Notice Information
Notice Title
Security Operations Centre Services
Notice Description
Contract for the provision of a managed Security Operations Centre (SOC) service to provide the following: 1. Provision of a modern and fit-for-purpose SOC capability operating 24 hours a day, 7 days a week, 365 days a year (working in concert with the Financial Ombudsman Service's cyber security team); 2. Undertake standard security operations functions including: a) Performing triage of security incidents, core security incident response, and escalation activities (we refer to these as level 1 and 2 activities); b) Tuning/configuration of the Security Information & Event Management (SIEM) solution and associated Security Orchestration, Automation & Response (SOAR) capabilities; c) Responding to threat intelligence and performing proactive threat hunting; d) Management, investigation, and resolution of critical/major security incidents including digital forensics as required; and e) Conducting process improvement activities to improve the effectiveness of the SOC. 3. Provision of cyber security resources on demand to augment the Financial Ombudsman Service's team on an ad-hoc basis. These resources maybe involved in project or business as usual activities.
Lot Information
Lot 1
Contract for the provision of a managed Security Operations Centre (SOC) service to provide the following: 1. Support of the existing SOC team to enable a modern and fit-for-purpose SOC capability operating 24 hours a day, 7 days a week, 365 days a year. We are looking for a supplier that can provide a SOC capability that functions over a 24-hour period, 7 days a week, 365 days a year. 2. Undertake standard security operations functions including: a) Performing triage of security incidents, core security incident response, and escalation activities (we refer to these as level 1 and 2 activities); b) Tuning/configuration of the Security Information & Event Management (SIEM) solution and associated Security Orchestration, Automation & Response (SOAR) capabilities; and c) Responding to threat intelligence and performing proactive threat hunting. The SOC service will tune and configure our SIEM tool on an ongoing basis. We expect the supplier to maintain an up to date knowledge of industry best practices and threat intelligence sources to inform the tuning and configuration process. In addition to this, we require the SOC capability to monitor and respond to alerts from the SIEM solution and manage any related incidents, liaising with the Financial Ombudsman Service team where required. 3. Management, investigation, and resolution of critical/major security incidents, including digital forensics as required. If we suffer a major security incident, we may ask the supplier to assist with the management, investigation, and resolution of it. This may involve attending the Financial Ombudsman Service's offices. 4. Conducting agreed ongoing process improvement activities that will strengthen and improve the SOC's ability to effectively detect and respond to the changing landscape of threats faced by the Financial Ombudsman Service and the financial services industry. 5. Provision of cyber security resources on demand to augment the Financial Ombudsman Service's team on an ad-hoc basis. These resources maybe involved in project or business as usual activities. Provision of information security resources to augment our existing information security team, as called-off by us on an ad-hoc basis. These resources may be involved in project or business as usual activities in the Cyber Security area.
Options: Three year contract with three additional option years.
Renewal: A 3 year contract with the option to extend for a further 3 years in annual increments.
Notice Details
Publication & Lifecycle
- Open Contracting ID
- ocds-h6vhtk-041aea
- Publication Source
- Find A Tender Service
- Latest Notice
- https://www.find-tender.service.gov.uk/Notice/040157-2024
- Current Stage
- Award
- All Stages
- Tender, Award
Procurement Classification
- Notice Type
- Tender Notice
- Procurement Type
- Standard
- Procurement Category
- Services
- Procurement Method
- Selective
- Procurement Method Details
- Restricted procedure
- Tender Suitability
- Not specified
- Awardee Scale
- SME
Common Procurement Vocabulary (CPV)
- CPV Divisions
72 - IT services: consulting, software development, Internet and support
-
- CPV Codes
72000000 - IT services: consulting, software development, Internet and support
72400000 - Internet services
72500000 - Computer-related services
72600000 - Computer support and consultancy services
Notice Value(s)
- Tender Value
- £900,000 £500K-£1M
- Lots Value
- £900,000 £500K-£1M
- Awards Value
- Not specified
- Contracts Value
- £1,146,500 £1M-£10M
Notice Dates
- Publication Date
- 12 Dec 20241 years ago
- Submission Deadline
- 18 Dec 2023Expired
- Future Notice Date
- Not specified
- Award Date
- 6 Dec 20241 years ago
- Contract Period
- Not specified - Not specified
- Recurrence
- Not specified
Notice Status
- Tender Status
- Complete
- Lots Status
- Cancelled
- Awards Status
- Active
- Contracts Status
- Active
Buyer & Supplier
Contracting Authority (Buyer)
- Main Buyer
- FINANCIAL OMBUDSMAN SERVICE
- Additional Buyers
- Contact Name
- Available with D3 Tenders Premium →
- Contact Email
- Available with D3 Tenders Premium →
- Contact Phone
- Available with D3 Tenders Premium →
Buyer Location
- Locality
- LONDON
- Postcode
- E14 9SR
- Post Town
- East London
- Country
- England
-
- Major Region (ITL 1)
- TLI London
- Basic Region (ITL 2)
- TLI4 Inner London - East
- Small Region (ITL 3)
- TLI42 Tower Hamlets
- Delivery Location
- TLI London
-
- Local Authority
- Tower Hamlets
- Electoral Ward
- Canary Wharf
- Westminster Constituency
- Poplar and Limehouse
Further Information
Open Contracting Data Standard (OCDS)
View full OCDS Record for this contracting process
The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts.
{
"tag": [
"compiled"
],
"id": "ocds-h6vhtk-041aea-2024-12-12T16:31:36Z",
"date": "2024-12-12T16:31:36Z",
"ocid": "ocds-h6vhtk-041aea",
"initiationType": "tender",
"tender": {
"id": "ocds-h6vhtk-041aea",
"legalBasis": {
"id": "32014L0024",
"scheme": "CELEX"
},
"title": "Security Operations Centre Services",
"status": "complete",
"classification": {
"scheme": "CPV",
"id": "72000000",
"description": "IT services: consulting, software development, Internet and support"
},
"mainProcurementCategory": "services",
"description": "Contract for the provision of a managed Security Operations Centre (SOC) service to provide the following: 1. Provision of a modern and fit-for-purpose SOC capability operating 24 hours a day, 7 days a week, 365 days a year (working in concert with the Financial Ombudsman Service's cyber security team); 2. Undertake standard security operations functions including: a) Performing triage of security incidents, core security incident response, and escalation activities (we refer to these as level 1 and 2 activities); b) Tuning/configuration of the Security Information & Event Management (SIEM) solution and associated Security Orchestration, Automation & Response (SOAR) capabilities; c) Responding to threat intelligence and performing proactive threat hunting; d) Management, investigation, and resolution of critical/major security incidents including digital forensics as required; and e) Conducting process improvement activities to improve the effectiveness of the SOC. 3. Provision of cyber security resources on demand to augment the Financial Ombudsman Service's team on an ad-hoc basis. These resources maybe involved in project or business as usual activities.",
"value": {
"amount": 900000,
"currency": "GBP"
},
"lots": [
{
"id": "1",
"description": "Contract for the provision of a managed Security Operations Centre (SOC) service to provide the following: 1. Support of the existing SOC team to enable a modern and fit-for-purpose SOC capability operating 24 hours a day, 7 days a week, 365 days a year. We are looking for a supplier that can provide a SOC capability that functions over a 24-hour period, 7 days a week, 365 days a year. 2. Undertake standard security operations functions including: a) Performing triage of security incidents, core security incident response, and escalation activities (we refer to these as level 1 and 2 activities); b) Tuning/configuration of the Security Information & Event Management (SIEM) solution and associated Security Orchestration, Automation & Response (SOAR) capabilities; and c) Responding to threat intelligence and performing proactive threat hunting. The SOC service will tune and configure our SIEM tool on an ongoing basis. We expect the supplier to maintain an up to date knowledge of industry best practices and threat intelligence sources to inform the tuning and configuration process. In addition to this, we require the SOC capability to monitor and respond to alerts from the SIEM solution and manage any related incidents, liaising with the Financial Ombudsman Service team where required. 3. Management, investigation, and resolution of critical/major security incidents, including digital forensics as required. If we suffer a major security incident, we may ask the supplier to assist with the management, investigation, and resolution of it. This may involve attending the Financial Ombudsman Service's offices. 4. Conducting agreed ongoing process improvement activities that will strengthen and improve the SOC's ability to effectively detect and respond to the changing landscape of threats faced by the Financial Ombudsman Service and the financial services industry. 5. Provision of cyber security resources on demand to augment the Financial Ombudsman Service's team on an ad-hoc basis. These resources maybe involved in project or business as usual activities. Provision of information security resources to augment our existing information security team, as called-off by us on an ad-hoc basis. These resources may be involved in project or business as usual activities in the Cyber Security area.",
"value": {
"amount": 900000,
"currency": "GBP"
},
"contractPeriod": {
"durationInDays": 1080
},
"hasRenewal": true,
"renewal": {
"description": "A 3 year contract with the option to extend for a further 3 years in annual increments."
},
"secondStage": {
"minimumCandidates": 5,
"maximumCandidates": 5
},
"selectionCriteria": {
"description": "See procurement documents."
},
"submissionTerms": {
"variantPolicy": "notAllowed"
},
"hasOptions": true,
"status": "cancelled",
"awardCriteria": {
"criteria": [
{
"name": "SOC Services",
"type": "quality",
"description": "55"
},
{
"name": "Implementation",
"type": "quality",
"description": "15"
},
{
"name": "Critical Incident Support",
"type": "quality",
"description": "10"
},
{
"name": "Security Services",
"type": "quality",
"description": "5"
},
{
"name": "Knowledge Transfer",
"type": "quality",
"description": "5"
},
{
"name": "Team and Structure",
"type": "quality",
"description": "5"
},
{
"name": "Values and CSR",
"type": "quality",
"description": "5"
},
{
"type": "price",
"description": "70% Quality - 30% Price"
}
]
},
"options": {
"description": "Three year contract with three additional option years."
}
}
],
"items": [
{
"id": "1",
"additionalClassifications": [
{
"scheme": "CPV",
"id": "72400000",
"description": "Internet services"
},
{
"scheme": "CPV",
"id": "72500000",
"description": "Computer-related services"
},
{
"scheme": "CPV",
"id": "72600000",
"description": "Computer support and consultancy services"
}
],
"deliveryAddresses": [
{
"region": "UKI"
},
{
"region": "UK"
}
],
"relatedLot": "1"
}
],
"submissionMethod": [
"electronicSubmission",
"written"
],
"submissionMethodDetails": "https://procurement.financial-ombudsman.org.uk/web/login.html",
"documents": [
{
"id": "economic",
"documentType": "economicSelectionCriteria"
},
{
"id": "technical",
"documentType": "technicalSelectionCriteria"
}
],
"contractTerms": {
"performanceTerms": "As stated within the draft Terms and Conditions as issued with the tender documents.",
"electronicInvoicingPolicy": "allowed",
"hasElectronicPayment": true
},
"procurementMethod": "selective",
"procurementMethodDetails": "Restricted procedure",
"tenderPeriod": {
"endDate": "2023-12-18T17:00:00Z"
},
"secondStage": {
"invitationDate": "2024-01-22T00:00:00Z"
},
"submissionTerms": {
"languages": [
"en"
],
"bidValidityPeriod": {
"durationInDays": 180
}
},
"hasRecurrence": false
},
"parties": [
{
"id": "GB-FTS-98690",
"name": "The Financial Ombudsman Service Limited",
"identifier": {
"legalName": "The Financial Ombudsman Service Limited"
},
"address": {
"streetAddress": "Exchange Tower, Harbour Exchange Square,",
"locality": "London",
"region": "UKI",
"postalCode": "E14 9SR",
"countryName": "United Kingdom"
},
"contactPoint": {
"telephone": "+44 2037169072",
"email": "procurement.enquiries@financial-ombudsman.org.uk",
"url": "https://procurement.financial-ombudsman.org.uk/web/login.html"
},
"roles": [
"buyer"
],
"details": {
"url": "https://www.financial-ombudsman.org.uk",
"classifications": [
{
"scheme": "TED_CA_TYPE",
"id": "BODY_PUBLIC",
"description": "Body governed by public law"
},
{
"scheme": "COFOG",
"id": "04",
"description": "Economic affairs"
}
]
}
},
{
"id": "GB-FTS-21383",
"name": "Financial Ombudsman Service",
"identifier": {
"legalName": "Financial Ombudsman Service"
},
"address": {
"locality": "London",
"postalCode": "E14 9GE",
"countryName": "United Kingdom"
},
"contactPoint": {
"email": "procurement.enquiries@financial-ombudsman.org.uk"
},
"roles": [
"reviewBody"
]
},
{
"id": "GB-FTS-21382",
"name": "Financial Ombudsman Service",
"identifier": {
"legalName": "Financial Ombudsman Service"
},
"address": {
"streetAddress": "Exchange Tower, Harbour Exchange Square,",
"locality": "London",
"region": "UK",
"postalCode": "E14 9SR",
"countryName": "United Kingdom"
},
"contactPoint": {
"telephone": "+44 02037169072",
"email": "procurement.enquiries@financial-ombudsman.org.uk"
},
"roles": [
"buyer"
],
"details": {
"url": "http://www.financial-ombudsman.org.uk",
"classifications": [
{
"scheme": "TED_CA_TYPE",
"id": "BODY_PUBLIC",
"description": "Body governed by public law"
},
{
"scheme": "COFOG",
"id": "04",
"description": "Economic affairs"
}
]
}
},
{
"id": "GB-FTS-132668",
"name": "Littlefish (UK) Limited",
"identifier": {
"legalName": "Littlefish (UK) Limited"
},
"address": {
"streetAddress": "Price House, 37 Stoney Street",
"locality": "Nottingham",
"region": "UK",
"postalCode": "NG1 1LS",
"countryName": "United Kingdom"
},
"roles": [
"supplier"
],
"details": {
"scale": "sme"
}
},
{
"id": "GB-FTS-132669",
"name": "Financial Ombudsman Service",
"identifier": {
"legalName": "Financial Ombudsman Service"
},
"address": {
"streetAddress": "Exchange Tower",
"locality": "London",
"postalCode": "E14 9SR",
"countryName": "United Kingdom"
},
"roles": [
"reviewBody"
]
}
],
"buyer": {
"id": "GB-FTS-21382",
"name": "Financial Ombudsman Service"
},
"language": "en",
"awards": [
{
"id": "040157-2024-1",
"relatedLots": [
"1"
],
"title": "Security Operations Centre",
"status": "active",
"suppliers": [
{
"id": "GB-FTS-132668",
"name": "Littlefish (UK) Limited"
}
]
}
],
"contracts": [
{
"id": "040157-2024-1",
"awardID": "040157-2024-1",
"title": "Security Operations Centre",
"status": "active",
"value": {
"amount": 1146500,
"currency": "GBP"
},
"dateSigned": "2024-12-06T00:00:00Z"
}
],
"bids": {
"statistics": [
{
"id": "1",
"measure": "bids",
"relatedLot": "1",
"value": 4
},
{
"id": "2",
"measure": "smeBids",
"relatedLot": "1",
"value": 1
},
{
"id": "3",
"measure": "foreignBidsFromEU",
"relatedLot": "1",
"value": 4
},
{
"id": "4",
"measure": "foreignBidsFromNonEU",
"relatedLot": "1",
"value": 4
},
{
"id": "5",
"measure": "electronicBids",
"relatedLot": "1",
"value": 4
}
]
}
}