- UNDP around the world
Many of UNDP's relationships with countries and territories on the ground exceed 60 years. Find details on our successes and ongoing work.
- Bosnia and Herzegovina
- Burkina Faso
- Cape Verde
- Central African Republic
- Congo (Dem. Republic of)
- Congo (Republic of)
- Costa Rica
- Côte d'Ivoire
- Democratic People's Republic of Korea
- Denmark (Rep. Office)
- Dominican Republic
- E.U (Rep. Office)
- El Salvador
- Equatorial Guinea
- Fiji (Multi-country Office)
- Finland (Rep. Office)
- Geneva (Rep. Office)
- Iraq (Republic of)
- Kosovo (as per UNSCR 1244)
- Lao PDR
- Mauritius & Seychelles
- Norway (Rep. Office)
- Papua New Guinea
- Programme of Assistance to the Palestinian People
- Russian Federation
- Samoa (Multi-country Office)
- São Tomé and Principe
- Saudi Arabia
- Sierra Leone
- South Africa
- South Sudan
- Sri Lanka
- Sweden (Rep. Office)
- The former Yugoslav Republic of Macedonia
- Tokyo (Rep. Office)
- Trinidad and Tobago
- United Arab Emirates
- About Us
- News Centre
National Consultant for review and testing of the Diia server infrastructure connectivity security settings
|Location :||Home based/”Diia” SOE office, Ukraine, UKRAINE|
|Application Deadline :||05-Oct-21 (Midnight New York, USA)|
|Type of Contract :||Individual Contract|
|Post Level :||National Consultant|
|Languages Required :||English|
|Duration of Initial Contract :||till 15.12.2021 (or earlier)|
UNDP is committed to achieving workforce diversity in terms of gender, nationality and culture. Individuals from minority groups, indigenous groups and persons with disabilities are equally encouraged to apply. All applications will be treated with the strictest confidence.
UNDP does not tolerate sexual exploitation and abuse, any kind of harassment, including sexual harassment, and discrimination. All selected candidates will, therefore, undergo rigorous reference and background checks.
Ukraine has made significant strides in digitalizing the state and its functions. Successes of the Prozorro system, implementation of the national interoperability system for state registries (Trembita), increasing the transparency of public sector through open-data initiative, development of digital public services under "State in smartphone" initiative are well-known and documented. The Ministry of Digital Transformation (MDT) created in 2019 aims to continue and expand this trend. Most recently, the Government-launched the "Diia.gov.ua" e-services delivery web-portal and its namesake mobile application. These digital products embody the newest trends of digitalisation for citizens.
With support from its partners, MDT aims to rapidly develop new and improved e-services that will offer an enjoyable and secure experience. Recently Ukraine saw the development and implementation of several high-profile e-services in different spheres – business registration, construction, birth related services (eMalyatko), and others. At the very end of 2020, MDT launched a mechanism for individual entrepreneurs to apply for state support in the most battered economic sectors. E-service expansion, especially throughout the COVID-19 pandemic, helps citizens get no-contact access to governmental services. Such services also cut state administrative costs, bringing about more transparency into government-citizen interactions and slashing petty corruption.
Rapid development of e-services poses new challenges – cybersecurity threats and risks of personal data leak. To address this challenges MDT is constantly working on improvement of the Diia infrastructure (data centre, a set of web-portals and mobile application) information security, organizes “Bug bounty” challenges and performs data protection audits. In august 2021 MDT launched second “Bug bounty” challenge for the Diia application, this bug bounty is the first public bug bounty launched by MDT.
On 1 January 2021, UNDP launched its new Digital, Inclusive, Accessible: Support to Digitalisation of State Services in Ukraine (DIA Support) Project. The project is made possible due to support of the Government of Sweden and is carried out in close collaboration with the Ministry of Digital Transformation of Ukraine (MDT) and other government stakeholders.
The project builds on extensive UNDP experience in two areas: administrative service reform and reengineering and digitalising public administration processes with broad citizen and expert engagement. As part of the project, UNDP will help the government partners – primarily MDT – select several service clusters in use by citizens representing vulnerable groups. Services will be packaged to accommodate everyday needs and transposed into a fully digital format. While working on creation of new digital services, the DIA Support Project will certify the software systems developed under Ukrainian regulations and in line with international cybersecurity practices.
Duties and Responsibilities
Objectives of the assignment
The main objective of the assignment is to review and test the Diia server infrastructure connectivity security settings and create recommendations of improvement of the settings and further automation of connectivity setting monitoring. The assignment has to be carried out under UNDP supervision in close coordination and cooperation with the MDT and the “Diia” SOE as a technical administrator of the Diia infrastructure.
Scope of services
It is expected that the Consultant will engage in the following types of activities:
During the review and testing Diia data centre firewall and VPN settings, the Consultant have to perform practical testing of connectivity between all servers in the Diia server infrastructure (about 300 servers).
The resulting Firewall and VPN settings review and testing report should contain the following information:
The report on recommendations for organizing of automatic testing and monitoring of firewall rules should contain the following information:
The activates listed above will be performed on the Diia server infrastructure with the following technology stack:
MDT (“Diia” SOE) will be responsible for providing secure access to the Diia server infrastructure for the Consultant.
The Consultant will sign non-disclosure agreement with MDT/“Diia” SOE to safeguard information on the results of the review and testing, on the Diia server infrastructure structure and on other technical information.
Measurable outputs of the work assignment/deliverables
The Consultant will be primarily responsible for achieving the objectives of the assignment. The Consultant will report to the Diia Support Project Manager and will work closely with Diia Support Project Senior IT Specialist, MDT and “Diia” SOE representatives.
The Consultant will be responsible for all personal administrative expenses associated with the assignment. In case any public events are planned jointly by the Consultant and UNDP as part of the present assignment, the Consultant will not be responsible for logistics of events. UNDP will cover the conference costs (including possible printing, food, accommodation and etc.) on its own.
Monitoring requirements / Terms of payment
The Consultant will work under the overall supervision of the Project Manager. The Consultant will interact with UNDP and MDT/”Diia” SOE to receive any clarifications and guidance that may be needed. The Consultant will duly inform UNDP of any problems, issues or delays arising in the course of implementation of the assignment and take necessary steps to address them.
UNDP will be the final authority to control the quality and evaluate the work. The satisfactory completion of each of the deliverables shall be subject to the endorsement of the Project Manager. Each deliverable will be delivered in a draft for comments and feedback before finalisation. No reports or documents should be published or distributed to third parties without the approval of UNDP.
All reports and results are to be submitted to the UNDP in electronic form (*.docx, *.xlsx, *.pptx, and *.pdf or other formats accepted by UNDP). The language of the materials and reports is Ukrainian. The final report (recommendations for organizing of automatic testing and monitoring of firewall rules) should be submitted to UNDP for comments and approval not later than 30 November 2021.
UNDP will provide payment upon provision of each deliverable duly certified by UNDP in accordance with the schedule below:
Deliverable 1. 70%
Deliverable 2. 30%
Required Skills and Experience
Required experience and qualifications
?Documents to be included when submitting the proposal
? Lump sum contract
The financial proposal shall specify a total lump sum amount, and payment terms around specific and measurable (qualitative and quantitative) deliverables (please, refer to Section 4 Measurable outputs of the work assignment/deliverables). Payments are based upon output, i.e. upon delivery of the services specified in the TOR. In order to assist the requesting unit in the comparison of financial proposals, the financial proposal will include a breakdown of Cost by Components.
Maximum available technical score – 70 points
? Cumulative analysis
Contract award shall be made to the incumbent whose offer has been evaluated and determined as:
a) responsive/compliant/acceptable, and
b) having received the cumulative highest score out of a pre-determined set of weighted technical and financial criteria specific to the solicitation.
* Technical Criteria weight: 70%
* Financial Criteria weight: 30%
Only candidates obtaining a minimum 70% from the maximum available technical score (49 points) would be considered for the Financial Evaluation
The maximum number of points assigned to the financial proposal is allocated to the lowest price proposal and will equal to 30. All other price proposals will be evaluated and assigned points, as per below formula:
30 points [max points available for financial part] x [lowest of all evaluated offered prices among responsive offers] / [evaluated price].
The proposal obtaining the overall cumulatively highest score after adding the score of the technical proposal and the financial proposal will be considered as the most compliant offer and will be awarded a contract.