Her Majesty's Passport Office - API & Application Security Specialist (Cloud)
Published
Description
Summary of the work Hands-on specialist required to work with multiple teams developing public/private API, Web Interfaces utilising AWS products, to identify security requirements, design/develop and document the required security controls and components, provide in-depth technology input to other technology stakeholders, and be responsible for low level security design. Specialist role Developer Expected Contract Length Up to 2 years Latest start date Monday 30 July 2018 Who Speclialist Work With Specialist will work closely with the Lead Architect and will be required to collaborate with DevOps, Developers, Security Architect, Information Assurance to produce low level technical security designs for AWS hosted solutions, establishing security best practices in API/application development, contributing to evaluation of new products from a security perspective. What Specialists Work On Hands-on specialist to identify the security needs working with multiple teams developing public/private API, Web Interfaces utilising AWS products. Design/develop and document required security controls and components in collaboration with Tech Leads and Architects. Provide in-depth technology input to other technology stakeholders and be responsible for low level security design. Evaluation and implementation of the new products from security perspective 50/50 Code and Security Documentation split Detailed design and implementation of the PAM, IDS, DLP in AWS Prepare and present necessary security governance documentation in collaboration with Security Architect Define the counter measures for security risks and actively implement. Skills & Experience • Have demonstrable experience of of AWS services and AWS security best practices. • Have demsontrable experience of implementing prevention and proactive monitoring of advanced security attacks and emerging attack vectors. • Have demonstrable experience in API security (SOAP/REST) and industry standard best practices to secure a public/private API hosted in cloud. • Have demonstrable experience of implementing security aspects of application development cycle CI/CD. • Have demonstrable experience of successfully delivering digital solutions that collect and manage personal and/or sensitive information with appropriate controls and protection. • Have demonstrable hands-on development experience utilising Java, API Gateway/Management & Policy frameworks, SOAP & Resful APIs, JWT, JWS/JWE, JOSE.. • Have demonstrable experience of documenting low level security design and ability to work in a established design and governance process. Nice to Haves • Have demonstrable experience of security tools and techniques (PKI, PAM, IAM, Protective Monitoring, Firewall, Audit, SSL/TLS, API Gateways, AV, IDS/IPS/HIDS, Pen-testing) • Have demonstrable experience of security protocols OAUTH, OIDC, SAML, SSO and MFA. • Have demonstrable experience of successfully design, implementation and migration of SOAP based API services from legacy technologies utilising Amazon AWS. • Have demonstrable experience of migrating applications and services from traditional data centre and infrastructure, network, to AWS cloud. • Have demonstrable experience of implementing NCSC cloud security principles • Have demonstrable experience of migrating services off PSN to public cloud infrastructure. • Should have either vendor or industry standard IT Security certification(s) • Have existing, valid SC Clearance Work Location London, Westminster Working Arrangments We expect the specialist to work collaboratively with Lead Architect and in-house development teams that are transforming the HMPO business processes/applications. Work is based in London and will involve the supplier being on site 5 days per week to work collaboratively with HMPO teams; travel and expenses remains the responsibility of the supplier. Service design and development must align with the HM Passport Office strategic technical architecture and technologies. Security Clearance SC Clearance is required. HM Passport Office will support the clearance process. Additional T&Cs Breakpoints to assess progress and quality will be set by mutual agreement. No. of Specialists to Evaluate 3 Cultural Fit Criteria • Be transparent and collaborative when making decisions. • Can work with clients with low technical expertise. • Able to work within HMPO design, delivery and governance framework. Evaluation Weighting Technical competence 60% Cultural fit 15% Price 25% Questions from Suppliers 1. What is the IR35 status? We expect this engagement to be outside IR35, however status is assessed on a case-by-case basis. 2. Will this role be outside of IR 35? We expect this engagement to be outside IR35, however status is assessed on a case-by-case basis. 3. Is there an incumbent already in this position? There is not an incumbent, this is a new role. 4. IF there is an incumbent, will they be able to use the DOS outcomes to apply for their position again? There is not an incumbent, this is a new role.
Timeline
Publish date
6 years ago
Award date
6 years ago
Buyer information
Explore contracts and tenders relating to Her Majesty’s Passport Office (HMPO)
Go to buyer profileTo save this opportunity, sign up to Stotles for free.
Save in appTender tracking
Access a feed of government opportunities tailored to you, in one view. Receive email alerts and integrate with your CRM to stay up-to-date.
Proactive prospecting
Get ahead of competitors by reaching out to key decision-makers within buying organisations directly.
360° account briefings
Create in-depth briefings on buyer organisations based on their historical & upcoming procurement activity.
Collaboration tools
Streamline sales workflows with team collaboration and communication features, and integrate with your favourite sales tools.
Explore other contracts published by Her Majesty’s Passport Office (HMPO)
Explore more open tenders, recent contract awards and upcoming contract expiries published by Her Majesty’s Passport Office (HMPO).
- Awarded
HMPO Enterprise and Solution Architecture Services
Home Office7,500,000 GBPPublished a year ago
- Awarded
Delivery partner for development of a digital death registration service
Her Majesty’s Passport Office (HMPO)4,500,000 GBPPublished 3 years ago
- Awarded
RM3733 - FW: HMPO Entrust Support Contracts
Her Majesty’s Passport Office (HMPO)39,958.94 GBPPublished 3 years ago
- Awarded
Level 2 support for HM Passport Office Digital Services
Her Majesty’s Passport Office (HMPO)4,200,000 GBPPublished 4 years ago
- Awarded
Hardware and Software Support Renewal
Her Majesty’s Passport Office (HMPO)324,081.61 GBPPublished 4 years ago
- Awarded
Standalone System Transformation 2020 Development Delivery
Her Majesty’s Passport Office (HMPO)3,600,000 GBPPublished 4 years ago
- Awarded
Bulk Data Processing Tool (BDPT) Development Team
Her Majesty’s Passport Office (HMPO)2,000,000 GBPPublished 4 years ago
- Awarded
Renewal of Endpoint Protection and Control Compliance Suite - Required by 27/06/
Her Majesty’s Passport Office (HMPO)6,052.15 GBPPublished 4 years ago
Explore more suppliers to Her Majesty’s Passport Office (HMPO)
Sign upExplore top buyers for public sector contracts
Discover open tenders, contract awards and upcoming contract expiries of thousands of public sector buyers below. Gain insights into their procurement activity, historical purchasing trends and more.
Explore top sources for public sector contracts
Stotles aggregates public sector contract data from every major procurement data source. We ingest this data and surface the most relevant insights for our users. Explore our list of public sector procurement data sources below.