OT and IT Cybersecurity Services framework

Concepts

• perth
• computer support
• consultancy services
• network service managed service support
• it cybersecurity services
• it managed services
• it managed services delivery
• managed services
• project delivery services
• professional services

Location

Onsite delivery services to take place in the UK

Description

Scottish Hydro Electric Transmission Plc. (SHET) seeks a skilled provider of Operational Technology (OT) cybersecurity assurance services and IT cybersecurity services. The supplier will act as an independent assurance authority, ensuring that OT systems are designed, delivered and managed in a secure manner and in line with SHET and national standards.

Total Quantity or Scope

Detailed description … SHET seeks suppliers with experience in all of the following;  Audit Review & Compliance  Cyber Security Training & Awareness  Design and Build of Turnkey Cyber Security Services  Digital Forensics  Incident Management & Response  Risk Assessment and Management Services  Security Architecture Services  Security Consultancy  Security Testing  Technical Cyber Assurance  Vulnerability Management  Desirable; o Infrastructure Managed Service Support o Network Service Managed Service Support o IT managed services delivery (including but not limited to networking, infrastructure, cybersecurity) o Vendor Cyber Assurance Managed Services. There may be a future requirement for IT managed services, IT cybersecurity services and project delivery services to be provided by the supplier, so it is desirable that the supplier have the capability to provide IT managed services (for example but not limited to networking, infrastructure, cybersecurity specialisms) and professional services. This may include implementing new security tools or architectures.

Renewal Options

Duration estimate reflects initial term with extension options up to a maximum term of 10 years

CPV Codes

• 72600000 - Computer support and consultancy services

Indicators

• Bids should cover the whole contract.
• Renewals are available.
• Financial restrictions apply.
• Professional qualifications are sought.
• Staff qualifications are relevant.
• Award on basis of price and quality.

Other Information

Among key responsibilities the prospective supplier would provide design assurance, assurance of onsite installation, security testing, threat-intelligence, and operational assurance. Additionally they may be required to provide ad-hoc projects and support with incident management and response, digital forensics, security, network and infrastructure consulting. The supplier should be able to provide CREST certified penetration testing services There may be a future requirement for IT managed services, IT cybersecurity services and project delivery services to be provided by the supplier, so it is desirable that the supplier have the capability to provide IT managed services (for example but not limited to networking, infrastructure, cybersecurity specialisms), cybersecurity services and professional services. This may include implementing new security tools or architectures. The PIN estimate reflects a combination of day to day capacity, flex contingency, potential ad-hoc projects and support services, and is not a promise or guarantee that the estimate will be reached during the initial or renewal terms.