Tenders are invited for IT Security Enhancement Closing Date: Friday, 03. Jul 2026 Intervention Sector(s): Science & Technology Remuneration range: 4000 to 5000 (USD) Duration of Contract: 1 month Al Majmoua is seeking a qualified IT security consultant or firm to enhance its IT infrastructure security. This initiative is part of the "DAEM" project funded by the Embassy of Denmark under the RDPP III initiative and supports Al Majmouas strategic transition into a fully licensed financial institution complying with Banque du Liban (BDL), ISO 27001, and PCI-DSS standards. The consultancy involves two main components: implementing network segmentation (VLAN) on its existing flat physical network and deploying Azure-native Web Application Firewalls (WAF) for its cloud-hosted applications.The scope of work is divided into two major security projects: Project 1: Network Segmentation via VLAN Implementation Objective: Segment the flat network into logically isolated VLANs per department and functional zone (5 internal departments and 1 isolated guest Wi-Fi network). Tasks: Conduct network assessment/VLAN design, configure trunk and access ports across 5 HP Layer 2+ managed switches, update firewall policies to restrict inter-VLAN movement, execute connectivity testing, and provide network diagrams/backups to the internal IT team. Project 2: Azure Web Application Firewall (WAF) Implementation Objective: Secure 5 web applications hosted on Microsoft Azure (including the Main MIS, Corporate Website, and various APIs). Tasks: Design the WAF architecture (Standard/Premium tiers using Application Gateway or Azure Front Door), provision and configure OWASP Core Rule Sets (CRS 3.x) in prevention mode, establish custom traffic rules (rate-limiting, geo-filtering, etc.), integrate with Azure Monitor/Log Analytics, and perform false-positive tuning. Both projects require comprehensive as-built documentation, technical testing reports, and a final operational knowledge transfer session (minimum 2 hours) with Al Majmouas IT staff. How to apply Proposals from consultants or firms that do not meet all mandatory requirements will be disqualified. Minimum 3 years of demonstrated experience in enterprise network security engagements. Proven experience implementing VLAN segmentation on HP managed switches (Layer 2+). Hands-on experience configuring and managing Azure Application Gateway WAF or Azure Front Door WAF. At least one relevant Microsoft Azure certification (e.g., AZ-900, AZ-500, AZ-700, or equivalent). Evidence of at least 2 completed projects of similar nature (references or case studies required). Preferred Qualifications CCNA, CCNP, CompTIA Security+, or equivalent network security certifications. Experience working with financial institutions or organizations operating under regulatory compliance frameworks (ISO 27001, PCI-DSS, BDL circulars). Familiarity with IIS-hosted application architectures and API gateway configurations. Prior work in the Lebanese market and understanding of local operational constraints. Application Process Interested candidates should submit the following: A brief cover letter explaining their interest and qualifications for the role. Company profile and relevant certifications. Detailed Technical proposed approach (methodology, tools, work plan). Work plan with timelines. Financial proposal (itemized costs) Registration Fiscal number. Please fill the table attached in the TOR taking into consideration all points related to the application process and send to
[email protected] your technical and financial offer by COB Friday the 3rd of July 2025 You can address questions for clarifications at the following email address
[email protected] until the 26th of June 2026. Tender Link : https://daleel-madani.org/civil-society-directory/lebanese-association-development-al-majmoua/calls/it-security-enhancement
