Downloads

Request for Expressions of Interest Consulting Services for The Recruitment of Individual Consultants

Ministry of Communications
 
REQUEST FOR EXPRESSIONS OF INTEREST
CONSULTING SERVICES FOR THE RECRUITMENT OF INDIVIDUAL CONSUTANTS
 
COUNTRY: Republic of Ghana
Name of Project: eTransform Ghana Project (P144140)
IDA CREDIT N.: IDA 5304-GH
 
ASSIGNMENT TITLE: RECRUITMENT OF 3 CYBER SECURITY EXPERTS - eTP/COMP/1.3.1a-c
 
The Government of Ghana has secured funding from the World Bank for the implementation of the e-Transform project.
In furtherance of this, the Ministry will apply part of the funding to capacity building by hiring consultants to assist the development of the National Cyber Security Centre (NCSC).
 
The interventions under eTransform are expected to lead to: more efficient and transparent targeting and use of limited public resources; improved delivery of public and private sector services, especially in rural and underserved areas; trust in payment systems, and enhanced confidence in electronic business and financial transactions.
The Government of Ghana embarked on an e-government program in 2006 focused on automating all government services. The program has created several information systems that require protection from cybercriminals. From 2016, the government of Ghana has expanded the e-government initiative agenda towards an aggressive digitalization agenda to formalize all sectors of the economy. The Government’s digitalization agenda has led to the Ghana Digital Property Addressing System, the National Identification System (NIS), the Paperless Port System and Mobile Money Financial Interoperability System, among others.
 
Under the theme “Securing Ghana’s Digital Journey”, the Government of Ghana's cyber security agenda is focused on improving cyber security in Ghana by ensure that protection of critical information infrastructure and e-government digital service platforms is institutionalized.
 
Consequently, the Ministry of Communications has set up the National Cyber Security Centre (NCSC) to coordinate cyber security response in government and with the private sector. The NCSC will serve as a central location where a diverse set of partners involved in cybersecurity and communications protection coordinate and synchronize their efforts. 
 
The consulting services (“the Services”) include the hiring of the following positions:
Cyber Security Specialist
Critical National Information Infrastructure Project (CNIIP) Security Analyst
Incident Management Security Analyst
 
1. CYBER SECURITY SPECIALIST
Reference No. for Cyber Security Specialist - eTP/Comp/1.3.1a
 
This candidate will be responsible for implement the national cyber security strategy and platforms, tools, and services that strengthen resilience at every level of the technology stack and proactively manage risk across the product lifecycle. The successful candidate will support implementation and operations for these capabilities as well as support continuous improvement initiatives aligned to cyber security maturity strategy.
The suitable candidate will work in a capacity as a Cyber Security Specialist to support a cross-functional set of activities and programmes related to cyber security within the National Cyber Security Centre (NCSC).
 
The Cyber Security Specialist will be responsible for supporting governance and security efforts in collaboration with the NCSC team and key stakeholders across the cyber security ecosystem in Ghana.
 
QUALIFICATION AND EXPERIENCES
 
A Educational Background
Master’s or higher degree in Computer Science, Mathematics, Statistics, Cyber Security, or related field from a reputable university.
 
B Experience
A minimum of ten (10) years post-qualification relevant work experience, five (5) years of which must be in a Senior Management position in a reputable institution.
Very Good experience on IT Security Management and technical environment
A very Good knowledge in Cyber security frameworks and standards.
A very good experience in computer security incident handling
Solid understanding of current global trends in Cyber security.
Experience working in or partnering with the private sector and ICT industry.
Experience implementing security and compliance best-practice processes and procedures
 
C Minimum Qualifications 
Relevant Information/Cyber Security Professional Certifications (ex. CISSP, GIAC, MCSE, CEH, CHFI, CISA, CISM, CRISC, etc.
Must have a vast knowledge of information systems security within an organization.
Relevant knowledge in technical and legal aspects of cyber security and data protection required.
Should have knowledge of Critical Information Infrastructure systems and related security issues.
Should have experience in managing a SOC and analytics methodologies, and platforms.
Ability to work unsupervised and in taking responsibility for own actions.
Work precisely according to procedures, rules, and regulations.
A proven track record and professional integrity, confidentiality and ethics in the domain of cyber security a requirement. 
Proactively recognize recurring issues and analyze their causes to reach a solution.
Consistently deliver positive results, following tasks through from start to finish.
Prior experience in working in public sector cyber security development.
Excellent verbal and written communication skills.
Excellent report writing skills.
 
 
2. CNIIP SECURITY ANALYST
Reference No. for CNIIP Security Analyst - eTP/Comp/1.3.1b
 
This position is responsible for setting up the cyber risk management efforts and security measures for the CNII sectors, along with Government Digitalization Initiatives (GDIs) and engaging with the CNII and GDI stakeholders on cyber security measures for these critical sectors.  The successful candidate is expected to build risk awareness culture in the CNII sectors and along their supply chains in order to proactively manage risk across the CNIIs. The successful candidate also will lead implementation and operations for these capabilities as well as support continuous improvement initiatives aligned to cyber security maturity strategy at the CNIIP unit of the NCSC.
The suitable candidate will work in a capacity as the Critical National Information Infrastructure Security Analyst to manage a cross-functional set of activities related to Critical National Information Infrastructure Protection (CNIIP) at the National Cyber Security Centre (NCSC).
 
This candidate will help identify and operationalize risk management initiatives and standards that need to be applied to the operating environment among others.
 
QUALIFICATION AND EXPERIENCES
 
A Educational Background
The candidate should hold a master’s degree in Computer Science/ IT, Information/Cyber Security, Engineering/Physics/Telecommunications or any relevant area or a degree in in the above or related discipline with at least 8 years of experience.
 
B Experience
A minimum of five years’ working experience in information/cyber security field (with master’s degree) and a minimum of 8 years’ experience in the information/cyber security field (candidates with a first degree ONLY) 
Knowledge, background and experience in Industrial Control Systems (ICS/SCADA Systems highly recommended.
Strong technical skills / knowledge in the area of vulnerability risk assessment, technical vulnerability assessment and penetration testing, SIEMs and incident management.
Risk management and incident response covering CNIIs required.
Knowledge of cyber security risks, threats and vulnerabilities.
A proven track record and professional integrity, confidentiality and ethics in the domain of cyber security a requirement. 
 
Experience in implementing risk management and security protocols for CNII sectors recommended. 
Working experience in a security operating center (SOC) is desired.
 
C.  Additional Qualification and Skillsets Required:
Professional certification in any related field such as CISA / ECIH/ CISM/ CHFI/CISSP /GCIA / GCFA / CEH is desired.
Administrative skills e.g. report writing skills.
Research, presentation, analytical and proposal writing skills.
Ability to solve complex problems and lead small teams. 
Monitoring and evaluation skills.
 
 
3. INCIDENT MANAGEMENT SECURITY ANALYST
Reference No. for Incident Management Security Analyst - eTP/Comp/1.3.1c
 
The Incident Management Security Analyst (IMSA) will be responsible for coordinating and supporting incident management across the CERT Ecosystem in Ghana that is within the National CERT and across the Sector CERTs. This position will help identify and implement appropriate analytical and reporting methodologies as part of analytics platforms of the Security Operation Center (SOC) of the NCSC among others.
The suitable candidate to work in the capacity as the Cyber Security Incident Management Security Analyst to manage a cross-functional set of activities related to incident management and management at the National CERT of the National Cyber Security Centre (NCSC).
 
QUALIFICATION AND EXPERIENCES
 
A Educational Background
The candidate should hold a master’s degree in Computer Science/ IT, Information/Cyber Security, Engineering/Physics/Telecommunications or any relevant area or a degree in in the above or related discipline with at least 5 years of experience.
 
B Experience
A minimum of five years’ working experience in information/cyber security field (with master’s degree) and a minimum of 8 years’ experience (with a first degree) 
Strong network background and knowledge of cyber security and incident handling tools
Strong technical skills / knowledge in the area of vulnerability risk assessment, technical vulnerability assessment and penetration testing, SIEMs and incident management.
Broad knowledge and experience in incident response and digital forensics
Knowledge of different operating systems including UNIX, Windows, etc. and relevant programming languages.
Knowledge of cyber security risks, threats and vulnerabilities.
A proven track record and professional integrity, confidentiality and ethics in the domain of cyber security a requirement. 
Experience implementing security and compliance best-practice processes and procedures
Working experience in a security operating center (SOC) is desired.
 
C. Additional Qualification and Skillset Required:
Professional certification in any related field such as CISA / ECIH/ CISM/ CHFI/CISSP /GCIA / GCFA / CEH is desired.
Administrative skills e.g. report writing skills.
Research, presentation, analytical and proposal writing skills.
Ability to solve complex problems and lead small teams.
Monitoring and evaluation skills.
 
The Ministry of Communications now invites eligible individual Consultants to indicate their interest in providing the Services. Interested Consultants should provide information demonstrating that they have the required qualifications and relevant experience to perform the Services. 
 
Individual Consultants will be selected in accordance with the procedures set out in the World Bank’s Guidelines: Selection and Employment of Consultants by World Bank Borrowers, January 2011, (Revised July 2014). Interested individuals may obtain further information at the address below from Monday to Friday between 9:00am and 5:00pm.
 
Expressions of interest may be hand delivered or sent by email to the address below by 4:00 PM (local time) on or before January 25, 2019
 
Chief Director
Attention: Project Coordinator 
eTransform Project
Room 39, Fifth Floor, 
Ministry of Communications Building
Abdul Diouf Street,
Near Kofi Annan ICT Center of Excellence, 
Ridge, Accra
Digital Address: GA-079-0539
 

Meet the Press with the Ministry of Communications

The Ministry of Communications (MoC) is focused on utilizing Telecom/ICTs to improve the efficiency of service delivery with particular attention to rural and underserved communities, digital and financial inclusion, gender parity and opportunities for the youth through the nurturing of new businesses, improving efficiencies of existing businesses, creation of job opportunities, facilitation of ICT-based entrepreneurship and securing our cyber space for the realization of the SDGs.

The Ministry therefore plays a strategic role within the national development agenda.

Clarifications to Requests from Bidders

U.S.-Ghana Cyber Study Visit

Bidding Document1 for Digitization - RGD 16Aug18

Request for Expressions of Interest

Reference No. eTP/RComp/1.6.2

The Government of the Republic of Ghana has received financing from the World Bank toward the cost of the eTransform Project, and intends to apply part of the proceeds for consulting services.

 

Hon. Minister's Statement to Parliament on the Implementation of a Common Platform

Statement to Parliament on the Implementation of a Common Platform for Telecommunications Traffic Monitoring, Revenue Assurance, Mobile Money Monitoring and Fraud Management

 

Invitation for Bids - eGovernment Network Connectivity in Ghana

INVITATION FOR BIDS (IFB)

Issuing date of the IFB: May 25, 2018

INTERNATIONAL COMPETITIVE BIDDING

The Republic of Ghana

Ministry of Communications

e-Transform Project

e-Government Network Connectivity in Ghana

Credit No IDA 5304-GH

IFB No: eTP/RComp/2.2.3

1. This Invitation for Bids (IFB) follows the General Procurement Notice (GPN) for this

project that appeared in UNDB issue No WB5553-11/14 of November 4, 2014.

2. The Government of Ghana has received a Credit from the International Development

Association toward the cost of the e-Transform Ghana Project, and it intends to apply

part of the proceeds of this credit to payments under the agreement(s) resulting from this

IFB: Service Provider for E-Government Network Connectivity (GovNet) in Ghana on an

IRU basis.

Common Platform - Setting the Records Straight

Date: 18th May, 2018 - The attention of the Ministry of Communications (MoC) has been drawn to an article released by IMANI Ghana, containing a litany of misinformation about the ministry, its mandate under the law and its conduct in fulfilment of such mandate.

The MoC, by this statement, would like to set the records straight. As of 2009, the National Communications Authority, (NCA) and the Ghana Revenue Authority (GRA) had different regulations in accordance with their mandates to enhance oversight and revenue generation monitoring activities. As a result, each agency contracted different service providers in 2010 to achieve their objectives. In 2013, the government consolidated these regulations in the Communications Service Tax (Amendment) Act, 2013 (Act 864) to benefit from the synergy of using a single platform.

READ FULL RELEASE

Pages