Awarded to EP90group Ltd

Start date: Monday 30 July 2018
Value: £70,400
Company size: SME

Government Digital Service

WP1633 Investigating Threats to Verify

5 Incomplete applications

4 SME, 1 large

4 Completed applications

3 SME, 1 large

• Published: Tuesday 26 June 2018
• Deadline for asking questions: Thursday 28 June 2018 at 11:59pm GMT
• Closing date for applications: Tuesday 3 July 2018 at 11:59pm GMT

Overview

• Specialist role: Cyber security consultant
• Summary of the work: Cyber security and identity risk advisor to conduct ongoing research into risks and threats to the UK identity ecosytem.
• Latest start date: Monday 30 July 2018
• Expected contract length: 6 months
• Location: London
• Organisation the work is for: Government Digital Service
• Maximum day rate: 550

About the work

• Who the specialist will work with: The Identity Standards and Fraud Prevention team are responsible for understanding the risks and threats of identity crime and identity fraud from organised crime groups and other threat actors. This is undertaken in partnership with the public, private and academic sector. This research is the key component used for the the development and design of the UK government's identity standards and assurance model.
• What the specialist will work on: Research focused on threats to the identity ecosystem that could be used by a fraudster trying to get through the identity verification process. This work will review existing models for indicative costs for different sources of identity evidence and availability relating to specific countries. The specialist will be expected to monitor and assess trends in identity fraud on the dark web and work with the Security Operations team to use this information to combat identity fraud.

Work setup

• Address where the work will take place: Government Digital Service, The White Chapel Building, 10 Whitechapel High Street, London, E1 8QS
• Working arrangements: The project will last for 6 months. ; At the end of the second month an initial findings report will be established. ; At the end of month 3 an agreed template for reporting will be created which will include additional findings to month 2. ; From months 4 through 6, reports will be finalised and provided to the agreed template.; Weekly updates on progress will be provided to the Identity Standards and Fraud team. Where individuals opt to work remotely, face to face meetings will be scheduled every 2 weeks at GDS in London.
• Security clearance: Minimum Baseline Personnel Security Standard

Additional information

• Additional terms and conditions: "All expenses must be pre-agreed with between the parties and must comply with the Cabinet Office (CO) Travel and Subsistence (T&S) Policy."; ; "All vendors are obliged to provide sufficient guarantees to implement appropriate technical and organisational measures so that the processing meets the requirements of GDPR and ensures the protection of the rights of data subjects. For further information please see the Information Commissioner's Office website:https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr"

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

• Essential skills and experience:
  • Minimum 5 years experience analysing the risks and threats to identity ecosystems in the UK and globally
  • Minimum 5 years previous experience utilising the dark web and analysing the capabilities and behaviours of organised crime
  • Minimum 5 years academic research experience into cybersecurity and identity risks
  • Previous experience of working or collaborating with law enforcement, security and military organisations on cybersecurity and identity risks
• Nice-to-have skills and experience:
  • 2+ years experience working within or with UK government
  • Knowledge of international identity documents
  • Understanding of the UK government's identity and assurance model
  • Working proficiency in multiple languages

How suppliers will be evaluated

• How many specialists to evaluate: 3
• Cultural fit criteria:
  • Adaptable and flexible worker
  • Keen to develop new skillsets and competencies
  • Previously worked, or open to working in an agile environment
• Assessment methods:
  • Work history
  • Interview
• Evaluation weighting:

  Technical competence

  65%

  Cultural fit

  15%

  Price

  20%

Questions asked by suppliers

• 1. 1. What is the IR35 status?: IR35 is tax legislation. This role is not in scope of IR35
• 2. 2. Is there a current incumbent Supplier?: Yes
• 3. Please can you confirm the IR35 status of this position and whether or not there is an incumbent in this position?: IR35 is tax legislation. This role is not in scope of IR35. There is a current incumbent
• 4. Can the authority please confirm the IR35 status of this role: This role is not in scope of IR35
• 5. Is there a current incumbent within this position: Yes
• 6. Could you please confirm the IR35 status?: This role is not in scope of IR35
• 7. Is there an incumbent in post?: Yes
• 8. Please can you clarify what you mean by “multiple languages” i.e. development/linguistic? And which languages are preferred?: This refers to an applicant having the ability to read, write and speak multiple languages, including those commonly utilised during online transactions. Fluency in languages additional to English would be beneficial.
• 9. Has the role been evaluated in regards to IR35 please?: This role is not in scope of IR35
• 10. Is there an incumbent in place currently please?: Yes