Invitation for Request for Expressions of Interest Status:Approved
GOVERNMENT OF THE PEOPLE'S REPUBLIC OF BANGLADESH
| Ministry/Division |
: |
Ministry of Finance |
| Agency |
: |
Bangladesh Bank |
| Procuring Entity Name |
: |
Bangladesh Bank |
| Procuring Entity Code |
: |
|
| Procuring Entity District |
: |
Dhaka |
| Expression of Interest for Selection of |
: |
Individual Consultant (National) (Time-Based) |
| Title Of Service |
: |
Chief Information Security Officer
|
| EOI Ref. No. |
: |
40/2019 |
| Date |
: |
22/09/2019 |
KEY INFORMATION
|
| Procurement Sub-Method |
: |
Selection of Individual Consultants (SIC) |
FUNDING INFORMATION
|
| Budget and Source of Funds |
: |
Own Funds GOB |
| Development Partners |
: |
|
PARTICULAR INFORMATION
|
| Project/Programme Name |
: |
|
| EOI Closing Date and Time |
: |
10/10/2019 11.55 AM
|
| Publication Date |
: |
30/09/2019
|
INFORMATION FOR APPLICANT
|
| Brief Description of Assignment |
: |
"The CISO will lead a team dedicated for conducting security related issues within Bangladesh Bank as well as provide necessary directive to the banking and financial sector of Bangladesh.
Roles and Responsibilities: The CISO will be responsible for developing and implementing information security programs, which include procedures and policies designed to protect IT systems/platforms, enterprise communications, and assets (mainly data) from both internal and external threats, with strong focus on process and risk management. His/her duties and accountabilities will include (but not necessarily be limited to):
1. Overseeing the design and implementation of BB's information security infrastructure to monitor IT installations and systems for detection and prevention of unauthorized access and use; steering to completion of BB's ongoing cyber security strengthening program and conducting annual reviews thereof to identify, assess and coordinate remediation of weaknesses in BB's IT security systems;
2. Shaping up a robust new CSU covering the areas of Security Engineering (SE), Security Threat and Vulnerability Management (STVM), Information Security Operations Center (ISOC), Security Information and Event Management (SIEM), Financial Sector wide Critical Incident Response Team (CIRT) and Cyber Security Intelligence (CSI); putting in place adequate documented processes, procedures and internal technical controls in all these areas;
3. Assessing knowledge/skill enhancement needs for staff in the new CSU, setting up appropriate training routines of cyber security capacity building with up-to-date understanding of emerging trends in information security technology;
4. Ensuring BB's response-preparedness to IT security incidents through development and regular exercise of incidence response processes & procedures, fostering leadership skills in getting things done in inter-departmental/inter-agency team environments;
5. Fostering and facilitating a cyber security risk aware culture among all staffers in BB offices and departments, ensuring effective, efficient and balanced protection of all BB information assets;
6. Guiding and assisting the development of security standards for IT platform in conformance with BB's IT architecture, risk profile, and policy requirements;
7. Interfacing with business units and IT stakeholders in identifying requirements and assessing their applicability to BB's IT infrastructure;
8. Identifying efficiencies to improve the performance and responsiveness of BB's IT security work programs;
9. Reviewing and offering suggestions on setting of technical requirements in procurements of IT equipments/consumables in conformance with BB's Information Security architecture and risk profile;
10. Designing short-term and long-term security policy and implementation plan for Bangladesh Bank;
11. Taking necessary measure to upgrade and maintain security infrastructure of Bangladesh Bank according to the implementation plan;
12. Guiding and facilitating regular security testing on the ICT infrastructure of Bangladesh Bank, auditing existing systems and providing comprehensive risk assessments;
13. Ensuring regular review of logs of user activities in order to recognize suspicious behavior;
14. Designing automatic (machine learning based) monitoring and financial fraud detection policy;
15. Designing monitoring plan of the implementation process of security policy by Banks and NBFIs of Bangladesh;
16. Guiding Banks and NBFIs of Bangladesh to take appropriate preventive measures in case of any security threat/incident at any of the financial institute in Bangladesh or relevant organization abroad;
17. Facilitating security awareness program for all employees of the bank at regular interval;
18. Preparing a team for digital forensic investigation to investigate any incident.
19. Integrating IT systems development with security policies and information protection strategies;
20. Collaborating with key stakeholders to establish an IT security risk management program;
21. Anticipating new security threats and stay-up-to-date with evolving infrastructures;
22. Acting as a focal point for IT security investigations and directing a full investigation with recommended courses of action;
23. Prioritizing and allocating security resources correctly and efficiently;
24. Leading the following activities of Bangladesh Bank:
i. Management of Security staff and Security Operations Centre (SOC).
ii. Security and Business Continuity and Disaster Recovery Planning (BCDR).
iii. Authentication, identity and access management.
" |
| Experience, Resources and Delivery Capacity Required |
: |
As Per Document |
| Other Details (if applicable) |
: |
|
| Association with foreign firms is |
: |
|
| Eoi Detail Information |
|---|
| Ref No |
Phasing Of Services |
Location |
Start Date |
Completion Date |
| 40/2019 |
As per EOI |
Dhaka |
22/09/2019 |
10/10/2019 |
|
PROCURING ENTITY DETAILS
|
| Name of Official Inviting EOI |
: |
Ms. Noor-Un-Nahar |
| Designation of Official Inviting EOI |
: |
General Manager |
| Address of Official Inviting EOI |
: |
Human Resources Department-1, Bangladesh Bank, Head Office, Dhaka.
|
| Contact details of Official Inviting EOI |
: |
Phone : Office- 9530492, Email- gm.hrd@bb.org.bd, Fax : , Email : |
| The procuring entity reserves the right to accept or reject all tenders |
