Planning

Security Operations- Out of Hours Service

LONDON & QUADRANT HOUSING TRUST

This public procurement record has 1 release in its history.

Planning

20 Feb 2026 at 14:41

UK3 - Planned Procurement Notice
Summary of the contracting process

The London & Quadrant Housing Trust is planning a procurement process for security operations services, focusing on out-of-hours coverage as an extension of their internal Security Operations Centre (SOC). This tender, titled "Security Operations- Out of Hours Service," belongs to the information technology services category and will be conducted under an open procedure. The procurement stage currently is planning, with key dates including a tender period ending on 26 April 2026 and an award period finishing on 22 May 2026. Interested businesses should note that the services will operate during nights, weekends, and bank holidays throughout the UK. The contract is expected to start on 4 July 2026 and end on 4 July 2029.

This procurement presents significant growth opportunities for businesses specialising in IT security services, particularly those experienced in providing SOC services to organisations of similar scale. Companies must demonstrate proficiency in tools such as Microsoft Sentinel and Defender, alongside compliance with GDPR standards if headquartered outside the UK or EU. With an emphasis on continuous monitoring and incident response during off-peak hours, businesses with a robust technology infrastructure and adept security personnel will find this tender well-suited to their capabilities. Additionally, the requirement for monthly reporting and scheduled collaboration ensures an ongoing partnership, fostering potential for sustained business growth. This is an excellent opportunity for businesses to expand their service offerings in cybersecurity and partner with a substantial UK housing trust.

Find more tenders on our Open Data Platform.
How relevant is this notice?

D3 Tenders Premium

Win More Public Sector Contracts

AI-powered tender discovery, pipeline management, and market intelligence — everything you need to grow your public sector business.

Start Free Trial Book a Demo
All Features Pricing

Notice Information

Notice Title

Security Operations- Out of Hours Service

Notice Description

1. Summary of Requirements L&Q intends to procure a hybrid Out-of-Hours Security Operations Centre service to operate as an extension of the internal L&Q SOC. The service will provide protective monitoring, triage, and incident response outside of core operating hours. The OOH SOC partner will be responsible for: Continuous monitoring, triage, and incident escalation during defined out-of-hours periods. Supporting L&Q's internal SOC with investigations, analysis, and agreed incident response actions. Operating in alignment with L&Q playbooks, processes, and security tooling (including Microsoft Sentinel, Microsoft Defender XDR, and others). Providing structured shift handovers, monthly reporting, and ongoing collaboration with L&Q SOC staff. This work is critical for maintaining security oversight during nights, weekends, and bank holidays, reducing the risk of compromise during periods where internal analysts are unavailable. 2. High-Level Scope of Services The procurement will cover the following high-level areas extracted from the previous specification: Service Operating Hours Mon-Fri: 17:00-09:00 Weekends & Bank Holidays: 24/7 coverage Service Performance Expectations Availability: 99.5% across operating hours Incident Acknowledgement & Escalation Times: High: 15 minutes to start incident triage, 75 minutes or end of shift to escalate Medium: 2 hours to start incident triage, 4 hours or end of shift to escalate Low: 5 hours to start incident triage, 8 hours or end of shift to escalate Key Functions Triage of all alarms generated within Microsoft Sentinel/Microsoft Defender XDR. Use of L&Q-provided tooling (Sentinel, Defender family, Azure, email analysis tools). Remote host investigations as required. Triage of reported suspicious/malicious emails. Blocking of malicious IPs on host and/or network (as per playbook direction). Ad-hoc investigatory support to defined timescales. Incident Response support for security incidents that are detected or reported through channels outside of the SIEM. Detection engineering support in collaboration with the L&Q Group SOC, enhancing existing detections and developing new analytics and rule logic as needed Reporting & Governance Monthly service performance reporting. Written handovers at shift boundaries. Quarterly account management meetings. Documented change-control processes aligned with L&Q practice. Security & Compliance Requirements Supplier must be headquartered in the UK or EU, or otherwise demonstrate GDPR-compliant operating arrangements. Analysts must be proficient in Microsoft Sentinel, KQL, Defender product suite. Proven experience delivering SOC services for organisations of similar scale (4,000-5,000 staff).

Notice Details

Publication & Lifecycle

Open Contracting ID
ocds-h6vhtk-06596a
Publication Source
Find A Tender Service
Latest Notice
https://www.find-tender.service.gov.uk/Notice/015742-2026
Current Stage
Planning
All Stages
Planning

Procurement Classification

Notice Type
UK3 - Planned Procurement Notice
Procurement Type
Standard
Procurement Category
Services
Procurement Method
Open
Procurement Method Details
Open procedure
Tender Suitability
Not specified
Awardee Scale
Not specified

Common Procurement Vocabulary (CPV)

CPV Divisions

72 - IT services: consulting, software development, Internet and support

CPV Codes

72222300 - Information technology services

Notice Value(s)

Tender Value
Not specified
Lots Value
Not specified
Awards Value
Not specified
Contracts Value
Not specified

Notice Dates

Publication Date
20 Feb 20262 days ago
Submission Deadline
26 Apr 20263 months to go
Future Notice Date
1 Apr 20262 months to go
Award Date
Not specified
Contract Period
3 Jul 2026 - 4 Jul 2029 3-4 years
Recurrence
Not specified

Notice Status

Tender Status
Planned
Lots Status
Planned
Awards Status
Not Specified
Contracts Status
Not Specified

Buyer & Supplier

Contracting Authority (Buyer)

Main Buyer
LONDON & QUADRANT HOUSING TRUST
Contact Name
Not specified
Contact Email
jaketurner@lqgroup.org.uk
Contact Phone
Not specified

Buyer Location

Locality
LONDON
Postcode
E15 4PN
Post Town
East London
Country
England
Major Region (ITL 1)
TLI London
Basic Region (ITL 2)
TLI4 Inner London - East
Small Region (ITL 3)
TLI41 Hackney and Newham
Delivery Location
Not specified
Local Authority
Newham
Electoral Ward
Stratford
Westminster Constituency
Stratford and Bow

Further Information

Notice Documents

Open Contracting Data Standard (OCDS)

View full OCDS Record for this contracting process

Download

The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts. 

{
    "tag": [
        "compiled"
    ],
    "id": "ocds-h6vhtk-06596a-2026-02-20T14:41:52Z",
    "date": "2026-02-20T14:41:52Z",
    "ocid": "ocds-h6vhtk-06596a",
    "initiationType": "tender",
    "planning": {
        "documents": [
            {
                "id": "015742-2026",
                "documentType": "plannedProcurementNotice",
                "noticeType": "UK3",
                "description": "Planned procurement notice on Find a Tender",
                "url": "https://www.find-tender.service.gov.uk/Notice/015742-2026",
                "datePublished": "2026-02-20T14:41:52Z",
                "format": "text/html"
            }
        ]
    },
    "parties": [
        {
            "id": "GB-COH-IP030441",
            "name": "LONDON & QUADRANT HOUSING TRUST",
            "identifier": {
                "scheme": "GB-COH",
                "id": "IP030441"
            },
            "additionalIdentifiers": [
                {
                    "scheme": "GB-PPON",
                    "id": "PJQV-6311-TQXL"
                }
            ],
            "address": {
                "streetAddress": "29-35 West Ham Lane",
                "locality": "London",
                "postalCode": "E15 4PN",
                "country": "GB",
                "countryName": "United Kingdom",
                "region": "UKI41"
            },
            "contactPoint": {
                "email": "jaketurner@lqgroup.org.uk"
            },
            "roles": [
                "buyer"
            ],
            "details": {
                "classifications": [
                    {
                        "id": "publicAuthoritySubCentralGovernment",
                        "scheme": "UK_CA_TYPE",
                        "description": "Public authority - sub-central government"
                    }
                ]
            }
        }
    ],
    "buyer": {
        "id": "GB-COH-IP030441",
        "name": "LONDON & QUADRANT HOUSING TRUST"
    },
    "tender": {
        "id": "ocds-h6vhtk-06596a",
        "legalBasis": {
            "id": "2023/54",
            "scheme": "UKPGA",
            "uri": "https://www.legislation.gov.uk/ukpga/2023/54/contents"
        },
        "title": "Security Operations- Out of Hours Service",
        "description": "1. Summary of Requirements L&Q intends to procure a hybrid Out-of-Hours Security Operations Centre service to operate as an extension of the internal L&Q SOC. The service will provide protective monitoring, triage, and incident response outside of core operating hours. The OOH SOC partner will be responsible for: Continuous monitoring, triage, and incident escalation during defined out-of-hours periods. Supporting L&Q's internal SOC with investigations, analysis, and agreed incident response actions. Operating in alignment with L&Q playbooks, processes, and security tooling (including Microsoft Sentinel, Microsoft Defender XDR, and others). Providing structured shift handovers, monthly reporting, and ongoing collaboration with L&Q SOC staff. This work is critical for maintaining security oversight during nights, weekends, and bank holidays, reducing the risk of compromise during periods where internal analysts are unavailable. 2. High-Level Scope of Services The procurement will cover the following high-level areas extracted from the previous specification: Service Operating Hours Mon-Fri: 17:00-09:00 Weekends & Bank Holidays: 24/7 coverage Service Performance Expectations Availability: 99.5% across operating hours Incident Acknowledgement & Escalation Times: High: 15 minutes to start incident triage, 75 minutes or end of shift to escalate Medium: 2 hours to start incident triage, 4 hours or end of shift to escalate Low: 5 hours to start incident triage, 8 hours or end of shift to escalate Key Functions Triage of all alarms generated within Microsoft Sentinel/Microsoft Defender XDR. Use of L&Q-provided tooling (Sentinel, Defender family, Azure, email analysis tools). Remote host investigations as required. Triage of reported suspicious/malicious emails. Blocking of malicious IPs on host and/or network (as per playbook direction). Ad-hoc investigatory support to defined timescales. Incident Response support for security incidents that are detected or reported through channels outside of the SIEM. Detection engineering support in collaboration with the L&Q Group SOC, enhancing existing detections and developing new analytics and rule logic as needed Reporting & Governance Monthly service performance reporting. Written handovers at shift boundaries. Quarterly account management meetings. Documented change-control processes aligned with L&Q practice. Security & Compliance Requirements Supplier must be headquartered in the UK or EU, or otherwise demonstrate GDPR-compliant operating arrangements. Analysts must be proficient in Microsoft Sentinel, KQL, Defender product suite. Proven experience delivering SOC services for organisations of similar scale (4,000-5,000 staff).",
        "status": "planned",
        "items": [
            {
                "id": "1",
                "additionalClassifications": [
                    {
                        "scheme": "CPV",
                        "id": "72222300",
                        "description": "Information technology services"
                    }
                ],
                "deliveryAddresses": [
                    {
                        "region": "UK",
                        "country": "GB",
                        "countryName": "United Kingdom"
                    }
                ],
                "relatedLot": "1"
            }
        ],
        "procurementMethod": "open",
        "procurementMethodDetails": "Open procedure",
        "mainProcurementCategory": "services",
        "aboveThreshold": true,
        "submissionTerms": {
            "languages": [
                "en"
            ]
        },
        "tenderPeriod": {
            "endDate": "2026-04-26T23:59:59+01:00"
        },
        "awardPeriod": {
            "endDate": "2026-05-22T23:59:59+01:00"
        },
        "lots": [
            {
                "id": "1",
                "status": "planned",
                "contractPeriod": {
                    "startDate": "2026-07-04T00:00:00+01:00",
                    "endDate": "2029-07-04T23:59:59+01:00"
                }
            }
        ],
        "communication": {
            "futureNoticeDate": "2026-04-01T23:59:59+01:00"
        }
    },
    "language": "en"
}