Sopra Steria Ltd

Information Security, Managed Security Services, Security Operations Centre

SOC services are a proactive and reactive defence mechanism, providing continuous monitoring, incident response, threat intelligence analysis. We collaborate with clients to enable swift detection of potentially high-impact attacks across an organisation's entire landscape, providing regulatory and security reassurance during audits or assessments conducted by prospective clients or stakeholders.

Features

• 1. Managed Detection and Response
• Holistic risk and threat, view threats across your enterprise
• Shared intelligence for comprehensive view of indicators of compromise
• Identify and address threats before they escalate into incidents.
• Specially trained professionals delivering SOC Operational and Engineering Services

Benefits

• Comprehensive security assurance, Gain end-to-end business security
• Monitor and analyse security events
• Increased Operational Efficiency by centralising and automating security monitoring
• Provide evidence of threats alongside alerts
• Reduce the expense of security monitoring by consuming services

£1,100 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at soprasteria-gcloud@soprasteria.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

691974011064102

Contact

Sopra Steria G-Cloud Team
0370 600 4466
soprasteria-gcloud@soprasteria.com

Planning

• Planning service: Yes
• How the planning service works: We work with clients to design their Threat Detection solution when utilising Cloud Services, to identify and integrate security-relevant log sources into the SIEM and to develop custom use cases that may be required to support client requirements. By integrating these into our SIEM tooling we are able to monitor for, detect and respond to client specific security events and identify potential threats.
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with:
  • Microsoft Sentinel
  • Splunk

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security incident management

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: We can integrate a customer’s cloud-based solution into our Managed SOC's Threat Detection managed Service and incident response capability. The goal of integrating Cloud-based solutions into our SOC is to correlate security incidents across a number of applications and cloud-based services to enable faster and more effective incident response and to ultimately provide end to end visibility of security threats across an organisation. By integrating Cloud-based services into our Managed SOC we are able to collect security related data from a variety of Cloud-based sources, including infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS), and software-as-a-service (SaaS).; As part of our offering, we will support the Cloud Service application that underpins this service.

Service scope

• Service constraints: There are no service constraints to detail here. Any constraints would be discussed at a scoping meeting and agreed once requirements were fully understood.

User support

• Email or online ticketing support: No
• Phone support: No
• Web chat support: No
• Support levels: N/A

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: DNV Business Assurance
• ISO/IEC 27001 accreditation date: Date of last re-certification: 01 December 2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery

  Fighting climate change

  Sopra Steria has committed to becoming Net Zero by 2028 and has been ranked in the top 1% of companies globally by CDP placing us on the A-list for our work tackling climate change over the past 5 years. ; ; Our work has a direct positive impact on our client’s services, for example through lower emissions, reduced waste, and more sustainable supply chains. ; ; Additional environmental benefits: We also provide contract-specific sustainability programmes for clients, which are designed & deployed by our team of Sustainability Consultants. During procurement, these experts will develop a sustainability programme based on a clients objectives, the material impacts, and opportunities within the service. ; ; We have experience in… ; • Undertaking service environmental impact assessments ; • Measuring energy consumption, and emissions generated, required to deliver a particular service (e.g., office use, business travel, use of technology and supply chain); • Evaluating the sustainability of technology products (e.g., GGICT, Energy Star, as well as product and service foot printing) ; • Making business case-backed recommendations, implementation roadmaps for improvements ; • Delivering improvement programmes ; • Reporting performance, using recognised reporting standards, accounting methods ; ; Influencing staff, suppliers, customers and communities: regarding our staff, we feature sustainability in our employee communications, and offer all employees paid volunteering time which can be used to support sustainability activities, such as beach cleans and climate hackathons.

  Covid-19 recovery

  Employment, re-training and other opportunities: In the high-growth Digital sector, Sopra Steria is continually developing the skills of our workforce, including via upskilling and reskilling initiatives, e.g. via a new Career Coach, or by extending our apprenticeship programme.Through our ‘Tech for Good’ programme, and the various Social Value programmes we design and deliver for our customers, we focus on jobs and skills for disadvantaged and under-represented groups, including those disproportionately affected by Covid. ; ; People and communities: Our ‘Tech for Good’ programme is designed to provide people, small businesses and VCSEs with skills they need to thrive and is focused on those from disadvantaged or under-represented communities. Since the beginning of the pandemic, we have transitioned to a hybrid-virtual programme to ensure continued accessibility. For example, we worked with ELATT, a digital skills charity, to create hybrid learning, ensuring those who were shielding or otherwise unable to access classroom learning, as well as those who most needed to be in a classroom to support their learning, could still participate. ; ; Organisations and businesses: In the first year of the pandemic, we ran free training courses for charities and SME’s – offering Microsoft Teams training and modules on cyber security and resilience. We continue to offer pro-bono consulting for charities to help them use technology to better serve their communities. ; ; Physical and mental health needs: Since the pandemic, we have put in place measures to prevent and manage risks to employee wellbeing – including the wellbeing of contracted staff – together with appropriate training and individual support, and initiatives to raise awareness of mental health issues at work. We have also trained ca. 60 Mental Health First Aiders. ; ; Workplace conditions: All our office locations have strict Covid safety protocols, with considerations for cleaning, ventilation, and occupancy.

Pricing

• Price: £1,100 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at soprasteria-gcloud@soprasteria.com. Tell them what format you need. It will help if you say what assistive technology you use.