MoD

Cyber Attack Recovery Planning (CARP) Cyber Security Business Analyst

7 Incomplete applications

6 SME, 1 large

10 SME, 1 large

Specialist role: Business analyst
Off-payroll (IR35) determination: Supply of resource: the off-payroll rules will apply to any workers engaged through a qualifying intermediary, such as their own limited company
Summary of the work: There is a requirement to deliver short-term outputs/gains to develop MOD capability to 'Recover' from a Cyber-Attack. The Discovery Phase for Cyber Attack Recovery Planning (CARP) highlighted 14 areas where immediate benefit can be realised in defence recovery. The requirement involves enabling an improved stance against these areas.
Latest start date: Wednesday 25 May 2022
Expected contract length: The resource is required until the 31st October 2022
Location: South West England
Organisation the work is for: MoD
Maximum day rate

Early market engagement
Who the specialist will work with: Resilient by Design Project Board
Theme Lead
Cyber Attack Recovery Planning Project Manager
Principal Technical Consultant
Cyber Security Consultant
Defensive Cyber Future - Project Manager - CRP
Policy team - CRP
What the specialist will work on: 1. Assess the maturity of existing systems and processes based on whether they meet a set of identified recovery best practices (Short Term Gains).

2. Support the Cyber Security Consultant in delivering the technical strategy for enabling an improved stance against the recovery best practices to reduce cyber risk and to improve MOD capability to recover from a cyber attack.

3. Data capture from system owners to measure and report on performance.

Address where the work will take place: MoD Corsham, MoD London or Remotely
Working arrangements: Your primary location will be a hybrid of remote working, MOD Corsham and possibly MOD Main Building London .
Expenses will be within your daily rate for your regular work location. Additional travel expenses will be available should you need to travel to other sites beyond MOD Corsham,. The MOD supports flexible working (when possible), at the discretion of the programme manager.
Security clearance: Active SC clearance is required by the start date of the contract and this will not be sponsored by the MOD.

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Essential skills and experience: Have proven experience within MOD (or a similar sector) and comprehensive knowledge of Cyber security NIST Framework
Nice-to-have skills and experience: . Worked on similar projects within the cyber 'Recover' space.

BSc/BA in Computer Science, Engineering or relevant field; graduate degree.

All suppliers will be asked to provide a work history.

How many specialists to evaluate

Cultural fit criteria

Work as a team with our organisation and other suppliers
Be transparent and collaborative when making decisions
Have a no-blame culture and encourage people to learn from their mistakes
Take responsibility for their work share knowledge and experience with other team members

Additional assessment methods

Interview

Evaluation weighting

Technical competence

50%

Cultural fit

15%

Price

35%

1. Is this inside or outside ir35?: inside
2. Could we know if there is an incumbent consulting partner who has conducted the review culminating in the 14 areas for focus?: The 14 areas for focus were delivered by a previous delivery partner. There is currently no incumbent.
3. Has MoD already conducted a table top exercise to generate these known areas for focus? Are we assuming that the role is concerned with execution activities, please? Many thanks!: The areas were derived from industry best practices. The role will involve executing a strategy to implement these.