Awarded to People Source Consulting Ltd

Start date: Monday 21 August 2017
Value: £59,943
Company size: SME
Department for Work and Pensions

DWP – Security Consultant (Security Architect), Design and implementation.

16 Incomplete applications

14 SME, 2 large

15 Completed applications

13 SME, 2 large

Important dates

Published
Friday 23 June 2017
Deadline for asking questions
Friday 30 June 2017 at 11:59pm GMT
Closing date for applications
Friday 7 July 2017 at 11:59pm GMT

Overview

Specialist role
Cyber security consultant
Summary of the work
Design, document and deploy/implement security architecture for key service infrastructure. Using available, applicable best pratice such as SABSA, TOGAF and relevant NCSC guidance.
Latest start date
Monday 7 August 2017
Expected contract length
This will be a two year contract with an initial Statement of Works for up to 4 months
Location
London
Organisation the work is for
Department for Work and Pensions
Maximum day rate
£750

About the work

Early market engagement
Who the specialist will work with
The supplier will be working as a part of a multi-disciplinary team dedicated to the work to migrate the service to a commodity cloud platform. This team consists of internal DevOps, QA, network engineers, Security and delivery / project managers. The team is 10 strong and follows agile processes to prioritise and manage the activities.
What the specialist will work on
In order to ensure that this key DWP application is able to support the scaling and security requirements, it is being re-engineered for resilience and to allow it to operate in a commodity cloud hosting environment. In support of this, Agile and adaptable architecture, design and deployment expertise is required for, production, support and development environments to support risk management activity.

Work setup

Address where the work will take place
Caxton House, London
Working arrangements
On-site in London office for the majority of the time with some scope for remote working. The collaborative nature of the team means that face to face interaction and presence at daily stand-ups is essential.
Security clearance
SC Clearance

Additional information

Additional terms and conditions
DWP additional terms and conditions are specified on our e-procurement system Bravo. https://dwp.bravosolution.co.uk/web/login.shtml

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Essential skills and experience
  • Experience designing and implementing secure, resilient, highly available configurations of infrastructure components- 10%
  • Experience/knowledge of automation of cloud deployments and developing infrastructure as code using terraform- 10%
  • Experience of introducing Network and Application security architectural frameworks within physical and virtual/cloud environments- 10%
  • Experience of cloud migrations for large microservice architectures, incorporating/introducing best security practice- 10%
  • Have immediate capacity to supply one experienced security Architect with (>2 years’ experience/knowledge of) in Terraform, puppet, github, bash, python, java, Mongo, ActiveMQ, jepsen, microservice architectures, commodity cloud environments- 10%
  • Have experience of working within DWP or a comparable organisation within the last 3 years- 10%
  • Experience of aligning activities with other parallel work streams, ensuring quality standards are maintained- 9%
Nice-to-have skills and experience
  • Ability to provide technical leadership in multi-supplier team environments- 3%
  • Experience working with AWS- 3%

How suppliers will be evaluated

How many specialists to evaluate
3
Cultural fit criteria
Please provide two examples of similar projects that you have been involved in that demonstrate your ability to respond to and align with the culture of the project- 5%
Assessment methods
  • Work history
  • Reference
  • Interview
Evaluation weighting

Technical competence

75%

Cultural fit

5%

Price

20%

Questions asked by suppliers

1. Will the role fall within IR35 legislation?
At this time the role has been deemed as outside of IR35 however, should the features of the engagement change, a further assessment will be made which could change the determination.
2. Is the rate of £750 per day to include agency fees, or is this the maximum rate to the worker?
£750 per day is the rate that we intend to pay the supplier that our contract will be with.
3. Will you only consider applicants where the SC clearance has already been obtained and is in place? Or will you consider applicants who do not have current SC clearance, but are willing to undergo the process to obtain it?
All applicants will need to have SC clearance at the time of applying as obtaining this can be a lengthy process that DWP cannot afford to wait for.
4. Could you please clarify the meaning of "Have immediate capacity to supply one experienced security Architect with (>2 years’ experience/knowledge of) in Terraform, ..."? Does this translate to you needing the specialists’ recommendation for a second contractor?
The requirement is for one Security Architect only who fulfils the criteria. As the nature of the engagement is via a Statement of Works, we may accept other suitable candidates for subsequent engagements.
5. Does this fall within the IR35 rules?
At this time the role has been deemed as outside of IR35 however, should the features of the engagement change, a further assessment will be made which could change the determination.
6. Could you please let us know -
1. Maximum number of applications (candidates) we could submit.
2. Date on which the feedback for submitted applications would be provided.
1. Suppliers may only put forward one candidate per specialist opportunity, as per the framework allows.

2. We aim to have scored all responses by 12th July.