UNDP Jobs - 112710- 2615 Senior Consultant for Cybersecurity Facility

2615 Senior Consultant for Cybersecurity Facility in Data Center Innovation District (2 segments)

Location :

Home based, SERBIA

Type of Contract :

Individual Contract

Starting Date :

Application Deadline :

11-Jun-23 (Midnight New York, USA)

Post Level :

National Consultant

Duration of Initial Contract :

Languages Required :

English

Expected Duration of Assignment :

June 2023 - July 2023

UNDP is committed to achieving workforce diversity in terms of gender, nationality and culture. Individuals from minority groups, indigenous groups and persons with disabilities are equally encouraged to apply. All applications will be treated with the strictest confidence. UNDP does not tolerate sexual exploitation and abuse, any kind of harassment, including sexual harassment, and discrimination. All selected candidates will, therefore, undergo rigorous reference and background checks.

Background

Purpose

To provide expert advice and support to the Office for IT and e-Government (ITE) related to the detailed specification of two segments of the Cybersecurity facility in the Data Center Innovation District.

Objective

To support digital transformation of the public administration in Serbia by developing an Innovation District to gather all important stakeholders in order to provide secure, fast and reliable software services, platform services and infrastructure services to governmental institutions, Science and Research institution, science technology park and other important stakeholders within the innovative ecosystem.

Background Information

Digital transformation of the national economy and public administration are among the key priorities of Serbian Government. In addition to providing high-level political support and institutional sponsorship, the government introduced a new institutional framework to manage this process and initiate internal changes. In 2017, the Office for IT and e Government (ITE) was created to consolidate government's ICT resources, develop shared infrastructures and support the transition from an institution-centric to a citizen-centric model of designing and providing e services. ITE was initially formed as a cabinet-level body, and in 2022 with the creation of the new Government, its status changed into a special organization. ITE also performs the tasks of coordinating the support to the international cooperation on the global market for digital, innovative and creative industries, as well as monitoring and promoting the connection of the public and private sectors in the areas of the digital innovative creative economy, aiming at sustainable and integrated economic growth of the Republic of Serbia.

ITE currently provides IT/infrastructure services to 87 state institutions and all (174) municipalities in Serbia. With digitalization high on the government agenda, this number is expected to grow significantly in the coming years. ITE will, therefore, need to adapt its business processes related to ICT infrastructure management, to provide for the anticipated growth, while maintaining the expected levels of service quality and security.

In early 2018, the ITE has decided to implement a central cloud platform to support fundamental and most urgently needed digital infrastructure and services. The cloud platform is intended to provide software services, platform services and infrastructure services to governmental institutions, public enterprises, municipalities and potentially other entities. Initial consultations between the key government stakeholders gathered in the Coordination Council for e-Government (35 institutions) indicated that available data center facilities will be insufficient or unqualified to provide for the required long-term computing, communication and security infrastructure needs. In response to this, the ITE has decided to establish primary government data center location in Belgrade (hosted in one of Telecom Serbia’s data centers). In addition, the Government of Serbia has decided to commission the construction of a new Data Center/disaster recovery facility, consisting of Building 1 and Building 2, in Kragujevac, and designated this project as strategically important. ITE was appointed as the investor and manager of the facility, on behalf of the Republic of Serbia.

In order to further support development of digital infrastructure and services, and fulfil the needs of Data Center commercial tenants, ITE plans to further expend Data Center complex to adjacent land plot, and develop an Innovation District dedicated primarily to cyber security, biotech and smart city technologies. Furthermore, the Innovation District will be open to science and technology parks, academic and research and development institutions in Serbia. The focus is on elaborating further a cybersecurity facility within the Innovation Districts and having that in mind, the assignment can be divided into following phases. Phase one reflects on determining the entire concept of cybersecurity facility, starting off with a high-level concept idea in terms of best practices and trends in cybersecurity by looking at worldwide examples of such facilities or cybersecurity labs. Moving further, phase two would be development of spatial and technical specifications for proposed concept ideas including specification of units within this facility (for example: specification of the number of premises, units within premises, purpose of each unit in terms of office space, laboratory, training center, simulation laboratory, co-working space etc.). Phase three reflects on usage of proposed premises/units within cybersecurity facility looking closely at concept, events, work protocols, giving recommendations and guidelines in terms of training curriculums in area of cybersecurity and ICT infrastructure to accommodate suggested content, events and trainings.

UNDP is now seeking, under the Digital Transformation project, to engage the Consultant who will provide ITE with assistance related to phase two - providing special and technical specification for cybersecurity facility in the Data Center Innovation District. It is expected that the Consultant will provide a detailed elaboration and proposal of two segments (Laboratory for IT training in the field of cyber security; Digital forensics laboratory) of the cybersecurity facility taking in consideration already prepared high-level proposal presentation of concept idea.

Duties and Responsibilities

Scope of Work

The Consultant will provide expert advice related to the equipment and technical and special specification of the two segments (Laboratory for IT training in the field of cyber security; Digital forensics laboratory) of the cybersecurity facility under guidance of the Project Manager and Director of the Office for IT and eGovernment which shall lead to informed and efficient planning and preparation for construction of the Data Center Innovation District.

Detailed activities include:

Expert advice in how to organize two segments/premises (Laboratory for IT training in the field of cyber security; Digital forensics laboratory), from the technical perspective, of the Cybersecurity Facility in the Innovation District:
- Proposing technical specification of the hardware;
- Proposing technical specification of the software;
- Define conditions for the use of hardware and software;
- Providing inputs for spatial and technical requirements of the above mentioned two segments to be used as inputs for development of the design documentation of the Cybersecurity Facility.

Deliverables and Timeline

The Consultants will be responsible for the following deliverables:

No.	Deliverable	Deadline
1.	Report on proposed spatial and technical requirements of two segments/premises (Laboratory for IT training in the field of cyber security; Digital forensics laboratory) and their organisation within cybersecurity facility	15 July 2023

Deliverable must be submitted in Serbian language and will be quality reviewed, approved and accepted by the UNDP Project Manager in consultation with ITE and Ministry of Information and Telecommunications. The Consultant will be provided by UNDP and ITE with input report - high/level concept presentation supporting ITE in moving further with activities regarding development of Innovation District.

Competencies

Good analytical, communication and writing skills;
Good time management skills;
Ability to work in a team;
Demonstrates sensitivity to cultural and gender diversity and equity in his/her daily work and personal behavior;
Treats all people fairly without favoritism;
Fulfils all obligations to gender sensitivity and zero tolerance for sexual harassment;
Full computer literacy.

Required Skills and Experience

The Consultant selected to undertake the assignment must fulfill the following minimal requirements:

Qualifications and work experience

Education

MA degree in electrical engineering, information security, cybersecurity or similar field. PhD will be considered as an asset.

Work Experience

At least 10 years of experience in information technology on positions involving project design, management, and implementation of projects/software solutions or academic experience in the field of IT/cybersecurity;
Good understanding of Serbian cybersecurity ecosystem and legislative framework;
Experience with conducting data analysis using spreadsheets, ability to create sophisticated graphs and charts to present complex data in a meaningful way.

Language

Fluency in Serbian and English;

DOCUMENTS TO BE INCLUDED WHEN SUBMITTING THE PROPOSALS.

Application Procedure:

Qualified and interested candidates are asked to submit their applications: UNDP in Serbia under section “Jobs” no later than 11th June 2023.

Application should include:

CV in English language containing date of birth, contact information (home address, phone number, e-mail) and timeline of work experience (including description of duties).
Offeror’s Letter confirming Interest and availability for the Individual Contractor (IC) Assignment. Can be downloaded from the following link https://www.undp.org/sites/g/files/zskgke326/files/2022-07/confirmation.docx. The Offeror’s Letter shall include financial proposal specifying a total lump sum amount for the tasks specified in this announcement with a breakdown of costs (Offeror’s Letter, including Annex 2, Table A: Breakdown of costs & Table B) Breakdown of costs by deliverables).
Cover Letter – explaining why you are the most suitable for the work should be included in the CV.

In order to apply please merge above listed documents into a single PDF file. The system does not allow for more than one attachment to be uploaded.

The shortlisted candidates may be asked to provide copies of diplomas and any other certificates providing evidence of their education and experience in relevant fields.

Any request for clarification must be sent by standard electronic communication to the e-mail vacancy.rs@undp.org. The procuring UNDP entity will respond by standard electronic mail and will send response, including an explanation of the query without identifying the source of inquiry, to all consultants.

Financial Proposal:

Lump sum contracts

The financial proposal shall specify a total lump sum amount (USD), and payment terms around specific and measurable (qualitative and quantitative) deliverables (i.e. whether payments fall in installments or upon completion of the entire contract). Payments are based upon output, i.e. upon delivery of the services specified in the TOR. In order to assist the requesting unit in the comparison of financial proposals, the financial proposal will include a breakdown of this lump sum amount (including travel, per diems, and number of anticipated working days).

Travel

Home-based, no envisaged travel.

Evaluation

1. Cumulative analysis

When using this weighted scoring method, the award of the contract should be made to the individual consultant whose offer has been evaluated and determined as:

a) responsive/compliant/acceptable, and

b) Having received the highest score out of a pre-determined set of weighted technical and financial criteria specific to the solicitation.

* Technical Criteria weight; 70%

* Financial Criteria weight; 30%

Only candidates obtaining a minimum of 49 points would be considered for the Financial Evaluation

*Criteria*	*Weight*	*Max. Point*
Technical	70%	70
Criteria A	Proven experience in research and analysis in a field of cybercrime, digital forensics and/or information security. Relevant working experience must be clearly demonstrated through submitted CV	30
Criteria B	Proven experience in working on cybersecurity projects in the public sector. Relevant working experience must be clearly demonstrated through submitted CV.	20
Criteria C	Proven experience in working and/or advising on cybersecurity issues for security Ministries and agencies. Relevant working experience must be clearly demonstrated through submitted CV.	20
Financial	30%	30

Additional Information:

Individual Contract (IC) will be applicable for individual consultants applying in their own capacity. If the applicant is employed by any legal entity, IC would be issued upon submission of Consent letter from the employer acknowledging the engagement with UNDP. Template of General Conditions on IC could be found on: Template of General Conditions on IC could be found on: https://www.undp.org/sites/g/files/zskgke326/files/2022-07/General_Conditions_for_Individual_Contracts.pdf
Reimbursable Loan Agreement (RLA) will be applicable for applicants employed by any legal entity. Template of RLA with General Terms and Conditions could be found on: https://www.undp.org/sites/g/files/zskgke326/files/2022-07/PSU_Individual%20Contract_Model%20Reimbursable%20Loan%20Agreement.docx

In the case of engagement of Civil servants under IC contract modality a no-objection letter should be provided by the Government entity. The ‘no-objection’ letter must also state that the employer formally certifies that their employees are allowed to receive short-term consultancy assignment from another entity without being on “leave-without-pay” status (if applicable), and include any conditions and restrictions on granting such permission, if any. If the previous is not applicable ‘leave-without-pay’ confirmation should be submitted.

Engagement of Government Officials and Employees

Government Officials or Employees are civil servants of UN Member States. As such, if they will be engaged by UNDP under an IC which they will be signing in their individual capacity (i.e., engagement is not done through RLA signed by their government employer), the following conditions must be met prior to the award of contract:

(i) A “No-objection” letter in respect of the individual is received from the Government employing him/her, and;

(ii) The individual must provide an official documentation from his/her employer formally certifying his or her status as being on “official leave without pay” for the duration of the IC.

The above requirements are also applicable to Government-owned and controlled enterprises and well as other semi/partially or fully owned Government entities, whether or not the Government ownership is of majority or minority status.
UNDP recognizes the possibility that there are situations when the Government entity employing the individual that UNDP wishes to engage is one that allows its employees to receive external short-term consultancy assignments (including but not limited to research institutions, state-owned colleges/universities, etc.), whereby a status of “on-leave-without-pay” is not required. Under such circumstance, the individual entering into an IC with UNDP must still provide a “No-objection” letter from the Government employing him/her. The “no objection” letter required under (i) above must also state that the employer formally certifies that their employees are allowed to receive short-term consultancy assignment from another entity without being on “leave-without-pay” status and include any conditions and restrictions on granting such permission, if any. The said document may be obtained by, and put on record of, UNDP, in lieu of the document (ii) listed above.