Awarded to Parico Limited

Start date: Monday 9 August 2021
Value: £5,900
Company size: SME
Government Actuary's Department

Linux server security specialist

10 Incomplete applications

9 SME, 1 large

6 Completed applications

6 SME, 0 large

Important dates

Published
Wednesday 30 June 2021
Deadline for asking questions
Wednesday 7 July 2021 at 11:59pm GMT
Closing date for applications
Wednesday 14 July 2021 at 11:59pm GMT

Overview

Specialist role
Cyber security consultant
Off-payroll (IR35) determination
Supply of resource: the off-payroll rules will apply to any workers engaged through a qualifying intermediary, such as their own limited company
Summary of the work
The cyber security consultant will configure the linux server to bring the security in line with the Cabient Office and NCSC guidelines. The individual is responsible for carrying out this work and ensuring it is tested, and any other best practice needed following approval from GAD.
Latest start date
Monday 9 August 2021
Expected contract length
Location
London
Organisation the work is for
Government Actuary's Department
Maximum day rate
Up to £600 ex VAT per day. Standard 7 hour 12 minute working day, includes expenses to base location agreed with Government Actuary's Department. Additional expenses only paid with prior approval of the Government Actuary's Department.

About the work

Early market engagement
Who the specialist will work with
GAD's outsourced IT team provided by the Government Legal Department have worked to install and configure the Linux server. The individual will work with a small team of GLD infrastructure engineers and the GAD IT Security Officer and Technical Architect to ensure the Linux server is secured in line with Cabinet Office and NCSC guidelines, and integrated into the ongoing IT monitoring of the server estate. The individual will report on progress to the GAD project management team and the GLD IT manager.
What the specialist will work on
The responsibility will be to lead the work to secure an on premise Linux server, completing the following:
- Harden the server by removing all non-essential services installed on the o/s
- Harden the network connection of the server. Shut down all extraneous open TCP/IP ports remove applications, secure all application connectiviy and encrypted or tunnelled through SSL, change TCP/IP ports from defaults
- Integrate Linux server into systems management and reporting used across Windows server estate
- Disable Wifi connectivity on the server
- Ensure the server can't connect outside the firewall
- Any other best practice steps

Work setup

Address where the work will take place
Finlaison House, 15-17 Furnival Street, London, EC4A 1AB
Working arrangements
Your primary location will be Finlaison House and you will be expected to work on-site as necessary to complete the work on the on premise server. GAD supports remote working when possible.
Security clearance
SC clearance

Additional information

Additional terms and conditions
All expenses must be pre-agreed between the parties and must comply with the Government Actuary's Department Travel and Subsistence (T&S) Policy.

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Essential skills and experience
  • Have demonstrable experience installing and configuring on premise Linux servers to a high standard and in line with NCSC guidelines, in particular ensuring the security of data on the server
  • Ability to work with a varied delivery team
Nice-to-have skills and experience
  • Can demonstrate that they have the ability to identify opportunities to improve IT service offering
  • Have experience using Agile

How suppliers will be evaluated

All suppliers will be asked to provide a work history.

How many specialists to evaluate
5
Cultural fit criteria
  • Work as a team with our organisation and other suppliers
  • Be transparent and collaborative when making decisions
  • Take responsibility for their work
  • Share knowledge and experience with other team members
Additional assessment methods
Interview
Evaluation weighting

Technical competence

65%

Cultural fit

10%

Price

25%

Questions asked by suppliers

1. Is there an incumbent/preferred supplier?
There is no incumbent or preferred supplier.
2. What is the estimated duration/budget for this role?
The estimated duration is 1-2 weeks. The estimated budget is £3,000 - 6,000.
3. Will the specialist require an existing SC Clearance or will you sponsor it?
We will consider sponsoring SC clearance for suppliers in line with HMG Personnel Security and National Security Vetting Policy:

"It is government policy that individuals should not be expected to hold an existing security clearance in order to apply for posts that require vetting, except where such posts are short term and need to be filled urgently."
4. 1. Is the rate inside IR35?
2. Are you open to processing SC clearance for an eligible candidate?
3. How long is the contract for?
1. The rate is inside IR35.

2. GAD will consider sponsoring SC clearance for a supplier.

3. The contract duration is estimated at 1-2 weeks.
5. Will you put someone through SC Clearance or do they need have previous/current clearance?
GAD will consider sponsoring SC clearance for suppliers in line with HMG Personnel Security and National Security Vetting Policy:

"It is government policy that individuals should not be expected to hold an existing security clearance in order to apply for posts that require vetting, except where such posts are short term and need to be filled urgently."
6. Is there an incumbent supplier in place?
There is not an incumbent supplier in place.
7. Please can you confirm the contract duration?
The contract duration is estimated at 1-2 weeks.
8. What is the expected length of contract?
The estimated contract length is 1-2 weeks.
9. Can the resource being supplied be based outside of the UK, with the limited company through which the resource is provided be UK-based?
It is expected that the primary location will be Finlaison House and you will be expected to work on-site as necessary to complete the work on the on-premise server. Any resource provided will need to be available to work within the UK, specifically London to complete any on-premise work as required.
10. Will this role be considered inside or outside IR35?
This role is inside IR35.
11. Is there an incumbent?
No, there is no incumbent supplier.
12. This appears to be a short term contract of 5-10 days. If this is the case, the buyer will find it difficult to get candidates inside IR35 and the buyer should also not be taking the trouble of processing SC clearance, which itself can take around 6 weeks. They should look for already SC cleared candidates and take this role outside IR35. If they want to do it inside IR35 and sponsor SC then they need to have a longer contract term – at least 3 months, which looking at the budget, may not be feasible.
This is a short term contract of around 5-10 days. GAD will look for SC cleared candidates initially. GAD does not intend to change the terms of the contract to move it outside IR35.