the Interoperability Services & Gateways Team.
What the specialist will work on Scope for Gateway, inc requesting VA/Pen Tests, guidance on Securing Enforcing Functions. Review of HLD/LLD.Completion & maintenance of DART. Define CTAS scope. Production of Security Requirements Statements and Risk Balance Cases.Production & review of RMADS & OSMP & associated documentation.Review ITHC Testing & remediation plans. Audit supplier for correct level of due diligence.Production of Pre-PIA & PIA, MOD Code of Connection & MOD Statement of Connection Conformity. Chair of SWG & Security Surgeries & production/distribution of outputs. Audit of live operations & inspection of Protective Monitoring system. Regular mtgs with Accreditor & NCSC.Witness system performance post changes in the design.

Work setup

Work setup
Opportunity attribute name Opportunity attribute value
Address where the work will take place ISS, Building 405,Spur D1, Westwells Road, MOD Corsham, SN13 9NR.
Working arrangements All tasking will take place from MOD Corsham and you are required 5 days a week, the working day is 8 hours to include 30 minutes for lunch. Day visits may be required to UK.
Security clearance DV Clearance must be in place prior to and for the duration of the contract.

Additional information

Additional information
Opportunity attribute name Opportunity attribute value
Additional terms and conditions

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Skills and experience
Opportunity attribute name Opportunity attribute value
Essential skills and experience
  • Hold DV Clearance - 10%
  • Hold CCP Senior SIRA status - 10%
  • Detailed knowledge of Government IA Policy, incluidng JSP440, JSP604, IS1/2, DIANS and NCSC IA Guidance - 15%
  • Provide evidence of detailed gateway design and capability including NSCS Architectural Patterns and an in depth understanding of how NCSC works - 15%
  • Provide evidence of detailed knowledge of Security Requirements and related compliance/non compliance within the designs - 10%
  • Provide evidence of detailed knowledge of OSMP documentation - 10%
  • Provide evidence of of detailed experience of how the accreditation process works within the UK Government and Defence systems - 15%
Nice-to-have skills and experience
  • Provide detailed experience of the Assurance Plan in respect of the Gateways - 5%
  • Provide detailed knowledge of associated risks and threats specific to the gateways - 5%
  • Provide detailed experience of the T&A process that is implemented across Government and Defence system projects. - 5%

How suppliers will be evaluated

How suppliers will be evaluated
Opportunity attribute name Opportunity attribute value
How many specialists to evaluate 3
Cultural fit criteria
  • Work as a team with our organisation and other suppliers - 20%
  • Be Transparent and collaborative when making decisions - 20%
  • Have a no-blame culture and encourage people to learn from their mistakes - 20%
  • Take responsibility for their work - 20%
  • Share knowledge and experience with other team members - 20%
Additional assessment methods Reference
Evaluation weighting

Technical competence

75%

Cultural fit

5%

Price

20%

Questions asked by suppliers

Questions asked by suppliers
Supplier question Buyer answer
1. What is the IR35 status? IR35 does not apply to this engagement
2. If a candidate has previous DV Clearance can we submit when contract requests DV clearance? Candidates must hold DV Clearance, and it needs to be valid for the contract duration.
3. Is DV Clearance required at commencement, or will SC with lapsed DV and willingness to be processed again, meet the requirement? Previous response applies.
4. Please can you confirm if the rate of £783 (Ex VAT) per day is - a pay rate or max charge rate? It is the maximum rate the Authority will pay per day.
5. Will MOD support the DV process if a candidate is already SC cleared? MOD will not sponsor the DV process.
6. Are you able to consider candidates that have a notice period as I can see that this role has a start date of 1st of November. Anyone with DV Clearance that is currently working could have up to 3 months notice. Candidates must be able to start on the 1st of November 2019.
7. Is there a current incumbent? Yes, there is.
8. Does the MOD accept a transfer of a DV active clearance? Unsure what is being referred to by 'Transfer of a DV Clearance'. It is the individual who holds the DV Clearance.
9. Does the MOD accept a transfer of a DV active clearance?: Further response: If this query is around transferring a DV from a company or military, the transfer reference number would need to be provided along with the DV details (at a later stage).