Republic of Serbia
Ministry of Health
Serbia Noncommunicable Diseases Prevention and Control Project
Loan No. 96040-YF, Project ID P180619
REQUEST FOR EXPRESSIONS OF INTEREST
(CONSULTING SERVICES – SELECTION OF INDIVIDUALS,
NATIONAL, PART TIME)
Country: The Republic of Serbia
Name of Project: Serbia Noncommunicable Diseases Prevention and Control Project
Loan No.: 96040-YF
Assignment Title: Cyber/Digital Security Specialist
Reference No.: RS-NCD-96040YF-CS-IC-25-4.30
Date of initial publication: 18 February 2025
Date of publication of deadline extension: 4 March 2025
Revised notice – extension of EOI submission deadline
This is a repeated request for the expression of interest (REoI). The initial REoI was published on February 18, 2025. Individual consultants who have previously submitted their EoI for this assignment will be duly considered and do not need to reapply.
The Republic of Serbia has received financing from the World Bank for the Serbia Noncommunicable Diseases Prevention and Control Project (SNDPCP). It intends to apply part of the proceeds for consulting services: Cyber/Digital Security Specialist.
The overall objective of the assignment is to assist the Ministry of Health (MoH) in protecting digital health solutions to be implemented by the identifying threats and vulnerabilities.
The main activities of this assignment include, but are not limited to the following:
- Engaging in the design and implementation of digital health solutions to be implemented by the Project to ensure that they are protected from threats and vulnerabilities. The primary focus is on safeguarding data and ensuring the integrity, confidentiality, and availability of digital resources.
- Assessing potential security risks and vulnerabilities in digital infrastructure and data related to digital health solutions to be implemented by the Project.
- Securing computer networks by configuring firewalls, intrusion detection systems, and monitoring network traffic.
- Evaluating incident response and disaster recovery plans related to digital health solutions to be implemented by the Project.
- Providing cyber security related capacity-building workshops and other activities for the Project team.
- Assessing and monitoring cyber security practices of third-party vendors and service providers. Ensuring that contracts with third parties include cyber security clauses and compliance requirements.
- Implementing data encryption, access controls, and backup solutions to protect sensitive information.
- Conducting security awareness programs to educate Project team and stakeholders about cyber security best practices.
- Identifying and patching vulnerabilities in software and hardware, and keeping systems up to date.
- Keeping up with the latest threats and security trends and applying patches and updates as necessary.
- Analyzing potential risk related to IT activities on the Project.
- Cooperating with Data protection Specialist to ensure comprehensive data protection and security measures.
The detailed Terms of Reference (TOR) for the assignment can be found at the following website: https://www.zdravlje.gov.rs/tekst/426135/oglasi.php
On behalf of the Ministry of Health of the Republic of Serbia, the Project Coordination Unit now invites individual consultants to indicate their interest in providing the Services. Interested individual consultants should provide Cover Letter and CV in English language, with enogh information demonstrating that they have the required qualifications and relevant experience to perform the Services (scanned diplomas and certificates to be sent with CV).
The consultant should possess the following qualifications and experience:
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field
- Minimum 10 years of work experience in IT sector
- Knowledge of MoH's, HIF's and IPHS's information system is advantage
- Proven experience of five years in the last 10 years implementing cyber security solutions in governmental or healthcare systems is required
- Good command of written and spoken English and Serbian language
- Previous experience in projects financed by the World Bank or the IFIs would be an advantage
- Certificates regarding cyber/digital security (CISSP, CISM, CISA, or equivalent) is required
- Related certifications and related experience such as HCISPP, ISO/IEC 27001, NIST or CCNA certificate are advantage
The evaluation of the received EOIs will be based on the following selection criteria:
- Specific experience relevant for the assignment 60 points
- Qualifications for the assignment 40 points
The attention of interested Consultants is drawn to Section III, paragraphs 3.14, 3.16, and 3.17 of the World Bank's "Procurement Regulations for IPF Borrowers" September 2023 ("Procurement Regulations"), setting forth the World Bank's policy on conflict of interest.
A Consultant(s) will be selected in accordance with the IC (Individual Consultants) method set out in the Procurement Regulations. Further information can be obtained at the address below during office hours: 09.00–15.00.
Expressions of interest and CV must be delivered in written form to the address below (in person or by mail or e-mail) by 14 March 2025.
Primary Health Center Savski venac
Dom zdravlja Savski venac
Ms. Žana Cvetković, Procurement specialist
Serbia Noncommunicable Diseases Prevention and Control Project
Pasterova 1 Str., 11000 Beograd
The Republic of Serbia
E-mail: office_pcu@zdravlje.gov.rs