Awarded to Cyber Security Specialists Limited

Start date: Monday 25 April 2022
Value: £189,000
Company size: SME
Department of Work & Pensions

Security Architect

10 Incomplete applications

8 SME, 2 large

13 Completed applications

13 SME, 0 large

Important dates

Published
Tuesday 22 March 2022
Deadline for asking questions
Thursday 24 March 2022 at 11:59pm GMT
Closing date for applications
Tuesday 29 March 2022 at 11:59pm GMT

Overview

Specialist role
Cyber security consultant
Off-payroll (IR35) determination
Supply of resource: the off-payroll rules will apply to any workers engaged through a qualifying intermediary, such as their own limited company
Summary of the work
Lead, deliver and support the technical and security architecture design elements of DWP Digital projects / initiatives.
Own the security product architecture, develop security product roadmaps and represent product designs at governance forums.
Provide clear communication of security architecture design and decision making.
Latest start date
Sunday 10 April 2022
Expected contract length
Maximum contract length will be 12 months, initial statement of works will be for 6 months
Location
No specific location, for example they can work remotely
Organisation the work is for
Department of Work & Pensions
Maximum day rate

About the work

Early market engagement
Who the specialist will work with
DWP Digital seek an exceptional experienced Security Architect to join a new function in the Digital Architecture team, creating a Secure Design team that will ensure security architecture considerations are built into all DWP Digital solution designs from the outset. These roles will engage with, and sometimes be embedded in, projects from the Discovery phase and throughout the life cycle through to disposal, and will be based across our Digital Hubs.
What the specialist will work on
Work with engineering teams, and other Digital colleagues, to create VFM solution designs.
Own the security product architecture, develop security product roadmaps and represent product designs at governance forums.
Provide clear communication of security architecture design and decision making, in order to gain approval to proceed with designs.
Lead discussions with senior stakeholders to create security solution options and recommendations - during project discovery and inception phases.
Provide expert advice to other Solution Architects to drive technology choice decisions.
Contribute to, and build capability in, the DWP Architecture community, and in particular its security expertise.

Work setup

Address where the work will take place
The supplier will work remotely however in line with DWP Hybrid working the supplier must be aligned to a DWP Technology Hub either Manchester or Newcastle Upon Tyne
Working arrangements
In line with DWP Hybrid working policy the individual will be required to work from the DWP Technology Hub 2 days per week and remotely 3 days per week. Expenses will not be covered.
Should the individual be required to attend another DWP Site than expenses will be covered in line with DWP Expenses policy
Security clearance
The appointed individual will require a minim of SC Clearance

Additional information

Additional terms and conditions
N/A

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Essential skills and experience
  • Application Architecture design and modelling techniques, tools and standards.
  • Application Security Testing e.g. OWASP and Secure Code Assessment tools, and security of container/cluster based solutions e.g. Docker, Kubernetes.
  • Identity Management and federation including SSO.
  • Cloud Acceleration, SD-WAN, DDoS and network based controls.
  • Cloud based assurance and risk models and their application, including NIST and other associated frameworks.
  • Information Security innovation as part of the future of Application Reference Architecture.
Nice-to-have skills and experience
  • • Azure/AWS Architecture certified.
  • • CCSK Certified /CCSP Certified.
  • • Certified Information Systems Security Professional (CISSP).
  • • Certified Information Security Manager (CISM).

How suppliers will be evaluated

All suppliers will be asked to provide a work history.

How many specialists to evaluate
5
Cultural fit criteria
  • • Describe how your organisation would perform the contract to ensure staff mental health, is promoted, and how you would monitor and measure this?
  • Describe how your organisation would perform the contract to encourage increased representation of Black, Asian and Minority Ethnic representation in the workforce, and how you would measure this?
Additional assessment methods
Interview
Evaluation weighting

Technical competence

60%

Cultural fit

10%

Price

30%

Questions asked by suppliers

1. Is there an incumbent
No there is no incumbent supplier for this area within DWP.
2. Do you accept individuals willing to go through SC Clearance or you expecting a resource with SC before starting work?
The resource must be SC cleared prior to starting work.
3. Could the contracting authority confirm a budget
DWP declines to answer this question.
4. Supply of resource: the off-payroll rules will apply to any workers engaged through a qualifying intermediary, such as their own limited company”
Mean “inside IR35”, plainly. Thanks!
Guidance to the above question can be found on: https://www.gov.uk/guidance/understanding-off-payroll-working-ir35
5. Can the client accept any flexibility on the hybrid working pattern.
Yes supplier will be aligned to a technology hub for DWP and will be expected to travel for occasional meetings in those locations. Expenses for travel will be covered under the DWP travel & Expenses policy