Consultancy for Penetration Testing tendering job at Raising The Village
465 Days Ago
Linkedid Twitter Share on facebook
Terms of Reference for Consultancy for Penetration Testing tendering job at Raising The Village

OVERVIEW

Raising The Village (RTV) exists because we believe that together we can find straightforward solutions to complex problems of inequality. Together, we can achieve what is impossible alone. Our story is borne as a result of two deep convictions: ultra-poverty is the worst form of inequality in our world; we have the opportunity to end ultra-poverty in our generation.

Since our inception in 2012, we have focused on partnering with last-mile, rural communities in Uganda to develop initiatives that pave the pathway out of ultra-poverty towards economic self-sufficiency. We believe everyone deserves an opportunity to make choices and have a real chance at life. Through our partnerships, we resource, guide, train, and equip ultra-poor families to make empowering decisions, access new opportunities, and shape their futures.

Our work and success is the result of cross-cultural collaboration between our staff and village partners, the local and federal government of Uganda, and experts from around the globe all working together. Fuelled by the support of our donors, we are on a path to reach 1 million people living in ultra-poverty by 2023.

PURPOSE OF CONSULTANCY
RTV seeks a qualified and experienced Consultant to perform comprehensive penetration testing of our network, applications, and systems. The Consultant should have a strong track record of executing successful penetration tests and be familiar with the latest security best practices. 

Similar Jobs in Uganda
Learn more about Raising The Village (RTV)
Raising The Village (RTV) jobs in Uganda
 

Scope of the work:
The scope of the penetration testing  project includes the following:
1. A comprehensive assessment of our external and internal network and systems, including but not limited to firewalls, routers, internet equipment, backup machines and platforms, switches, servers, and mobile devices.
2. A comprehensive assessment of our web applications, including but not limited to authentication mechanisms, data input validation, session management, and data storage.
3. A comprehensive assessment of our mobile applications, including but not limited to authentication mechanisms, data input validation, session management, and data storage.
4. A comprehensive assessment of our intranet, including but not limited to authentication, access and security.
5. A comprehensive assessment of our wireless networks, including but not limited to access points, controllers, and associated devices.
6. A comprehensive assessment of our physical security, including but not limited to access controls, video surveillance, and physical barriers.

Deliverables: The Consultant should provide the following deliverables:
1. A detailed report of the findings and vulnerabilities discovered during the penetration testing.
2. A prioritized list of recommendations for addressing and mitigating the identified vulnerabilities.
3. A debrief session with RTV’s IT team, Chief of Staff and Head of Operations to discuss the findings and recommendations.
4. All test data collected during the project.

Timeline: The project should be completed within 30 days. The Consultant should provide a detailed project plan outlining the timeline and milestones.

Qualifications: The Consultant should have the following qualifications:

1. At least 10 years of experience in penetration testing.
2. In case of a Consulting firm, CVs for the Lead Consultant and for the team recently signed by the proposed professional staff and the authorized representative submitting the proposal.  Key information should include number of years working for the firm/entity and degree of responsibility held in various assignments during the last ten (10) years.
3. Certified in relevant industry standard certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Certified Information Systems Security Professional (CISSP) or Offensive Security Certified Professional (OSCP).
4. Experience with tools such as Metasploit, Nmap, Burp Suite, and Kali Linux.
5. Familiarity with compliance frameworks such as PCI DSS, HIPAA, and ISO 27001.
6. Excellent communication and reporting skills.
Proposal Submission: The Consultant should submit a detailed proposal including the following:
1. Submit comprehensive technical and financial proposals as separate documents with validity of not less than 90 days from the submission deadline.
2. Company profile and relevant experience.
3. Proposed project plan, including timeline and milestones.
4. Proposed approach/ methodology to the project and staffing .
5. At least five (5) References from past clients, these should include at 3 INGO past clients.

Conclusion:
The Consultant should have the experience, qualifications, and tools to perform a successful penetration test. Please submit your proposal by 31 August 2023 to tenders@raisingthevillage.org OR hand deliver copies at the Raising The Village Head Office, 22A Lower Naguru East Road, Kampala, Uganda.
Job Info
Job Category: Tenders in Uganda
Job Type: Full-time
Deadline of this Job: 31 August 2023
Duty Station: Kampala
Posted: 15-08-2023
No of Jobs: 1
Start Publishing: 15-08-2023
Stop Publishing (Put date of 2030): 15-08-2067
Apply Now
Notification Board

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.