Apply online

Ref.
2025/STEFTARTTFIC/14096

Job offer type
Experts

Type of contract
Service contract

Activity sectors
Other

Deadline date
2025/11/30 14:25

Duration of the assignment
Beaded expertise

Contract
Freelancer

Duration
2 years

Mission description

I.      General information

Assignment name

Short term expertise for technical assistance in cybersecurity

Project Title

Strengthen the resilience of the cybersecurity ecosystem of Kenya (KCR)

Project funded by the European union for 36 months.

Country

Kenya

Type of contract

Invitation to apply for inclusion on a roster

II.      Objectives and desired results

 1)      General objective

The general objective of the assignment is to support the implementation of the project action plan with the assistance of experts from various background and expertise related to technical and awareness fields in cybersecurity.

 2)      Specific objectives

The establishment of an expert roster aims to ensure rapid, flexible, and quality technical mobilization in support of the KCR project’s objectives. It will allow the project team to identify, contract, and deploy qualified short-term experts in various domains of cybersecurity. Specific objectives of the assignment are:

OS 1.      Facilitate efficient expert mobilization by maintaining a pool of pre-validated professionals with relevant thematic and geographic experience.

OS 2.      Ensure technical excellence and consistency of interventions across the two project components.

OS 3.      Promote complementarity between national and international expertise, supporting local capacity development.

OS 4.      Enhance responsiveness to ad hoc requests from Kenyan stakeholders while ensuring alignment with the project’s work plan and EU standards.

OS 5.      Strengthen knowledge transfer and sustainability, by fostering collaboration between experts, national institutions, and regional bodies.

 3)      Specific expertise requested

The experts will be responsible, under the project coordinator to carry out technical various assistance activities related to the following topics:

                    Development of Incident response and CERT capacities;

                    Cybersecurity Trainings, capacity building, awareness and CTF;

                    Cyber threat intelligence sharing. 

II.      Description of the assignment

 1)      Planned activities

While each expert’s role will be defined by their specific Terms of Reference, all roster members may be expected to contribute to one or several of the following generic activities depending on their area of expertise:

Those activities would be organised as follow:

1.     Analytical and advisory work

·       Conduct assessments, gap analyses, or benchmarking studies.

·       Draft or review policy, legal, or regulatory documents.

·       Produce technical recommendations, guidance notes, or policy briefs.

·       Align deliverables with EU and international standards (e.g., NIS2, ENISA, ITU, ISO).

2.     Capacity building and knowledge transfer

·       Design and deliver training sessions, workshops, or seminars for national stakeholders.

·       Develop technical manuals, curricula, or awareness materials.

·       Mentor or coach local staff and institutional focal points.

·       Facilitate technical exchanges or study visits between Kenyan and EU institutions.

3.       Stakeholder engagement and facilitation

·       Liaise with government agencies, regulators, civil society, and the private sector.

·       Support the organization of multi-stakeholder consultations or technical working groups.

·       Contribute to outreach activities and promote inclusion (youth, women, regional representation).

4.       Monitoring, reporting, and knowledge management

·       Draft mission reports, technical notes, and lessons-learned documents.

·       Contribute to the project’s monitoring and evaluation (M&E) framework by proposing measurable indicators.

·       Participate in debriefings and validation workshops with Expertise France and the EU Delegation.

·       Feed into the project’s communication materials and visibility outputs.

5.       Coordination and quality assurance

·       Ensure alignment of activities with national policies and project objectives.

·       Coordinate with other technical assistance providers or donors to promote synergy and avoid duplication.

·       Apply Expertise France’s and EU’s quality assurance standards in all deliverables and outputs.

 2)      Anticipated deliverables

Specific deliverables will be listed in each purchase order before contracting. These deliverables may include but not limited to:

Steps of the assignment

Deliverables

Inception phase

-        Inception note / mission plan.

-        Desk review summary.

-        Proposed work plan and stakeholder engagement schedule.

Technical analysis and advisory

-        Analytical or diagnostic report.

-        Annotated review or technical comments on draft legislation, strategies, frameworks, or guidelines.

-        Options paper / policy brief, summarizing scenarios and recommendations for decision-makers.

-        Implementation roadmap or action plan.

-        Technical guidance notes or standard operating procedures (SOPs).

Capacity Building and Knowledge Transfer Deliverables

-        Training curriculum / agenda.

-        Training materials, including presentations, manuals, and practical exercises.

-        Workshop facilitation report.

-        Pre- and post-training evaluation reports.

Monitoring, Evaluation, and Learning Deliverables

-        Indicators and monitoring framework for the activity implemented.

-        Results summary table.

-        Lessons learned / best practices note.

Final Deliverables

Report including: overview of objectives and activities carried out, achievements and main findings, constraints and recommendations for follow-up

 3)      Coordination

 The expert will be reporting to the Project Manager.

A launch meeting shall be held few days after the contract award has been notified.

Close collaboration must take place with the project team and the other experts from assignment preparation right up to completion. Furthermore, regular exchanges must take place with the Project Manager and the Key expert on assignment progress and any difficulties that may be encountered. 

III.      Place, duration and terms of performance

1)      Place: Home based and/or in Nairobi, Kenya

2)      Implementation period: KCR project implementation period is from 01/03/2025 until 29/02/2028

3)      Start date: will be determined based on activities

4)      End date: will be determined based on activities

5)      Effective duration per assignment: will be determined based on activities

6)      Schedule/programme: will be determined based on activities.

Project or context description

I.      Context and justification of the need

 The overall objective of the project is to support Kenya to strengthen the resilience of the cybersecurity ecosystem of Kenya to ensure that citizens enjoy an open, free, secure, gender responsive and peaceful cyberspace. This will enhance Kenya's overall defense mechanisms against cyber-threats thus help mitigate the risks of cyber-attacks targeting public and private sector entities and increase users trust.

The project is designed to assist the beneficiary country, specifically Kenyan authorities and actors, in

strengthening their cybersecurity capacities in all aspects. The project started on March 1st, 2025 and will end in late February 2027.

The specific objectives of the project are:

                    The national cybersecurity regulatory and legal frameworks are improved

                    The cybersecurity incidents management capacities are strengthened

                    Users cybersecurity culture and capacities are increased

To reach the objective, the project is expected to achieve 3 interlinked Outcomes:

                    Adoption and implementation of a coherent, holistic, gender responsive, strategic and actionable national approach to CyberResilience is facilitated;

                    National operational capacities to adequately prevent, respond to, and recover from cyber-attacks and/or accidental failures are improved;

                    Trust of users, organizations and companies in the use of the cyberspace is enhanced (from a human rights and gender perspectives).

Experts will be mobilised to support the core team in charge of the implementation of the action plan of the project.

Required profile

I.      Required expertise and profile

 1)      Number of experts per assignment: TBC

 2)      Profile of the designated expert(s) responsible for contract execution

 (I)      Academic qualifications and experience:

                    Master’s degree (or equivalent) in Information Security, Law, Public Administration, International Relations, Computer Science, or related field.

                    At least 5 years of professional experience in cybersecurity operations, training, or technical capacity development..

                    Demonstrated experience in:

o   Designing, implementing, or strengthening incident response capabilities and CERT/CSIRT operations.

o   Conducting technical audits, maturity assessments (e.g., SIM3), or capacity reviews of CSIRTs/SOCs.

o   Designing and delivering cybersecurity training programs, awareness campaigns, or capacity-building workshops.

o   Organizing and/or facilitating technical exercises such as table-top simulations, Capture-the-Flag (CTF), hackathons.

o   Implementing or advising on cyber threat intelligence platforms and information-sharing protocols (e.g., MISP, OpenCTI, STIX/TAXII).

                    Solid knowledge of international best practices and standards in CERT/CSIRT development, threat intelligence, and training (FIRST, ENISA, MITRE ATT&CK, ISO/IEC 27035).

                    Experience in technical capacity-building projects with government agencies, private sector, and/or critical infrastructure operators.

                    Prior experience with international organizations or donor-funded projects is an asset.

                    Experience in Africa, and specifically Kenya or East Africa, is a strong asset.

(II)      Additional specific requirements:

                  Ability to translate complex technical issues into practical guidance for mixed audiences.

                  Experience in interactive, scenario-based training methodologies.

                  Excellent communication and teamwork abilities, with demonstrated intercultural competence.

                  Ability to work in a multicultural team.

                  Capacity to work under pressure.

                  Demonstrated negotiating, cultural sensitivity and diplomatic skills.

Additional information

I.      Assignment reports

 A report following the model provided must be forwarded by e-mail on conclusion of the assignment.  

II.      Practical information

 Note that the applicants that meet the current TORs will be placed on a shortlist, and that individual assignments will be allocated based on a further selection by the project team, based on the fees, experience and availability of the shortlisted experts.

 Specific roles, deliverables and assignments will subsequently be managed by the project team based on the qualifications and expertise of selected consultants and the requirements of the beneficiary countries. Experts may also be asked to work in teams of 2 or 3.

Placement on the shortlist does not guarantee any number of working days to be assigned to the expert. This is subject to a further stage of assessment and agreement in writing. After tasks have been identified a selection of candidates on the shortlist will be made and specific deliverables will be agreed along with the associated working days.

 Please send:

  • CV in EU format
  •        Cover letter, in English, outlining the experts experience in accordance with these Terms of Reference, and the daily fee to be requested.

 NB: Candidates interested in this opportunity are invited to submit their application as soon as possible, with Expertise France reserving the possibility of pre-screening before that date.

 Any incomplete application will not be considered.

 Without a response from us within 3 weeks, please consider that your application has not been accepted.

Selection criteria for applications

The selection process for candidates will be based on the following criteria :

  • Candidate’s training/diplomas related to the expert assignment
  • Candidate’s skills linked with the expert mission
  • Candidate’s experiences linked with the expert mission
  • Candidate's knowledges related to local context (country or region intervention)

Deadline for application : 2025/11/30 14:25

File(s) attached : 24SSE0C060_ToR_RosterA1b VF.pdf

Expertise France is the public agency for designing and implementing international technical cooperation projects. The agency operates around four key priorities :

  • democratic, economic, and financial governance ;
  • peace, stability, and security ;
  • climate, agriculture, and sustainable development ;
  • health and human development ;

In these areas, Expertise France conducts capacity-building initiatives and manages project implementation, leveraging technical expertise and acting as a project coordinator. This involves combining public sector expertise with private sector skills to drive impactful results. 

This website uses cookies to ensure that we give you the best experience on our website. If you continue we assume that you consent to receive all cookies on all websites.
For further information, please click here >>.