This opportunity is closed for applications

The deadline was Tuesday 10 May 2022

Cyber Attack Recovery Planning (CARP) Cyber Security Business Analyst

7 Incomplete applications

6 SME, 1 large

11 Completed applications

10 SME, 1 large

Important dates

Tuesday 3 May 2022
Deadline for asking questions
Thursday 5 May 2022 at 11:59pm GMT
Closing date for applications
Tuesday 10 May 2022 at 11:59pm GMT


Specialist role
Business analyst
Off-payroll (IR35) determination
Supply of resource: the off-payroll rules will apply to any workers engaged through a qualifying intermediary, such as their own limited company
Summary of the work
There is a requirement to deliver short-term outputs/gains to develop MOD capability to 'Recover' from a Cyber-Attack. The Discovery Phase for Cyber Attack Recovery Planning (CARP) highlighted 14 areas where immediate benefit can be realised in defence recovery. The requirement involves enabling an improved stance against these areas.
Latest start date
Wednesday 25 May 2022
Expected contract length
The resource is required until the 31st October 2022
South West England
Organisation the work is for
Maximum day rate

About the work

Early market engagement
Who the specialist will work with
Resilient by Design Project Board
Theme Lead
Cyber Attack Recovery Planning Project Manager
Principal Technical Consultant
Cyber Security Consultant
Defensive Cyber Future - Project Manager - CRP
Policy team - CRP
What the specialist will work on
1. Assess the maturity of existing systems and processes based on whether they meet a set of identified recovery best practices (Short Term Gains).

2. Support the Cyber Security Consultant in delivering the technical strategy for enabling an improved stance against the recovery best practices to reduce cyber risk and to improve MOD capability to recover from a cyber attack.

3. Data capture from system owners to measure and report on performance.

Work setup

Address where the work will take place
MoD Corsham, MoD London or Remotely
Working arrangements
Your primary location will be a hybrid of remote working, MOD Corsham and possibly MOD Main Building London .
Expenses will be within your daily rate for your regular work location. Additional travel expenses will be available should you need to travel to other sites beyond MOD Corsham,. The MOD supports flexible working (when possible), at the discretion of the programme manager.
Security clearance
Active SC clearance is required by the start date of the contract and this will not be sponsored by the MOD.

Additional information

Additional terms and conditions

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Essential skills and experience
Have proven experience within MOD (or a similar sector) and comprehensive knowledge of Cyber security NIST Framework
Nice-to-have skills and experience
  • . Worked on similar projects within the cyber 'Recover' space.
  • BSc/BA in Computer Science, Engineering or relevant field; graduate degree.

How suppliers will be evaluated

All suppliers will be asked to provide a work history.

How many specialists to evaluate
Cultural fit criteria
  • Work as a team with our organisation and other suppliers
  • Be transparent and collaborative when making decisions
  • Have a no-blame culture and encourage people to learn from their mistakes
  • Take responsibility for their work share knowledge and experience with other team members
Additional assessment methods
Evaluation weighting

Technical competence


Cultural fit




Questions asked by suppliers

1. Is this inside or outside ir35?
2. Could we know if there is an incumbent consulting partner who has conducted the review culminating in the 14 areas for focus?
The 14 areas for focus were delivered by a previous delivery partner. There is currently no incumbent.
3. Has MoD already conducted a table top exercise to generate these known areas for focus? Are we assuming that the role is concerned with execution activities, please? Many thanks!
The areas were derived from industry best practices. The role will involve executing a strategy to implement these.