Tender

Managed Service Provider (MSP) & Security Operations Centre (SOC) / SEIM Provider

WASTE & RESOURCES ACTION PROGRAMME

This public procurement record has 1 release in its history.

Tender

24 Apr 2025 at 09:52

UK4 - Tender Notice
Summary of the contracting process

The Waste & Resources Action Programme (WRAP), a sub-central public authority based in Banbury, UK, has initiated a tender process for a Managed Service Provider (MSP) and Security Operations Centre (SOC) / SIEM Provider. This procurement falls under the "IT services: consulting, software development, Internet and support" industry category, with a specific focus on enhancing IT operational resilience and cybersecurity. The process is currently in the Tender stage, with submissions required by 20th May 2025, aligning with the end of the enquiry period. The tender is conducted through an open competition method, wherein WRAP is open to awarding contracts either collectively or separately for the two distinct service packages, depending upon received proposals' quality and value for money.

This procurement represents a significant business growth opportunity, particularly for SMEs and VCSEs, capable of delivering scalable IT services or sophisticated cybersecurity solutions. IT service providers with experience in server monitoring, IT support, and cybersecurity, especially those with expertise in managing hybrid environments like Azure and Microsoft 365, are ideal candidates. With a contract value of £180,000, the opportunity allows for strategic alignment with WRAP’s IT and cybersecurity needs, providing flexibility through potential contract renewals by up to a year. Participating businesses stand to gain from long-term engagement with a public authority, leveraging their capabilities to address regulatory compliance, enhance cybersecurity measures, and contribute effectively to digital transformation initiatives.

Find more tenders on our Open Data Platform.
How relevant is this notice?

D3 Tenders Premium

Win More Public Sector Contracts

AI-powered tender discovery, pipeline management, and market intelligence — everything you need to grow your public sector business.

Start Free Trial Book a Demo
All Features Pricing

Notice Information

Notice Title

Managed Service Provider (MSP) & Security Operations Centre (SOC) / SEIM Provider

Notice Description

WRAP is seeking to procure support across two (2) distinct service packages: *Service Package 1: Managed Service Provider (MSP) *Service Package 2: Security Operations Centre (SOC) / SIEM Provider Bidders may submit a proposal for one or both packages. WRAP may award a single contract covering both service areas or award separate contracts for each service package, depending on the quality and value for money of the responses. Service Package 1: Managed Service Provider (MSP) The primary objective of this package is to supplement WRAP's internal IT function with a scalable, flexible and proactive Managed IT Services Partner. The MSP will enhance WRAP's operational resilience, ensure efficient ticket management, maintain high system performance and align IT service delivery with WRAP's evolving organisational needs and cybersecurity posture. Service Package 1: Security Operations Centre (SOC) / SIEM Provider The objective of this package is to secure WRAP's IT environment by delivering robust, around-the-clock cybersecurity monitoring, rapid incident response, and advanced threat intelligence services. The selected provider will strengthen WRAP's security posture and support regulatory compliance. To submit a Bid, register for free on: https://www.delta-esourcing.com/ Access Code (to find the opportunity): XU66K63TY7 For more information about this opportunity, please visit the Delta eSourcing portal at: https://www.delta-esourcing.com/tenders/UK-UK-Banbury:-IT-services:-consulting%2C-software-development%2C-Internet-and-support./XU66K63TY7 To respond to this opportunity, please click here: https://www.delta-esourcing.com/respond/XU66K63TY7

Lot Information

Managed Service Provider (MSP)

The primary objective of this package is to supplement WRAP's internal IT function with a scalable, flexible and proactive Managed IT Services Partner. The MSP will enhance WRAP's operational resilience, ensure efficient ticket management, maintain high system performance and align IT service delivery with WRAP's evolving organisational needs and cybersecurity posture. Services required are as follows: Server Monitoring & Reporting Provide 24/7 real-time monitoring of WRAP's Azure-based virtual servers. Detect and report on performance degradation, downtime, system anomalies, and security issues. Deliver automated and manual alerts for potential threats or service failures. Generate monthly reports covering server health, uptime, patching status, capacity utilisation, and threat logs. IT Support Escalation, Overflow and Flexible Support Provide Tier 2 and Tier 3 support, acting as an escalation point for complex IT incidents. Respond to overflow tickets exceeding internal team capacity (i.e., 20+ tickets/month). Ensure tight integration with WRAP's ITSM system (Freshservice) for ticket visibility and lifecycle updates. Be able to scale up support provision within 24 hours, as needed for peak periods or critical events. Ability to attend WRAP Offices for to supplement on-site IT presence. Full Helpdesk Coverage Provide full-service first line and second-line helpdesk support when WRAP's internal team is unavailable (e.g., holidays, absences). Deliver end-user support (remote or on-site if necessary), including troubleshooting, password resets, software/hardware issues, and user onboarding/offboarding. Liaise with third-party vendors and escalate incidents to manufacturers or cloud providers as required. Project Support Contribute a minimum of 2 hours per month to support WRAP's digital projects (e.g., migrations, software rollouts, endpoint configuration). Allow unused support hours to roll over for future use to enable flexibility in project delivery. Knowledge Management Maintain and update WRAP's internal knowledge base to reflect new system configurations, known issues, and support resolutions. Ensure regular documentation updates within Freshservice, enabling WRAP's internal team to access up-to-date self-help and procedural guides. Compliance & Cybersecurity Ensure all services comply with relevant data protection laws and certifications, including GDPR, Cyber Essentials, and ISO 27001. Implement and maintain baseline cybersecurity hygiene (e.g., patching, MFA enforcement, basic security hardening). Review & Collaboration Attend monthly service review meetings to report performance against SLAs, review incidents, and discuss ongoing improvements. Participate in quarterly strategic reviews to align services with WRAP's IT roadmap and business goals. Identifying industry trends and insights to help WRAP stay current. Working Hours Provide core services during UK business hours (08:00 - 17:00 GMT/BST, Monday to Friday), with capacity for out-of-hours escalation in urgent situations if needed.

Renewal: Optional 1 year extension, if deemed necessary.

Security Operations Centre (SOC) / SIEM Provider

The objective of this package is to secure WRAP's IT environment by delivering robust, around-the-clock cybersecurity monitoring, rapid incident response, and advanced threat intelligence services. The selected provider will strengthen WRAP's security posture and support regulatory compliance. Services required are as follows: 24/7 Security Monitoring Provide continuous monitoring through a mature SIEM solution, capturing logs from cloud and on-prem environments. Detect known and unknown threats using automated correlation engines and behaviour analytics. Alert WRAP to critical incidents, providing actionable context and remediation suggestions. Incident Response & Remediation Provide hands-on containment, investigation, and remediation support for security incidents. Respond in accordance with defined SLAs (e.g., critical threat response within 15 minutes). Hold NCSC-assured service provider status or equivalent (e.g., CREST, CIR Level 2+ certification). Threat Intelligence & Hunting Conduct proactive threat hunting activities based on emerging indicators of compromise (IOCs) and known tactics, techniques, and procedures (TTPs). Ingest and apply global threat intelligence feeds, adapting detection rules accordingly. Compliance & Regulatory Support Ensure ongoing compliance with ISO 27001, Cyber Essentials Plus, and other UK regulatory standards. Enable auditable log retention, forensic readiness, and transparent record-keeping. Integration with WRAP's Security Stack Seamlessly integrate with Microsoft 365 Defender, Azure Security Centre, EDR/XDR tools, and WRAP's firewalls and network infrastructure. Provide visibility across multi-cloud and hybrid environments, including integration with third-party security tools. Custom Detection Rules Build and maintain custom detection rules and workflows tailored to WRAP's use cases and risk profile. Collaborate with WRAP's internal teams to ensure detections reflect evolving business and technical contexts. Global Incident Coordination Provide "follow-the-sun" support, ensuring continuous coverage and coordination with WRAP's global operations (if applicable). Leverage regional SOC teams to respond to threats in real-time regardless of time zone. Real-Time Reporting Offer live dashboards and periodic reporting (e.g., weekly/monthly) on incidents, threat trends, vulnerabilities, and system health. Include executive-level summaries and technical deep-dives where appropriate. Collaboration Work closely with WRAP's internal cybersecurity and IT teams. Participate in incident response tabletop exercises, scenario planning, and quarterly joint reviews. Required Capabilities (applicable to both packages) are as follows: Demonstrated experience supporting public or non-profit organisations, preferably within the UK or global NGO sector. Evidence of supporting hybrid environments, particularly Azure and Microsoft 365 (or equivalent). Flexible, transparent pricing models that suit WRAP's operating needs and enable scaling of services. Data handling practices compliant with UK GDPR, Data Protection Act 2018, and relevant international data laws (or equivalent).

Renewal: Optional 1 year extension, if necessary.

Notice Details

Publication & Lifecycle

Open Contracting ID
ocds-h6vhtk-0506cc
Publication Source
Find A Tender Service
Latest Notice
https://www.find-tender.service.gov.uk/Notice/016706-2025
Current Stage
Tender
All Stages
Tender

Procurement Classification

Notice Type
UK4 - Tender Notice
Procurement Type
Standard
Procurement Category
Services
Procurement Method
Open
Procurement Method Details
Below threshold - open competition
Tender Suitability
SME, VCSE
Awardee Scale
Not specified

Common Procurement Vocabulary (CPV)

CPV Divisions

72 - IT services: consulting, software development, Internet and support

CPV Codes

72000000 - IT services: consulting, software development, Internet and support

Notice Value(s)

Tender Value
£180,000 £100K-£500K
Lots Value
£180,000 £100K-£500K
Awards Value
Not specified
Contracts Value
Not specified

Notice Dates

Publication Date
24 Apr 202510 months ago
Submission Deadline
20 May 2025Expired
Future Notice Date
Not specified
Award Date
Not specified
Contract Period
9 Jun 2025 - 8 Jun 2027 1-2 years
Recurrence
Not specified

Notice Status

Tender Status
Active
Lots Status
Active
Awards Status
Not Specified
Contracts Status
Not Specified

Buyer & Supplier

Contracting Authority (Buyer)

Main Buyer
WASTE & RESOURCES ACTION PROGRAMME
Contact Name
Procurement Lead
Contact Email
procurement@wrap.org.uk
Contact Phone
01295 584100

Buyer Location

Locality
BANBURY
Postcode
OX16 5BH
Post Town
Oxford
Country
England
Major Region (ITL 1)
TLJ South East (England)
Basic Region (ITL 2)
TLJ1 Berkshire, Buckinghamshire and Oxfordshire
Small Region (ITL 3)
TLJ14 Oxfordshire CC
Delivery Location
Not specified
Local Authority
Cherwell
Electoral Ward
Banbury Cross and Neithrop
Westminster Constituency
Banbury

Further Information

Open Contracting Data Standard (OCDS)

View full OCDS Record for this contracting process

Download

The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts. 

{
    "tag": [
        "compiled"
    ],
    "id": "ocds-h6vhtk-0506cc-2025-04-24T10:52:04+01:00",
    "date": "2025-04-24T10:52:04+01:00",
    "ocid": "ocds-h6vhtk-0506cc",
    "initiationType": "tender",
    "parties": [
        {
            "id": "GB-PPON-PCTJ-5948-ZJZV",
            "name": "Waste & Resources Action Programme",
            "identifier": {
                "scheme": "GB-PPON",
                "id": "PCTJ-5948-ZJZV"
            },
            "address": {
                "streetAddress": "Second Floor, Blenheim Court, 19 George Street",
                "locality": "Banbury",
                "postalCode": "OX16 5BH",
                "country": "GB",
                "countryName": "United Kingdom",
                "region": "UKJ14"
            },
            "contactPoint": {
                "name": "Procurement Lead",
                "email": "procurement@wrap.org.uk",
                "telephone": "01295 584100"
            },
            "roles": [
                "buyer"
            ],
            "details": {
                "classifications": [
                    {
                        "scheme": "UK_CA_TYPE",
                        "id": "publicAuthoritySubCentralGovernment",
                        "description": "Public authority - sub-central government"
                    }
                ]
            }
        }
    ],
    "buyer": {
        "id": "GB-PPON-PCTJ-5948-ZJZV",
        "name": "Waste & Resources Action Programme"
    },
    "tender": {
        "id": "ocds-h6vhtk-0506cc",
        "legalBasis": {
            "id": "2023/54",
            "scheme": "UKPGA",
            "uri": "https://www.legislation.gov.uk/ukpga/2023/54/contents"
        },
        "title": "Managed Service Provider (MSP) & Security Operations Centre (SOC) / SEIM Provider",
        "description": "WRAP is seeking to procure support across two (2) distinct service packages: *Service Package 1: Managed Service Provider (MSP) *Service Package 2: Security Operations Centre (SOC) / SIEM Provider Bidders may submit a proposal for one or both packages. WRAP may award a single contract covering both service areas or award separate contracts for each service package, depending on the quality and value for money of the responses. Service Package 1: Managed Service Provider (MSP) The primary objective of this package is to supplement WRAP's internal IT function with a scalable, flexible and proactive Managed IT Services Partner. The MSP will enhance WRAP's operational resilience, ensure efficient ticket management, maintain high system performance and align IT service delivery with WRAP's evolving organisational needs and cybersecurity posture. Service Package 1: Security Operations Centre (SOC) / SIEM Provider The objective of this package is to secure WRAP's IT environment by delivering robust, around-the-clock cybersecurity monitoring, rapid incident response, and advanced threat intelligence services. The selected provider will strengthen WRAP's security posture and support regulatory compliance. To submit a Bid, register for free on: https://www.delta-esourcing.com/ Access Code (to find the opportunity): XU66K63TY7 For more information about this opportunity, please visit the Delta eSourcing portal at: https://www.delta-esourcing.com/tenders/UK-UK-Banbury:-IT-services:-consulting%2C-software-development%2C-Internet-and-support./XU66K63TY7 To respond to this opportunity, please click here: https://www.delta-esourcing.com/respond/XU66K63TY7",
        "status": "active",
        "items": [
            {
                "id": "Package 1",
                "additionalClassifications": [
                    {
                        "scheme": "CPV",
                        "id": "72000000",
                        "description": "IT services: consulting, software development, Internet and support"
                    }
                ],
                "deliveryAddresses": [
                    {
                        "region": "UK",
                        "country": "GB",
                        "countryName": "United Kingdom"
                    }
                ],
                "relatedLot": "Package 1"
            },
            {
                "id": "Package 2",
                "additionalClassifications": [
                    {
                        "scheme": "CPV",
                        "id": "72000000",
                        "description": "IT services: consulting, software development, Internet and support"
                    }
                ],
                "deliveryAddresses": [
                    {
                        "region": "UK",
                        "country": "GB",
                        "countryName": "United Kingdom"
                    }
                ],
                "relatedLot": "Package 2"
            }
        ],
        "value": {
            "amountGross": 180000,
            "amount": 180000,
            "currency": "GBP"
        },
        "procurementMethod": "open",
        "procurementMethodDetails": "Below threshold - open competition",
        "mainProcurementCategory": "services",
        "aboveThreshold": false,
        "submissionMethodDetails": "https://www.delta-esourcing.com/",
        "submissionTerms": {
            "electronicSubmissionPolicy": "allowed"
        },
        "tenderPeriod": {
            "endDate": "2025-05-20T23:45:00Z"
        },
        "enquiryPeriod": {
            "endDate": "2025-05-20T23:45:00Z"
        },
        "lots": [
            {
                "id": "Package 1",
                "title": "Managed Service Provider (MSP)",
                "description": "The primary objective of this package is to supplement WRAP's internal IT function with a scalable, flexible and proactive Managed IT Services Partner. The MSP will enhance WRAP's operational resilience, ensure efficient ticket management, maintain high system performance and align IT service delivery with WRAP's evolving organisational needs and cybersecurity posture. Services required are as follows: Server Monitoring & Reporting Provide 24/7 real-time monitoring of WRAP's Azure-based virtual servers. Detect and report on performance degradation, downtime, system anomalies, and security issues. Deliver automated and manual alerts for potential threats or service failures. Generate monthly reports covering server health, uptime, patching status, capacity utilisation, and threat logs. IT Support Escalation, Overflow and Flexible Support Provide Tier 2 and Tier 3 support, acting as an escalation point for complex IT incidents. Respond to overflow tickets exceeding internal team capacity (i.e., 20+ tickets/month). Ensure tight integration with WRAP's ITSM system (Freshservice) for ticket visibility and lifecycle updates. Be able to scale up support provision within 24 hours, as needed for peak periods or critical events. Ability to attend WRAP Offices for to supplement on-site IT presence. Full Helpdesk Coverage Provide full-service first line and second-line helpdesk support when WRAP's internal team is unavailable (e.g., holidays, absences). Deliver end-user support (remote or on-site if necessary), including troubleshooting, password resets, software/hardware issues, and user onboarding/offboarding. Liaise with third-party vendors and escalate incidents to manufacturers or cloud providers as required. Project Support Contribute a minimum of 2 hours per month to support WRAP's digital projects (e.g., migrations, software rollouts, endpoint configuration). Allow unused support hours to roll over for future use to enable flexibility in project delivery. Knowledge Management Maintain and update WRAP's internal knowledge base to reflect new system configurations, known issues, and support resolutions. Ensure regular documentation updates within Freshservice, enabling WRAP's internal team to access up-to-date self-help and procedural guides. Compliance & Cybersecurity Ensure all services comply with relevant data protection laws and certifications, including GDPR, Cyber Essentials, and ISO 27001. Implement and maintain baseline cybersecurity hygiene (e.g., patching, MFA enforcement, basic security hardening). Review & Collaboration Attend monthly service review meetings to report performance against SLAs, review incidents, and discuss ongoing improvements. Participate in quarterly strategic reviews to align services with WRAP's IT roadmap and business goals. Identifying industry trends and insights to help WRAP stay current. Working Hours Provide core services during UK business hours (08:00 - 17:00 GMT/BST, Monday to Friday), with capacity for out-of-hours escalation in urgent situations if needed.",
                "status": "active",
                "value": {
                    "amountGross": 120000,
                    "currency": "GBP"
                },
                "awardCriteria": {
                    "criteria": [
                        {
                            "type": "price",
                            "name": "Price",
                            "description": "Long criteria description",
                            "numbers": [
                                {
                                    "number": 35,
                                    "weight": "percentageExact"
                                }
                            ]
                        },
                        {
                            "type": "quality",
                            "name": "Quality",
                            "description": "Long criteria description",
                            "numbers": [
                                {
                                    "number": 65,
                                    "weight": "percentageExact"
                                }
                            ]
                        }
                    ]
                },
                "suitability": {
                    "sme": true,
                    "vcse": true
                },
                "contractPeriod": {
                    "startDate": "2025-06-09T00:00:00Z",
                    "endDate": "2027-06-08T23:59:59Z",
                    "maxExtentDate": "2028-06-08T23:59:59Z"
                },
                "hasRenewal": true,
                "renewal": {
                    "description": "Optional 1 year extension, if deemed necessary."
                }
            },
            {
                "id": "Package 2",
                "title": "Security Operations Centre (SOC) / SIEM Provider",
                "description": "The objective of this package is to secure WRAP's IT environment by delivering robust, around-the-clock cybersecurity monitoring, rapid incident response, and advanced threat intelligence services. The selected provider will strengthen WRAP's security posture and support regulatory compliance. Services required are as follows: 24/7 Security Monitoring Provide continuous monitoring through a mature SIEM solution, capturing logs from cloud and on-prem environments. Detect known and unknown threats using automated correlation engines and behaviour analytics. Alert WRAP to critical incidents, providing actionable context and remediation suggestions. Incident Response & Remediation Provide hands-on containment, investigation, and remediation support for security incidents. Respond in accordance with defined SLAs (e.g., critical threat response within 15 minutes). Hold NCSC-assured service provider status or equivalent (e.g., CREST, CIR Level 2+ certification). Threat Intelligence & Hunting Conduct proactive threat hunting activities based on emerging indicators of compromise (IOCs) and known tactics, techniques, and procedures (TTPs). Ingest and apply global threat intelligence feeds, adapting detection rules accordingly. Compliance & Regulatory Support Ensure ongoing compliance with ISO 27001, Cyber Essentials Plus, and other UK regulatory standards. Enable auditable log retention, forensic readiness, and transparent record-keeping. Integration with WRAP's Security Stack Seamlessly integrate with Microsoft 365 Defender, Azure Security Centre, EDR/XDR tools, and WRAP's firewalls and network infrastructure. Provide visibility across multi-cloud and hybrid environments, including integration with third-party security tools. Custom Detection Rules Build and maintain custom detection rules and workflows tailored to WRAP's use cases and risk profile. Collaborate with WRAP's internal teams to ensure detections reflect evolving business and technical contexts. Global Incident Coordination Provide \"follow-the-sun\" support, ensuring continuous coverage and coordination with WRAP's global operations (if applicable). Leverage regional SOC teams to respond to threats in real-time regardless of time zone. Real-Time Reporting Offer live dashboards and periodic reporting (e.g., weekly/monthly) on incidents, threat trends, vulnerabilities, and system health. Include executive-level summaries and technical deep-dives where appropriate. Collaboration Work closely with WRAP's internal cybersecurity and IT teams. Participate in incident response tabletop exercises, scenario planning, and quarterly joint reviews. Required Capabilities (applicable to both packages) are as follows: Demonstrated experience supporting public or non-profit organisations, preferably within the UK or global NGO sector. Evidence of supporting hybrid environments, particularly Azure and Microsoft 365 (or equivalent). Flexible, transparent pricing models that suit WRAP's operating needs and enable scaling of services. Data handling practices compliant with UK GDPR, Data Protection Act 2018, and relevant international data laws (or equivalent).",
                "status": "active",
                "value": {
                    "amountGross": 60000,
                    "currency": "GBP"
                },
                "awardCriteria": {
                    "criteria": [
                        {
                            "type": "price",
                            "name": "Price",
                            "description": "Long criteria description",
                            "numbers": [
                                {
                                    "number": 35,
                                    "weight": "percentageExact"
                                }
                            ]
                        },
                        {
                            "type": "quality",
                            "name": "Quality",
                            "description": "Long criteria description",
                            "numbers": [
                                {
                                    "number": 65,
                                    "weight": "percentageExact"
                                }
                            ]
                        }
                    ]
                },
                "suitability": {
                    "sme": true,
                    "vcse": true
                },
                "contractPeriod": {
                    "startDate": "2025-06-09T00:00:00Z",
                    "endDate": "2027-06-08T23:59:59Z",
                    "maxExtentDate": "2028-06-08T23:59:59Z"
                },
                "hasRenewal": true,
                "renewal": {
                    "description": "Optional 1 year extension, if necessary."
                }
            }
        ],
        "documents": [
            {
                "id": "A-943641447",
                "documentType": "biddingDocuments",
                "description": "Invitation to Tender (ITT)",
                "url": "https://www.find-tender.service.gov.uk/Notice/Attachment/A-943641447"
            },
            {
                "id": "A-943641467",
                "documentType": "biddingDocuments",
                "description": "Conditions of Contract",
                "url": "https://www.find-tender.service.gov.uk/Notice/Attachment/A-943641467"
            },
            {
                "id": "A-943641765",
                "documentType": "biddingDocuments",
                "description": "Quotation & Rates Schedule (Excel Format)",
                "url": "https://www.find-tender.service.gov.uk/Notice/Attachment/A-943641765"
            },
            {
                "id": "016706-2025",
                "documentType": "tenderNotice",
                "noticeType": "UK4",
                "description": "Tender notice on Find a Tender",
                "url": "https://www.find-tender.service.gov.uk/Notice/016706-2025",
                "datePublished": "2025-04-24T10:52:04+01:00",
                "format": "text/html"
            }
        ]
    },
    "language": "en"
}