SCOPE OF SERVICES:
The evolution of accessing emergency services beyond voice 9-1-1 calls has led to New York City recognizing that its current E9-1-1 system is no longer able to support the needs of the future. A Next Generation 9-1-1 (NG9-1-1) network is needed to provide the highest level of service to the people of New York. In addition to voice communications, the NG9-1-1 system will support text messages, images, and video, providing more emergency communications alternatives. With the transition to NG9-1-1, new cybersecurityrisks emerge. We are seeking experts familiar with National Emergency Number Association (NENA) and National Institute of Standards and Technology (NIST) security standards in VoIP, Telephony and Next Generation 911 (NG9-1-1) cybersecurity to help review, advise and design security solutions for New York?s NG9-1-1 system. The ideal candidate will be responsible for advising on the security and risk of all manners of technology related to NG9-1-1 and VoIP telephone solutions, while keeping in up to date with the NENA, NG9-1-1 and telephony cybersecurity.
This position is best suited to those individuals who can perform research, develop risk and threat models, evaluate work of supporting suppliers; develop new security policies and standards and evaluate solutions to and ensure compliance by various suppliers in their proposed solutions; analyze City requirements for advanced services and products and coordinate with Agency partners to create appropriate solutions. The role will require that candidates be able to collaborate with internal staff and suppliers and develop solution security integration, deployment and operational strategies.
- Responsible for the planning, and designing of security controls, standards, policies, and procedures to safeguard the availability, integrity and confidentiality to NG9-1-1 systems, including network, server, software and other components.
- Assisting Public Safety Answering Center (PSAC) management staff in setting security policies for NG9-1-1.
- Responsible for keeping up to date with changing security and NG9-1-1technologies and providing recommendations for using new security solutions.
- Identifying potential areas where existing security policies and procedures require change, or where new ones need to be developed.
- Preparing reports, documentation, policies, standards, and procedures.
- Providing management with risk assessments and security briefings to advise them of critical issues that may affect the PSAC, or City security objectives.
- Performing security assessments and securityaudits.
- Reviewing and analyzing security alerts and vulnerability notices from vendors and othersecurity and threat intelligence sources.
- Must work withother staff to engineer projects, identify new products and solutions, and research solutions.
- Must be able to communicate with Agency staff as required: keeping them informed of security issues, notifying them of impending threats, and being available for other staff to advise on remediation strategies.
- Must have experience with designing, implementing, administering and supporting networkinfrastructure and information security; monitoring and analyzing the performance of networks and taking the necessary actions accordingly.
- Drafting security policies as they relate to security for all PSAC components.
- Responsible for appropriately classifying assets and helping the PSAC establish the necessary level of protection by judging the value of the information resource and assigning the proper classification level according to guidelines.
- Assisting in identifying and communicating security exposures, information security incidents, or noncompliance situations to the infrastructure and security management manager.
- Perform other duties as assigned.
- Bachelor's degree in Computer or ElectricalEngineering or a related field and at least 12years of relevant experience including Systems, Telecom, or Network Administration or related experience.
- Must be able to perform the majority of the work independently while also working closely with various City departments and agencies.
- Must be proficient in cybersecurity.
- Security controls development experience for NG9-1-1, VOIP services, and Emergency Services IP networks (ESInet) or related systems.
- Experience with any of the following NG911 solutions: Avaya, Cassidian Communications, Digital Data Technologies, GeoComm, RedSky Technologies, Solacom, TeleCommunication Systems and 911 Datamaster, or other related solutions.
- Experience with VOIP solutions.
- Cybersecurityrisk and threat modeling.
- Familiarity with E911 services and experience in Public Safety Answering Point (PSAP) environments is highly desirable.
- Possession of CISSP or equivalent related certifications.