International Consultant for Conducting Cybersecurity Needs Assessment

Consultant

Overview

Support assessment and development for cybersecurity in Bosnia and Herzegovina

You have:

• University degree in the area of Information Technology, Electrical Engineering or another relevant field.
• At least 5 years of professional experience in area of cyber security and protection of IT systems.
• Extensive professional experience dealing with cyber security governance within the public sector on the strategic level in one EU member state.
• General knowledge of the European Union regulatory framework and comparative European national legislation and practices in the area of cyber security.
• Very good understanding of and familiarity with cyber security regulations in the Western Balkans will be considered a strong asset.
• Proven ability to undertake professional research using both quantitative and qualitative methods.
• Proven analytical skills and ability to conceptualise and write concisely and clearly.
• Previous work for UN agencies in the country is considered as unique asset.
• Excellent writing, editing, and oral communication skills in English.

Contract

This is a International Consultant contract. More about International Consultant contracts.

Background

NOTE Application procedure:

Application with a CV must be submitted online via this website. Please click on “Apply Now” Tab and complete required fields and upload CV. Please note that website accepts only one document therefore, if you would like to upload more than one document, please make sure to combine it into a single one. Financial offer (for national consultants only in BAM) in a form of completed and Signed Offeror’s Letter to UNDP Confirming Interest and availability - https://tinyurl.com/Offeror-Letter - Letter to UNDP Confirming Interest and Availability.docx - to be sent to e-mail ba.shared.hr@undp.org with Subject: Job ID 108914.

The Strengthening Cybersecurity Capacities in Bosnia and Herzegovina Project seeks to contribute through a portfolio of interventions, improve cybersecurity legislative and policy environment, as well as awareness, skills, and governments’ capabilities necessary to carry forward a coherent, secure, and resilient cybersecurity agenda in Bosnia and Herzegovina and the region. The intervention shall therefore focus on establishing relevant legal, regulatory, and institutional frameworks aligned with the relevant EU Regulations. The anticipated effects from this intervention shall manifest in: improved enabling environment for the accelerated pace of EU-aligned cybersecurity agenda implementation in Bosnia and Herzegovina; increased security level of networks and information systems in the country and improved prevention, preparedness, reaction, and resilience to cyber incidents and threats in public, private sectors, and society as a whole; increased trust of users, organizations, and companies in using digital tools through awareness-raising.

The project intends to conduct an extensive, independent assessment that aims to establish the current level of existing domestic material, technical and human cybersecurity resources, as well as verify and deepen findings and recommendations of other publicly available assessments, thus providing evidence-based grounds for further needs-based actions.General background on the context of the engagement; Brief explanation of the project; References to any documents/materials as appropriate; Objectives of the assignment.

Duties and Responsibilities

Under this assignment, the International Consultant is supporting the effective implementation of technical assistance pillar under this Project, with the following tasks:

Task 1. Conduct needs and technical requirements assessment

Under this activity the International Consultant is expected to:

• Conduct brief assessment of existing capacities both on technical and policy level;
• Research existing frameworks and conduct interviews with major stakeholders;
• Identify and document all possible points for improvements;
• Prepare comprehensive report on current needs and technical requirements for all levels of national cyber security management.

Task 2. Provide technical assistance to government structures in establishing Computer Emergency Response Teams (CERT) and staff development

Under this activity the International Consultant is expected to:

• Identify relevant stakeholders in CERT community;
• Perform current status, capabilities and resources assessment;
• Prepare improvements possibilities report with resources, technical competencies building plan and necessary training and education.

Task 3. Conduct 1-2 day workshop for CERT community stakeholders

Under this activity the International Consultant is expected to:

• Identify relevant stakeholders in CERT community to be invited to workshop;
• Prepare materials and contents for the workshop;
• Conduct workshop with the following proposed agenda:
  • General CERT community in the EU, frameworks and practices,
  • Trends,
  • CERT tools, tactics and techniques,
  • Present improvement possibilities.

Deliverables/outputs

#

Deliverables / Outputs

# of Days per Task

Due Date

Percentage

1.

Comprehensive report on current needs and technical requirements for all levels of national cyber security management prepared and verified by the UNDP Project Team

15

20 October 2022

50

2.

Report on improvements possibilities with resources, technical competencies building plan and necessary training and education prepared and verified by the UNDP Project Team

10

10 November 2022

33

3.

Workshop materials developed and a workshop held.

5

30 November 2022

17

Competencies

Corporate competencies:

• Demonstrates integrity by modelling the UN’s values and ethical standards;
• Promotes the vision, mission, and strategic goals of UNDP;
• Displays cultural, gender, religion, race, nationality and age sensitivity and adaptability;
• Treats all people fairly without favoritism;
• Fulfils all obligations to gender sensitivity and zero tolerance for sexual harassment;

Functional competencies:

• Strong interpersonal skills, communication and diplomatic skills, ability to work in a team;
• Openness to change and ability to receive/integrate feedback;
• Ability to work under pressure and stressful situations;
• Strong analytical, reporting and writing abilities;
• Excellent public speaking and presentation skills.

Required Skills and Experience

Academic Qualifications/Education:

• University degree in the area of Information Technology, Electrical Engineering or another relevant field.

Experience:

• At least 5 years of professional experience in area of cyber security and protection of IT systems.
• Extensive professional experience dealing with cyber security governance within the public sector on the strategic level in one EU member state.
• General knowledge of the European Union regulatory framework and comparative European national legislation and practices in the area of cyber security.
• Very good understanding of and familiarity with cyber security regulations in the Western Balkans will be considered a strong asset.
• Proven ability to undertake professional research using both quantitative and qualitative methods;
• Proven analytical skills and ability to conceptualise and write concisely and clearly;
• Previous work for UN agencies in the country is considered as unique asset.

Languages Requirements:

• Excellent writing, editing, and oral communication skills in English.

Longlisting/Shortlisting Criteria

Qualifications as stated in the ToR

Criteria:

Points

Relevant Education

University degree in the area of Information Technology, Electrical Engineering or another relevant field.

max 15 points

Relevant professional experience

At least 5 years of professional experience in area of cyber security and protection of IT systems.; Extensive professional experience dealing with cyber security governance within the public sector on the strategic level in one EU member state.

max 60 points

Prior work experience with UNDP/UN Agencies

max 20 points

Knowledge of English

max 5 points - will be assessed (based on submitted methodology) as: 5 points for fluency and the points decrease as per the level mentioned in the CV: good - 4 points; fair/upper intermediate – 3 points; intermediate - 2 points; beginner - 1 point.

Technical Evaluation Criteria

Criteria:

Points

Rating based on Qualifications

30%

Relevant experience in designing and conducting workshops for government and parliaments officials

20%

Relevant experience in conducting professional research using both quantitative and qualitative methods

25%

Submitted methodology

25%

Evaluation

Individual will be evaluated based on the following methodology:

Cumulative analysis

When using this weighted scoring method, the award of the contract should be made to the candidate whose offer has been evaluated and determined as:

a) responsive/compliant/acceptable, and

b) Having received the highest score out of a pre-determined set of weighted technical and financial criteria specific to the solicitation.

* Technical Criteria weight-70%

* Financial Criteria weight- 30%

Interested candidated must submit the following documents/information to demonstrate their qualifications:

• Explaining why they are the most suitable for the work
• Provide a brief methodology on how they will approach and conduct the work;
• Personal CV/P11, including past experience in similar projects and at least 3 references.

Please scan all above mentioned documents and upload as one attachment only online through this website.

Note:

• For an assignment requiring travel, consultants of 65 years or more require full medical examination and statement of fitness to work to engage in the consultancy.
• Due to large number of potential applicants, only competitively selected candidates will be contacted for remaining steps of the service procurement process.

Apply now

Potential interview questions

Added 3 years ago - Updated 1 year ago - Source: jobs.undp.org