Government Digital Service

WP1633 Investigating Threats to Verify

Incomplete applications

5
Incomplete applications
4 SME, 1 large

Completed applications

4
Completed applications
3 SME, 1 large
Important dates
Opportunity attribute name Opportunity attribute value
Published Tuesday 26 June 2018
Deadline for asking questions Thursday 28 June 2018 at 11:59pm GMT
Closing date for applications Tuesday 3 July 2018 at 11:59pm GMT

Overview

Overview
Opportunity attribute name Opportunity attribute value
Specialist role Cyber security consultant
Summary of the work Cyber security and identity risk advisor to conduct ongoing research into risks and threats to the UK identity ecosytem.
Latest start date Monday 30 July 2018
Expected contract length 6 months
Location London
Organisation the work is for Government Digital Service
Maximum day rate 550

About the work

About the work
Opportunity attribute name Opportunity attribute value
Early market engagement
Who the specialist will work with The Identity Standards and Fraud Prevention team are responsible for understanding the risks and threats of identity crime and identity fraud from organised crime groups and other threat actors. This is undertaken in partnership with the public, private and academic sector. This research is the key component used for the the development and design of the UK government's identity standards and assurance model.
What the specialist will work on Research focused on threats to the identity ecosystem that could be used by a fraudster trying to get through the identity verification process. This work will review existing models for indicative costs for different sources of identity evidence and availability relating to specific countries. The specialist will be expected to monitor and assess trends in identity fraud on the dark web and work with the Security Operations team to use this information to combat identity fraud.

Work setup

Work setup
Opportunity attribute name Opportunity attribute value
Address where the work will take place Government Digital Service, The White Chapel Building, 10 Whitechapel High Street, London, E1 8QS
Working arrangements The project will last for 6 months.
At the end of the second month an initial findings report will be established.
At the end of month 3 an agreed template for reporting will be created which will include additional findings to month 2.
From months 4 through 6, reports will be finalised and provided to the agreed template.
Weekly updates on progress will be provided to the Identity Standards and Fraud team. Where individuals opt to work remotely, face to face meetings will be scheduled every 2 weeks at GDS in London.
Security clearance Minimum Baseline Personnel Security Standard

Additional information

Additional information
Opportunity attribute name Opportunity attribute value
Additional terms and conditions "All expenses must be pre-agreed with between the parties and must comply with the Cabinet Office (CO) Travel and Subsistence (T&S) Policy."

"All vendors are obliged to provide sufficient guarantees to implement appropriate technical and organisational measures so that the processing meets the requirements of GDPR and ensures the protection of the rights of data subjects. For further information please see the Information Commissioner's Office website:https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr"

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Skills and experience
Opportunity attribute name Opportunity attribute value
Essential skills and experience
  • Minimum 5 years experience analysing the risks and threats to identity ecosystems in the UK and globally
  • Minimum 5 years previous experience utilising the dark web and analysing the capabilities and behaviours of organised crime
  • Minimum 5 years academic research experience into cybersecurity and identity risks
  • Previous experience of working or collaborating with law enforcement, security and military organisations on cybersecurity and identity risks
Nice-to-have skills and experience
  • 2+ years experience working within or with UK government
  • Knowledge of international identity documents
  • Understanding of the UK government's identity and assurance model
  • Working proficiency in multiple languages

How suppliers will be evaluated

How suppliers will be evaluated
Opportunity attribute name Opportunity attribute value
How many specialists to evaluate 3
Cultural fit criteria
  • Adaptable and flexible worker
  • Keen to develop new skillsets and competencies
  • Previously worked, or open to working in an agile environment
Assessment methods
  • Work history
  • Interview
Evaluation weighting

Technical competence

65%

Cultural fit

15%

Price

20%

Questions asked by suppliers

Questions asked by suppliers
Supplier question Buyer answer
1. 1. What is the IR35 status? IR35 is tax legislation. This role is not in scope of IR35
2. 2. Is there a current incumbent Supplier? Yes
3. Please can you confirm the IR35 status of this position and whether or not there is an incumbent in this position? IR35 is tax legislation. This role is not in scope of IR35. There is a current incumbent
4. Can the authority please confirm the IR35 status of this role This role is not in scope of IR35
5. Is there a current incumbent within this position Yes
6. Could you please confirm the IR35 status? This role is not in scope of IR35
7. Is there an incumbent in post? Yes
8. Please can you clarify what you mean by “multiple languages” i.e. development/linguistic? And which languages are preferred? This refers to an applicant having the ability to read, write and speak multiple languages, including those commonly utilised during online transactions. Fluency in languages additional to English would be beneficial.
9. Has the role been evaluated in regards to IR35 please? This role is not in scope of IR35
10. Is there an incumbent in place currently please? Yes