Home Office

Cyber Security Operations Centre Technical Specialist copy

Incomplete applications

8
Incomplete applications
6 SME, 2 large

Completed applications

10
Completed applications
9 SME, 1 large
Important dates
Opportunity attribute name Opportunity attribute value
Published Friday 1 February 2019
Deadline for asking questions Tuesday 5 February 2019 at 11:59pm GMT
Closing date for applications Friday 8 February 2019 at 11:59pm GMT

Overview

Overview
Opportunity attribute name Opportunity attribute value
Specialist role Cyber security consultant
Summary of the work Performing monitoring, analysis and recovery procedures of security technologies.
Performing deep-dive incident analysis by correlating data from various sources.
Undertaking targeted cyber-attack analysis and response, and coordinating incident response processes.
Latest start date Friday 1 March 2019
Expected contract length 12 months
Location North West England
Organisation the work is for Home Office
Maximum day rate

About the work

About the work
Opportunity attribute name Opportunity attribute value
Early market engagement
Who the specialist will work with Lead a team of Tier 1 Cyber Security Analysts. Liaise with Tier 2 colleagues, the Cyber Security Operations Centre (CSOC) Manager and Deputy, CSOC Operations and DevOps Team as well as engaging key stakeholders and senior leaders.
What the specialist will work on •Configuring open source toolsets
•Utilising toolsets for analysis e.g. SIEMs (Splunk, ELK, Alien Vault, etc), IDS/IPS (e.g. network and host-based), NAC, FIM, DLP, vulnerability management, network monitoring, Cyber Security Case management (eg SNow).
•TCP/IP protocol suite, LAN/WAN technologies, switching, routing, VoIP and Telephony technologies, firewalls and VPN, intrusion prevention systems (IPS), vulnerability assessment, patch management tools.
•UNIX, Linux, Apple and Windows technologies.
•Protocol analysers and analysing output.
•Monitoring, analysis and recovery procedures of security technologies.
•Performing deep-dive incident analysis, correlating data from various sources
•Targeted cyber-attack analysis, response, and coordinating incident response processes.

Work setup

Work setup
Opportunity attribute name Opportunity attribute value
Address where the work will take place Soapworks,
Salford,
Manchester
Working arrangements Office hours 09:00 - 17:00, Mon - Fri.
Security clearance Requires active SC Level Clearance

Additional information

Additional information
Opportunity attribute name Opportunity attribute value
Additional terms and conditions

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Skills and experience
Opportunity attribute name Opportunity attribute value
Essential skills and experience
  • Have a minimum of 5 years experience in a Cybr Security Operations Centre.
  • Security Information and Event Management (SIEM) platforms, and Case Management
  • Functional experience performing monitoring, analysis and recovery procedures of security technologies
  • Functional experience performing deep-dive incident analysis, correlating data from various sources
Nice-to-have skills and experience

How suppliers will be evaluated

How suppliers will be evaluated
Opportunity attribute name Opportunity attribute value
How many specialists to evaluate 10
Cultural fit criteria
  • Share knowledge and experience with other team members.
  • Work as a team with our organisation and other suppliers.
Assessment methods Work history
Evaluation weighting

Technical competence

70%

Cultural fit

10%

Price

20%

Questions asked by suppliers

Questions asked by suppliers
Supplier question Buyer answer
1. What level of seniority is this role? We are looking for a Tier 2 (Senior Executive Officer) Security Operations Centre Analyst.
2. What is the IR 35 status of the role? This role is outside of IR 35.
3. What is the day date for this role? £450 per day.
4. Is there a current incumbent in role? There is no incumbent in this role, it is vacant.
5. Does the specialist need to hold SC Clearance or will you put an eligible specialist through it? The specialist needs to hold active SC Clearance.
6. What is the maximum day rate for this role? £500 per day.