Her Majesty's Passport Office - Cyber Security Architect

Description

Summary of the work Design & deliver, secure (agile driven), cloud based, security architecture. Ensure that specified security controls/counter-measures mitigate, minimise, or treat discovered risks are pragmatic, appropriate and cost effective Technical assurance of projects to ensure they comply with the security architecture, covers both new systems and their integration with legacy. Specialist role Cyber security consultant Expected Contract Length 24Months total-Initial 12months-further period up to 12months depending on business need&performance Latest start date Tuesday 31 July 2018 Maximum Day Rate The maximum day rate has been left blank intentionally; we will assess the day rate for suppliers using the evaluation weighting we have disclosed on the requirements. Who Speclialist Work With You will work as part of a Technical Design Authority who are responsible for specific domains. They will need to collaborate closely with delivery teams in a multi-supplier environment. What Specialists Work On 1. Defining the security architecture for our digital platform (Platform, endpoints, networks & application) 2. Demonstrating how security architecture addresses technical risks identified by independent IA team 3. Assuring end to end technical security where shared solutions are being used 4. Focus is on cloud architectures but will also include Crown Hosted solutions where applicable Skills & Experience • Have proven track record of designing accredited cloud based security architectures for large and complex organisations • Have in depth knowledge of AWS security tools, open source security controls and experience of Automated security testing tools • In depth understanding of cloud technologies. Specifically, secured cloud solutions previously on cloud platforms (e.g. MS, AWS, Google, Skyscape ) • Experience of a broad range of networks and underlying IT technologies and environments (e.g. container technologies like Docker and Kubernetes) • In depth understanding of cloud based, open source and traditional security technologies, controls and an in depth understanding of security specific protocols (e.g. TLS, Kerberos and SAML) • Lead IA/Security Architect (LCCP) and Certified Senior Information Risk Adviser (SCCP) Nice to Haves • Experience of HMPO systems or similar government operational systems and scale • Experience of GDS best practices Work Location London, Westminster Working Arrangments Typically on-site with wider team and clients in an Agile environment. Some site visits. Use of Confluence, Jira and ardoq are the tools used to track progress against deliverables. Security Clearance SC Clearance is required. HM Passport Office will support the clearance process. No. of Specialists to Evaluate 3 Cultural Fit Criteria • Work as a team with our organisation and other suppliers • Be transparent and collaborative • Be comfortable standing up for their discipline • Have a no-blame culture and take responsibility for their work Evaluation Weighting Technical competence 65% Cultural fit 15% Price 20% Questions from Suppliers 1. What is the IR35 status? We expect this engagement to be outside IR35, however status is assessed on a case-by-case basis. 2. Does the Architect need to hold BOTH Lead IA and Senior SIRA qualifications, or one of? Yes, the Architect needs to hold BOTH Lead IA and Senior SIRA qualifications. 3. Can the Architect hold Senior IA certificate instead of Lead Status? The Architect needs to have lead status. 4. Is this role full time? Yes 5. Can you confirm you need the individual to hold Senior SIRA status? Would ex-CLAS be sufficient? The individual needs to hold Senior SIRA status. ex-Class is NOT sufficient. 6. Is there a current incumbent with his/her contract coming to an end? There is currently an incumbent currently in the role. 7. Could you please confirm the pay rate for the Cyber Security Architect role. The day rate has been left blank intentionally; we will assess the day rate for suppliers using the evaluation weighting we have disclosed on the requirements. 8. Please can you advise if the incumbent consultant is permitted to submit a response to this requirement? The present incumbent supplier can submit a response for this opportunity should they wish.