WP1602 - Certification Lead for GOV.UK Verify
2 Incomplete applications
1 SME, 1 large
5 Completed applications
4 SME, 1 large
- Monday 23 April 2018
- Deadline for asking questions
- Wednesday 25 April 2018 at 11:59pm GMT
- Closing date for applications
- Monday 30 April 2018 at 11:59pm GMT
- Specialist role
- Cyber security consultant
- Summary of the work
- GOV.UK Verify has ongoing activity in regards certification documentaiton. This supports deceloping LOA models and reviews reliying partners certification needs and requirements. We need an Information Assurance professional, with knowledge of identity related digital certification models, to undertake this options analysis, alongside the identity team.
- Latest start date
- Monday 28 May 2018
- Expected contract length
- 6 months
- Organisation the work is for
- Goverment Digital Service part of Cabinet Office
- Maximum day rate
About the work
- Early market engagement
- Who the specialist will work with
- The specialist will be working with the identity standards and fraud prevention team in the GDS identity assurance programme. This includes two identity advisors and two identity fraud analysts. They will be working independently on the project, but will be involved in regular face to face meetings and team collaboration in order to share and incorporate essential knowledge into the model.
- What the specialist will work on
Cyber security consultant
Minimise the chance of data or information systems security breaches. Ensure information is protected against unauthorised or unintended access. Put systems in place to prevent data destruction or disruption.
- Address where the work will take place
- Working arrangements
Work no more than two (2) days a week from 9am - 5.30pm, for 6 months. Expected to use conference capabilties, google hangouts, email, Slack and other channels to keep in contact with the team when working remotely. Will produce, develop and update technical documentation and options papers, as well as attending team meetings, such as stand-ups, planning and retrospectives.
The intermediaries legislation doesn't apply to this engagement: this is out of scope for IR35.
- Security clearance
- SC clearance is essential; DV would be advantageous
- Additional terms and conditions
"All expenses must be pre-agreed with between the parties and must comply with the Cabinet Office (CO) Travel and Subsistence (T&S) Policy."
"All vendors are obliged to provide sufficient guarantees to implement appropriate technical and organisational measures so that the processing meets the requirements of GDPR and ensures the protection of the rights of data subjects. For further information please see the Information Commissioner's Office website:https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/"
Skills and experience
Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.
- Essential skills and experience
- Minimum five years experience to show: An understanding of certification models for assessing identity related digital and technology services
- Minimum five years experience to show: A background in information assurance, security, audit and certification
- Minimum five years experience to show: An understanding of the identity assurance and identity standards for UK government
- Minimum five years experience to show: Experience of passing on knowledge in a clear and structured manner
- Minimum five years experience to show: Ability to work independently in a fast paced environment
- Nice-to-have skills and experience
- Minimum five years experience to show: Experience implementing a certification model(s) for an existing digital service
- Minimum five years experience to show: Previous experience working in or working closely with a government department
- Minimum five years experience to show: Previously audited or worked on an identity related service during audit
- Minimum five years experience to show: Experience of public/private sector relationships
- Minimum five years experience to show: Demonstrable knowledge of security risks to digital identity services
How suppliers will be evaluated
- How many specialists to evaluate
- Cultural fit criteria
- Collaborative worker, with a good approach to knowledge sharing
- Committed to team working and open to team feedback
- Enjoys working in an open and transparent environment
- Willing to work according to Agile practises
- Adaptable and keen to expand knowledge base
- Assessment methods
- Work history
- Evaluation weighting
Questions asked by suppliers
- 1. Good morning - Can you confirm if this role is for 2 days a week in total or 5 days a week with 2 days in the London Office?
- The role is 2 days a week in total.
- 2. You mention the work is 2 days in total and the specialist is expected to use conference capabilities, google hangouts, email, Slack and other channels to keep in contact with the team when working remotely. Does Does this mean the 2 days work in total is working remotely? Or will they be occasionally working remotely?
- The specialist can work remotely or in the office (or a combination) for the 2 days - once the activity and responsibilities have been fully agreed with the team and the supplier. However, when they are remote we need to be able to have full online contact as described.
- 3. Will you accept a specialist who’s SC clearance has lapsed, but has a BPSS clearance, it takes 4 weeks to upgrade a BPSS clearance to a SC Clearence, does this fit with your timeframe?
- We are ok with BPSS clearance to start the specialist and are ok with the delay in the SC application providing they have held SC previously. We would still require the specialist to go through SC application and in addition that the supplier bears the full cost of the new SC application.