Skip to main content

We've saved some files called cookies on your device. These cookies are:

  • essential for the site to work
  • to help improve our website by collecting and reporting information on how you use it

We would also like to save some cookies to help tailor communications.

BETA
You're viewing an updated version of this service - your feedback will help us to improve it.
Give Feedback
Cymraeg
Sign in

Contract Notice

Security Operations Centre (SOC)

  • First published: 04 April 2024
  • Last modified: 04 April 2024

The buyer is not using this website to administer the notice.

To record your interest or obtain additional information or documents please find instructions within the Full Notice Text. (NOTE: Contract Award Notices and Prior Information Notices do not normally require a response)

Contents

Summary

OCID:
ocds-h6vhtk-044f63
Published by:
National Physical Laboratory
Authority ID:
AA63049
Publication date:
04 April 2024
Deadline date:
03 May 2024
Notice type:
Contract Notice
Has documents:
No
Has SPD:
No
Has Carbon Reduction Plan:
N/A

Abstract

The National Physical Laboratory [NPL] requirement is to implement a 24x7 Security Operations Centre (SOC). It would enable NPL to gain 24x7 visibility over potential security threats in its environment and respond to them in a timely manner as per severity and agreed SLA.

Currently, NPL does not have out of hours capability to respond to security alerts/incidents which leaves it vulnerable to security threats coming in out of hours, which in turn can have a significant impact on the availability of NPL systems if we are hit by a determined cyber threat actor, especially at this time where UK government organisations are at a higher alert status.

NPL’s intention is to find a service provider that could supply several services which would fill the gap left from having a lack of resources (Senior Engineers and Architect), and who could function as part of an extended virtual team.

Services required for SOC will be focused on NPL’s M365 E5 licensing stack, including handling Defender EDR capabilities, SIEM service, threat hunting, compliance reporting, cloud security baselining, vulnerability assessments, phishing trends, dark web monitoring and technical security advisory.

The contract will initially be for a period of three years with the possibility of extending it by two further periods of one year each (3 + 1+ 1), following satisfactory performance of the supplier and at the sole discretion of NPL.

Full notice text

Contract notice

Section I: Contracting authority

I.1) Name and addresses

National Physical Laboratory

Hampton Road

Teddington

TW11 0LW

UK

Contact person: Nina Heath

E-mail: nina.heath@npl.co.uk

NUTS: UK

Internet address(es)

Main address: www.npl.co.uk

I.3) Communication

The procurement documents are available for unrestricted and full direct access, free of charge at:

https://lupc.bravosolution.co.uk/


Additional information can be obtained from the abovementioned address


Tenders or requests to participate must be sent electronically to:

https://lupc.bravosolution.co.uk/


Tenders or requests to participate must be sent to the abovementioned address


I.4) Type of the contracting authority

Body governed by public law

I.5) Main activity

Other: Research

Section II: Object

II.1) Scope of the procurement

II.1.1) Title

Security Operations Centre (SOC)

II.1.2) Main CPV code

72000000

 

II.1.3) Type of contract

Services

II.1.4) Short description

The National Physical Laboratory [NPL] requirement is to implement a 24x7 Security Operations Centre (SOC). It would enable NPL to gain 24x7 visibility over potential security threats in its environment and respond to them in a timely manner as per severity and agreed SLA.

Currently, NPL does not have out of hours capability to respond to security alerts/incidents which leaves it vulnerable to security threats coming in out of hours, which in turn can have a significant impact on the availability of NPL systems if we are hit by a determined cyber threat actor, especially at this time where UK government organisations are at a higher alert status.

NPL’s intention is to find a service provider that could supply several services which would fill the gap left from having a lack of resources (Senior Engineers and Architect), and who could function as part of an extended virtual team.

Services required for SOC will be focused on NPL’s M365 E5 licensing stack, including handling Defender EDR capabilities, SIEM service, threat hunting, compliance reporting, cloud security baselining, vulnerability assessments, phishing trends, dark web monitoring and technical security advisory.

The contract will initially be for a period of three years with the possibility of extending it by two further periods of one year each (3 + 1+ 1), following satisfactory performance of the supplier and at the sole discretion of NPL.

II.1.5) Estimated total value

Value excluding VAT: 375 000.00  GBP

II.1.6) Information about lots

This contract is divided into lots: No

II.2) Description

II.2.3) Place of performance

NUTS code:

UK


Main site or place of performance:

Teddington, UK

II.2.4) Description of the procurement

Security Operations Centre (SOC)

II.2.5) Award criteria

Price is not the only award criterion and all criteria are stated only in the procurement documents

II.2.6) Estimated value

Value excluding VAT: 375 000.00  GBP

II.2.7) Duration of the contract, framework agreement or dynamic purchasing system

End: 30/06/2027

This contract is subject to renewal: Yes

Description of renewals:

The contract will initially be for a period of three years with the possibility of extending it by two further periods of one year each (3 + 1+ 1), following satisfactory performance of the supplier and at the sole discretion of NPL.

II.2.9) Information about the limits on the number of candidates to be invited

II.2.10) Information about variants

Variants will be accepted: No

II.2.11) Information about options

Options: No

II.2.13) Information about European Union funds

The procurement is related to a project and/or programme financed by European Union funds: No

Section IV: Procedure

IV.1) Description

IV.1.1) Type of procedure

Open procedure

IV.1.8) Information about Government Procurement Agreement (GPA)

The procurement is covered by the Government Procurement Agreement: Yes

IV.2) Administrative information

IV.2.2) Time limit for receipt of tenders or requests to participate

Date: 03/05/2024

Local time: 17:00

IV.2.4) Languages in which tenders or requests to participate may be submitted

EN

IV.2.7) Conditions for opening of tenders

Date: 07/05/2024

Local time: 09:00

Section VI: Complementary information

VI.1) Information about recurrence

This is a recurrent procurement: No

VI.4) Procedures for review

VI.4.1) Review body

NPL Management

Teddington

UK

VI.5) Date of dispatch of this notice

03/04/2024

Coding

Commodity categories

ID Title Parent category
72000000 IT services: consulting, software development, Internet and support Computer and Related Services

Delivery locations

ID Description
100 UK - All

Alert region restrictions

The buyer has restricted the alert for this notice to suppliers based in the following regions.

ID Description
There are no alert restrictions for this notice.

About the buyer

Main contact:
nina.heath@npl.co.uk
Admin contact:
N/a
Technical contact:
N/a
Other contact:
N/a

Further information

Date Details
No further information has been uploaded.
Follow Sell2Wales
Email icon
Sell2Wales Helpline
0800 222 9004

Lines are open 8:30am to 5pm Monday to Friday.

Rydym yn croesawu galwadau'n Gymraeg.

We welcome calls in Welsh.

Give feedback about this page
All content is available under the Open Government License, except where otherwise stated.