Philippines Digital Infrastructure Project (Филиппины - Тендер #66308136)

NOTICE AT-A-GLANCE

• Project ID

P176317

• Project Title

Philippines Digital Infrastructure Project

• Country

Philippines

• Notice No

OP00373307

• Notice Type

Request for Expression of Interest

• Notice Status

Published

• Borrower Bid Reference

PH-DICT-475099-CS-INDV

• Procurement Method

Individual Consultant Selection

• Language of Notice

English

• Submission Deadline Date/Time

Aug 26, 2025 16:00

• Published Date

Aug 14, 2025

• CONTACT INFORMATION
• Organization/Department

Department of Information and Communications Technology

• Name

GUADA FATIMA A. HERNANDEZ-AMBROCIO

• Address

Carlos P. Garcia, Diliman, Quezon City 1101 bac.secretariat@dict.gov.ph

• City

• Province/State

Philippines

• Postal Code

• Country

Philippines

• Phone

(02) 8-920-01-01 loc

• Email

bac.secretariat@dict.gov.ph

• Website

REQUEST FOR EXPRESSIONS OF INTEREST (REOI)

(INDIVIDUAL CONSULTING SERVICES)

PHILIPPINES

PHILIPPINES DIGITAL INFRASTRUCTURE PROJECT

Loan No./Credit No./ Grant No.: IBRD Loan Number 9730-PH

Assignment Title: Engagement of Technical Consultant under the Project Implementation Unit - Cybersecurity Specialist

Reference No. (as per Procurement Plan): PH-DICT-475099-CS-INDV

The Department of Information and Communications Technology (DICT) has received financing from the World Bank toward the cost of the Philippines Digital Infrastructure Project and intends to apply part of the proceeds for consulting services.

The consulting services (“the Services”) include the hiring of a Cybersecurity Specialist who will support the implementation of Component 4 of the PDIP, focusing on enhancing network security across the Philippines. This includes developing cybersecurity policies, improving real-time threat response, building capacity within government agencies, and promoting cybersecurity awareness and education. The Specialist will work closely with the Project Manager, DICT and other stakeholders to achieve these objectives, ensuring that cybersecurity measures are robust, sustainable, and aligned with international best practices. The list of duties and responsibilities is provided in the detailed Terms of Reference (TOR) attached as “Annex A”. The engagement is a time-based contract for forty-eight (48) months period inclusive of a 6-month probation period. The Estimated Price Cost (EPC) per month is: ONE HUNDRED NINETY-NINE THOUSAND NINE HUNDRED NINETY-NINE PESOS AND 96/100 (Php199,999.96). The location for this position is at the designated office of the DICT in Quezon City, Philippines.

The DICT now invites eligible individuals (“Consultants”) to indicate their interest in providing the Services. Interested Consultants should provide information demonstrating that they have the required qualifications and relevant experience to perform the Services (attach curriculum vitae with description of experience in similar assignments, similar conditions, etc.). Firms’ staff may express interest through the employing firm for the assignment and, under such a situation, only the experience and qualifications of individuals shall be considered in the selection process. The criteria for selecting the Consultant are the following:

REQUIRED COMPETENCIES AND KNOWLEDGE

Extensive experience in developing and implementing cybersecurity policies, frameworks, and technical solutions.

Proficient in conducting cybersecurity assessments and designing strategies to mitigate risks.

Proven track record in designing and delivering cybersecurity training programs.

Experience in promoting gender inclusivity in technical fields, particularly in cybersecurity.

Strong ability to analyze complex cybersecurity challenges and develop innovative solutions.

Proficient in data analysis, data visualization, and the use of cybersecurity tools and technologies.

Strong interpersonal skills with the ability to work collaboratively with diverse stakeholders.

Excellent communication skills in English, both written and spoken.

ACADEMIC QUALIFICATIONS AND EXPERIENCE

University and/or master’s degree in cybersecurity, computer science, information technology, or a related field.

A minimum of ten (10) years of professional experience in cybersecurity, with at least five (5) years of direct involvement in the design, implementation, and oversight of cybersecurity initiatives.

Extensive exposure to cybersecurity projects and practices within the Philippines, ASEAN, and international contexts.

Proven experience working on projects financed and supported by international organizations, especially in areas related to digital infrastructure and cybersecurity.

The attention of interested Consultants (including firms) is drawn to paragraph 3.14, 3.16 and 3.17 of The World Bank Procurement Regulations for IPF Borrowers, Fifth Edition dated September 2023 (“the Regulations”), as per financing agreement, setting forth the World Bank’s policy on conflict of interest.

Further information can be obtained at the address given below every Monday to Friday, 9:00 am to 4:00 pm.

Expressions of interest must be delivered in a written form to the address below (in person, or by mail) on or before August 26, 2025.

For further information, please refer to:

GUADA FATIMA A. HERNANDEZ-AMBROCIO

Director IV, Procurement Service

Department of Information and Communications Technology

3/F Office of the Director for Procurement Service

C.P. Garcia Avenue, Diliman, Quezon City

Telephone No. (02) 8-920-01-01 loc. 6108

Email Address: bac@dict.gov.ph or bac.secretariat@dict.gov.ph

Website: www.dict.gov.ph

(Original signed)

PHILIP A. VARILLA

Chairperson, DICT-SBAC

"ANNEX A"

TERMS OF REFERENCE FOR THE ENGAGEMENT OF TECHNICAL CONSULTANT

UNDER THE PROJECT IMPLEMENTATION UNIT – CYBERSECURITY SPECIALIST

BACKGROUND

In July 2022, His Excellency, the President of the Philippines, Mr. Ferdinand Marcos, laid out a comprehensive vision for the digital acceleration of the Philippines, aiming to achieve specific goals, including nationwide internet connectivity, by 2028. This strategy involves investing in public broadband, connecting remote areas, bolstering cybersecurity, and advancing the e-Government agenda. To facilitate this transformative plan, the Department of Information and Communications Technology (DICT) has initiated the First Digital Transformation Policy Project (Development Policy Loan). To this end, and to realize the vision of the Marcos Presidency, the World Bank (WB) is financing the Philippine Digital Infrastructure Project (the “Project”). This concerted effort aims to forge a coherent and efficient whole-of-government program, reaching various sectors of society, and underscores a steadfast commitment to achieving digital inclusivity in alignment with the national vision. The Project will improve the broadband connectivity in the country, including giving considerations to efficiency, costs and security of the network. It includes components on (i) National Fiber Backbone, (ii) Middle-mile, (iii) Last-mile; and (iv) Network Security, along with (v) Project Management Support.

The proposed Project’s objectives align with the Philippine Development Plan (PDP) 2023-2028 development agenda for the infrastructure sector, which calls for modernizing and expanding the country"s digital infrastructure to facilitate movement of information and achieve seamless and inclusive connectivity (under Chapter 12: Expand and Upgrade Infrastructure). Within the ICT sector, the project also supports the implementation of the following major sectoral plans and issuance: (i) National Broadband Plan, which provides the blueprint to achieve universal, faster and affordable broadband internet access; (ii) National Cybersecurity Plan (NCSP) 2023-2028, which provides the policy direction and operational guidelines on building cybersecurity capacities and strengthening cybersecurity defenses; and (iii) Republic Act No. 10929 or the Free Internet Access in Public Places Act, which aims to provide free access to internet service in public places throughout the country. The project, which aims to improve broadband connectivity, is also included as a priority investment undertaking under the Philippine Public Investment Program (PIP) 2023-2028 and the Three-Year Rolling Infrastructure Program (TRIP) 2025-2027.

OBJECTIVE

The DICT will establish the Project Implementation Unit (PIU) for the PDIP and is seeking to hire an individual consultant as a Cybersecurity Specialist. This role will support the implementation of Component 4 of the PDIP, focusing on enhancing network security across the Philippines. This includes developing cybersecurity policies, improving real-time threat response, building capacity within government agencies, and promoting cybersecurity awareness and education. The Specialist will work closely with the Project Manager, DICT and other stakeholders to achieve these objectives, ensuring that cybersecurity measures are robust, sustainable, and aligned with international best practices.

DUTIES AND RESPONSIBILITIES

Under the direct supervision of the Project Manager, the Cybersecurity Specialist is expected to perform the following tasks:

Policy, Governance & CIIP Support

Review, update, and align national cybersecurity and CIIP policies with international standards (NIST CSF, ISO/IEC 27001, CIS Controls).

Conduct a national cybersecurity posture & gap assessment; develop prioritized recommendations.

Draft implementation guidelines, minimum control baselines, and policy briefs for government adoption.

Contribute to a national CIIP framework and roadmap (sector prioritization, reporting, escalation).

Integrate PDIP investments (CERT, SOC, network security controls) into NCSP implementation tracking.

Coordinate with government agencies and critical sectors (telecom, energy, finance, health, etc.) to promote consistent application of cybersecurity standards.

Engage private sector, academe, and civil society stakeholders; incorporate feedback into policy drafts.

Recommend international cooperation pathways (FIRST, APCERT, GFCE) and certification programs.

Advise on sustainability and O&M models (shared services, managed security, PPP) for national cyber capabilities.

Establish policy implementation KPIs; prepare periodic governance status notes.

Capacity Building, Awareness & Inclusion

Co‑design tiered cybersecurity training curricula for ~500 government personnel over the Project life; target ≥50% women participation.

Support delivery of workshops, cyber‑drills, seminars, and awareness campaigns.

Develop training materials, e‑learning modules, and quick‑reference guides aligned to NCSP priorities.

Facilitate knowledge exchange and communities of practice.

Coordinate with academic institutions to embed cybersecurity in curricula and professional programs.

Support outreach to female STEM students (≥6 sessions) highlighting cybersecurity career pathways.

Operational Capability Support (CERT / SOC / Incident Readiness)

Advise on assessments of current government cyber infrastructure and incident response capabilities; identify gaps and priority investments.

Support development of risk management frameworks and minimum security baselines for critical information infrastructure.

Provide advisory inputs to technical & functional requirements (with engineering/procurement consultants) for national CERTs, sector CERT linkages, and SOC upgrades.

Review procurement TORs, vendor proposals, and design deliverables for policy alignment, interoperability, and good practice.

Contribute to governance models, operating concepts, staffing plans, escalation matrices, and KPIs for two National CERTs (target Q2 2026) and the national SOC upgrade (target Q4 2026).

Assist in developing national incident response protocols, playbooks, and reporting templates.

Participate in readiness reviews, acceptance testing, and after‑action reviews with DICT and vendors.

Advise on integrating CERT/SOC telemetry into national situational awareness dashboards.

REPORTING

The Consultant is embedded in the PDIP PIU; reports administratively to the Project Manager and coordinates technically with the DICT Cybersecurity Bureau. The position supports compliance with the Project Appraisal Document (PAD), the NEDA‑approved DICT proposal, the Loan Agreement, and the Project Operations Manual (POM).

QUALIFICATIONS AND EXPERIENCE

Education: Master’s degree in a relevant field (Cybersecurity, Information Security, ICT, Public Policy, etc.) strongly preferred.

Professional Certification (Required): At least one globally recognized cybersecurity credential: CISSP (preferred), CISM, ISO/IEC 27001 Lead Implementer/Auditor, GIAC (e.g., GICSP, GCIA), CEH, or equivalent. Additional certifications an advantage.

Professional Experience

Minimum seven (7) years progressive cybersecurity experience including policy/governance advisory responsibilities and oversight or review of technical implementations (systems delivered by teams or vendors).

Demonstrated experience developing and implementing cybersecurity or CIIP policies/programs aligned with international standards.

Experience advising on the design, stand‑up, or maturation of CERTs/CSIRTs and/or SOC operations (governance, processes, KPIs, tool integration).

Prior experience supporting public‑sector cybersecurity initiatives; experience in the Philippine context and/or with DICT is desirable.

Proven ability to apply frameworks such as NIST CSF, ISO/IEC 27001, CIS Controls; familiarity with MITRE ATT&CK‑informed SOC operations is a plus.

Experience engaging critical infrastructure operators (telecom, energy, finance, health) and regulators.

Strong analytical, facilitation, and stakeholder communication skills; able to translate technical risk into policy options and management briefs.

Excellent written and spoken English.

Источник закупки

Перейти

Импорт - Экспорт по стране Филиппины