Goverment Digital Service part of Cabinet Office

WP1602 - Certification Lead for GOV.UK Verify

2 Incomplete applications

1 SME, 1 large

4 SME, 1 large

Specialist role: Cyber security consultant
Summary of the work: GOV.UK Verify has ongoing activity in regards certification documentaiton. This supports deceloping LOA models and reviews reliying partners certification needs and requirements. We need an Information Assurance professional, with knowledge of identity related digital certification models, to undertake this options analysis, alongside the identity team.
Latest start date: Monday 28 May 2018
Expected contract length: 6 months
Location: London
Organisation the work is for: Goverment Digital Service part of Cabinet Office
Maximum day rate: £750

Early market engagement
Who the specialist will work with: The specialist will be working with the identity standards and fraud prevention team in the GDS identity assurance programme. This includes two identity advisors and two identity fraud analysts. They will be working independently on the project, but will be involved in regular face to face meetings and team collaboration in order to share and incorporate essential knowledge into the model.
What the specialist will work on: Cyber security consultant
Minimise the chance of data or information systems security breaches. Ensure information is protected against unauthorised or unintended access. Put systems in place to prevent data destruction or disruption.

Address where the work will take place: London
Working arrangements: Work no more than two (2) days a week from 9am - 5.30pm, for 6 months. Expected to use conference capabilties, google hangouts, email, Slack and other channels to keep in contact with the team when working remotely. Will produce, develop and update technical documentation and options papers, as well as attending team meetings, such as stand-ups, planning and retrospectives.
The intermediaries legislation doesn't apply to this engagement: this is out of scope for IR35.
Security clearance: SC clearance is essential; DV would be advantageous

Additional terms and conditions: "All expenses must be pre-agreed with between the parties and must comply with the Cabinet Office (CO) Travel and Subsistence (T&S) Policy."

"All vendors are obliged to provide sufficient guarantees to implement appropriate technical and organisational measures so that the processing meets the requirements of GDPR and ensures the protection of the rights of data subjects. For further information please see the Information Commissioner's Office website:https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/"

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Essential skills and experience: Minimum five years experience to show: An understanding of certification models for assessing identity related digital and technology services

Minimum five years experience to show: A background in information assurance, security, audit and certification

Minimum five years experience to show: An understanding of the identity assurance and identity standards for UK government

Minimum five years experience to show: Experience of passing on knowledge in a clear and structured manner

Minimum five years experience to show: Ability to work independently in a fast paced environment
Nice-to-have skills and experience: Minimum five years experience to show: Experience implementing a certification model(s) for an existing digital service

Minimum five years experience to show: Previous experience working in or working closely with a government department

Minimum five years experience to show: Previously audited or worked on an identity related service during audit

Minimum five years experience to show: Experience of public/private sector relationships

Minimum five years experience to show: Demonstrable knowledge of security risks to digital identity services

How many specialists to evaluate

Cultural fit criteria

Assessment methods

Evaluation weighting

Technical competence

65%

Cultural fit

15%

Price

20%

1. Good morning - Can you confirm if this role is for 2 days a week in total or 5 days a week with 2 days in the London Office?: The role is 2 days a week in total.
2. You mention the work is 2 days in total and the specialist is expected to use conference capabilities, google hangouts, email, Slack and other channels to keep in contact with the team when working remotely. Does Does this mean the 2 days work in total is working remotely? Or will they be occasionally working remotely?: The specialist can work remotely or in the office (or a combination) for the 2 days - once the activity and responsibilities have been fully agreed with the team and the supplier. However, when they are remote we need to be able to have full online contact as described.
3. Will you accept a specialist who’s SC clearance has lapsed, but has a BPSS clearance, it takes 4 weeks to upgrade a BPSS clearance to a SC Clearence, does this fit with your timeframe?: We are ok with BPSS clearance to start the specialist and are ok with the delay in the SC application providing they have held SC previously. We would still require the specialist to go through SC application and in addition that the supplier bears the full cost of the new SC application.