FDNY Security Engineer

Job Title: NG911- FDNY Security Engineer

Location: Brooklyn, NY

Job Type: Contract

Responsibilities:

• Participate in the implementation of security controls in a Public Safety ESINET and NENA compliant NG911 system.
• Ensure the National Emergency Number Association (NENA) and Association of Public Safety Communication Officials (APCO) standards are being met during the implementation of NG911.
• Ensure the security controls are adequate for all Public Safety Answering points (PSAPs) in the commission of the 911 program at PSAP.
• Develop security configuration of the ESINET Network Technology.
• Manage test cases and identify risks associated with system integrations.
• Provide security best practices in PSAPs as well as review all vendor designs ensuring compliance with security standards and governance models established by the City of New York.
• Detect, manage, and investigate security monitoring tools.
• Provide expertise in integration and engineering of Security platforms.
• Manage test cases and identify risks associated with system integrations
• Work with vendors to integrate security platforms into Public Safety infrastructure
• Architect security controls.
• Assess Active Directory security roles and policies
• Configure IDS/IPS security policies
• Troubleshoot level 3 security related issues.
• Configure security policies in DNS
• Examine current firewall policies and ensure completeness and accuracy Lead resolution of security incidents

MANDATORY SKILLS/EXPERIENCE:

Note: Candidates who do not have the mandatory skills will not be considered

• Minimum of 12 years Security Engineering experience MWBE Professional IT Services
• Strong network security experience
• Strong project management experience
• Must be able to lead projects
• Any compliance experience, specifically HIPAA, is highly desirable
• Bachelor's degree in computer science, information technology or related field.
• Should be able to utilize security frameworks like NIST and MITRE.
• Strong knowledge of security management tools to facilitate troubleshooting, i.e. Wireshark, Net brain, Extra hop, Net witness
• Strong Identity and Access Management background
• Experience with configuring DNS
• Strong experience in performing security risk assessments
• Understanding of the various VPN technologies
• Knowledge of resilient designs to ensure high availability
• Knowledge of IPS/IDS design as standalone hardware or as a feature within firewalls
• Ability to create reports using KRI and KPI
• Experience with Next Generation Firewalls including Palo alto, Fortinet, Forcepoint, etc.
• Work with vendors, carriers, and other technical groups to implement new security controls and troubleshoot existing controls

Desired Skills:

• Understanding of SIP security design and implementation for Voice/Video and Data.
  • Understanding for firewall policies and application security
  • Experience in auditing/assessing data network security design.

Experience in auditing/assessing applications security design.