A. Background
The Government of Rwanda has received a grant from the World Bank to implement its e-government strategy. The eRwanda Project will be implemented by the Rwanda Information Technology Authority (RITA) based in Kigali, Rwanda.
The eRwanda project, which is a part of the NICI plan, will focus on specific activities within the NICI plan which have the potential to have the greatest impact on good governance and improved conditions for the country’s citizens, particularly those most vulnerable, least economically advantaged and vast majority of citizens who live in the rural areas.
RITA through National Computing Centre has taken a number of steps to safeguard the integrity of the national data and prevent unauthorized access to information that shall be maintained in the National Data Centre.
In view of the above, RITA is in the process of recruiting individual consultant to assist RITA in setting up the national cyber security centre within the National Computing Centre for the period of 40 staff days.
Objective of the Assignment
The overall objective of the assignment is the setting up of a national cyber security capability under the Internet Governance Framework for the Government of Rwanda Computer Network, which is an integral part ofRwandan business and government, as a focal point for mitigating all the computer-related risks.
It is evident that the GoR computer network is exposed to threats/risks of malicious activity of the Internet that requires a deliberate computer network security risk management process in order to reduce and mitigate existing vulnerabilities.
These vulnerabilities are being exploited by hackers, criminals, spies, terrorists etc on the internet, thus posing a high risk to the Government of Rwanda Computer networks. It is in light of these concerns that this consultancy assignment has been formulated.
Scope of Work
Scope of work encompasses the following components:
Strategy for Computer Cyber Security- Develop strategies for cyber security in line with NCC needs and requirements. - Develop a plan for selection and deployment of security tools - Advise on the establishment of mechanisms for sanitizing and disseminating data on security problems, data that helps the networked community understand the scope and cost of the overall problem - Identify threats to and vulnerabilities of the Internet in Rwanda and estimate the cascade effect that a successful, sustained attack on the Internet would have on the critical national infrastructures
Selection and Deployment of Security Tools- Identify, select and install various security tools for monitoring and filtering network flow - Run a series of security tests and threats to the system, prepare a report on the responsiveness of the system
Communication and Awareness Campaign- Develop strategies for cyber security awareness campaign - Conduct high level training course for the ICT Directors of the Ministries that provides an overview of the key issues and decisions that must be addressed in establishing cyber security centre and on the functions of security toolkits - Develop plans for awareness campaigns that stress the need for security training for system administrators, network managers, and chief information officers - Organize a workshop for key stakeholder to brief them on the functions of developed systems toolkits and demonstration toolkits. - Develop plans for a training course on the computer security incident response with the focus on techniques employed in detecting and responding to current and emerging computer security threats and attacks that are targeted against a variety of operating systems and architectures
Invitation
Interested individual consultants must provide information indicating that they are qualified to perform the services (CVs, description of similar assignments, experience in similar conditions etc). The consultant shall be selected in accordance with the procedures set out in the World Bank Guidelines for Selection and Employment of Consultants following “Selection Based on the Consultants’ Qualifications”.
Qualifications:
Candidates should possess a degree in any of the following:
- Minimum Masters Degree or Higher in Computer Science, Software Engineering, Information Systems or related technical and business areas. Postgraduate qualifications are an added advantage.
- Minimum of five years experience in cyber security system, computer security incident handling, establishing CERT backed with the experiences in translating technology capability into strategic business decisions at consultancy/advisory level. - Certification in either CISSP or CISM or any equivalent information security certifications. - Knowledge and experience in ICT program impact assessment is an essential requirement - Strong communication skills - Excellent writing skills
Contract Obligations and Reporting Structure
The Assignment is expected to span over a period of forty man-days. It is anticipated that during this period the consultant will be able to conduct consultations with the key stakeholders using a participatory approach.
The selected Consultant will report to the Director of National Computing Centre at RITA. The Consultant will also gain advice from the eRwanda Project Team and RITA.
Location of the assignment:
The assignment will be based at RITA Headquarters (Telecom House-Kacyiru) and with regular consultations with key stakeholders (President’s office, Prime Minister’s office, National Police, Ministry of Defense, Ministry of Infrastructure, Ministry of internal security, national security services, Regulatory Agency-RURA, Telecom Operators, national security fund, financial institutions etc).
Deadline Date and Time
By 1700 hours on Friday, 23 March 2007
Submission Address: Expressions of Interest/CVs must be delivered to the address below.
Contact:
Project Manager, eRwanda Project Telecom House, 5th Floor Boulevard de l’Umuganda PO Box 7229 Kigali, Rwanda Tel: (250) 587-558 Fax: (250) 583-222 E-mail: Notice Number: WB782-698/07
