Assignment Name: NG911 \- FDNY Security Engineer
Labor Category: SP3
Work Location: On Site 9 Metro Tech, Brooklyn, NY 11201
Scheduled Work Hours: Normal business hours Monday-Friday 35 hours/week (not including mandatory unpaid meal break after 6 hours of work).
Assignment Start: 3/18/2024 Assignment End: 3/14/2025
Total Estimated Assignment Hours: 1820 Hours (1 Year)
Job Description Justification: The NYC Office of Technology and Innovation has been tasked with recruiting a Specialist 3, NG911 - FDNY Security Engineer (Quantity 1).
• Participate in the implementation of security controls in a Public Safety ESINET and NENA compliant NG911 system.
• Ensure the National Emergency Number Association (NENA) and Association of Public Safety Communication Officials (APCO) standards are being met during the implementation of NG911.
• Ensure the security controls are adequate for all Public Safety Answering points (PSAPs) in the commission of the 911 program at PSAP.
• Develop security configuration of the ESINET Network Technology.
• Manage test cases and identify risks associated with system integrations.
• Provide security best practices in PSAPs as well as review all vendor designs ensuring compliance with security standards and governance models established by the City of New York.
• Detect, manage, and investigate security monitoring tools.
• Provide expertise in integration and engineering of Security platforms.
SCOPE OF SERVICES TASKS: NG911 - FDNY Security Engineer (Quantity 1)
• Participate in the implementation of security controls in a Public Safety ESINET and NENA compliant NG911 system.
• Ensure the security controls are adequate for all Public Safety Answering points (PSAPs) in the commission of the 911 program at PSAP.
• Develop security configurations.
• Establish security best practices as well as review all vendor designs ensuring compliance with security standards and governance models established by the City of New York.
• Provide expertise in integration and engineering of Security platforms.
• Manage test cases and identify risks associated with system integrations.
• Work with vendors to integrate security platforms into Public Safety infrastructure.
• Architect security controls.
• Assess Active Directory security roles and policies.
• Configure IDS/IPS security policies!
• Troubleshoot level 3 security related issues.
• Configure security policies in DNS!
• Examine current firewall policies and ensure completeness and accuracy, Lead resolution of security incidents
MANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will not be considered
• Minimum of 6 years Security Engineering experience
• Strong network security experience
• Strong project management experience
• Must be able to lead projects.
• Any compliance experience, specifically HIPAA, is highly desirable.
• Bachelor’s degree in computer science, information technology or related field.
• Should be able to utilize security frameworks like NIST and MITRE.
• Strong knowledge of security management tools to facilitate troubleshooting, i.e., Wireshark, Net brain, Extra hop, Net witness etc.
• Strong Identity and Access Management background
• Experience with configuring DNS.
• Strong experience in performing security risk assessments.
• Understanding of the various VPN technologies
• Knowledge of resilient designs to ensure high availability.
• Knowledge of IPS/IDS design as standalone hardware or as a feature within firewalls.
• Ability to create reports using KRI and KPI
• Experience with Next Generation Firewalls including Palo alto, Fortinet, Forcepoint, etc.
• Work with vendors, carriers, and other technical groups to implement new security controls and troubleshoot existing controls.
DESIRABLE SKILLS/EXPERIENCE:
• Understanding of SIP security design and implementation for Voice/Video and Data.
• Understanding for firewall policies and application security
• Experience in auditing/assessing data network security design. • Experience in auditing/assessing applications security design.