Senior Cloud and Cyber Security Architect

Cal OES • Sacramento, CA, US • 1d ago

STATE OF CALIFORNIA -Office of Emergency Services

NOTE: THIS IS A BID OPPORTUNITY!!

INTRODUCTION

On behalf of the California Governor's Office of Emergency Services (Cal OES), this solicitation is being conducted under the authority of the California Department of Technology (CDT) pursuant to Public Contract Code (PCC) §6611 et seq. which provides the authority to use a negotiation process when the State's business need or the purpose of the procurement or contract is known, but negotiation is necessary to ensure the State is receiving the best value or the most cost-efficient goods, services, information technology, and telecommunications.

The purpose of this Request for Quotation (hereafter referred to as “solicitation”) is to obtain a Contractor to provide two (2) qualified consultant resources for the NG 9-1-1 network, NG 9-1-1 CPE, 988 Network, and 988 CRM, CPE, and MDS Cybersecurity Assessments. The NG 9-1-1 network will connect to all 443 Public Safety Answering Points (PSAPs) in California and that will interconnect the four (4) Regions and the Prime network service providers.

The 988 network will connect to twelve (12) Lifeline Crisis Centers (LCCs) which will each have a connection into the NG 9-1-1 network. The NG 9-1-1 CPE is cloud and data center based. Vendors in this space use transport from the NG 9-1-1 network to deliver 9-1-1 calls. The Data Centers and cloud based infrastructure of these CPE providers will need assessing and testing. The 988 CPE, CRM, and MDS are similar in architecture to NG9-1-1 CPE and will require similar assessment and testing.

The Contractor shall complete information and data gathering on these networks and peripherals, and shall complete a cybersecurity vulnerability assessment of services designated by Cal OES.

Contractor is expected to perform penetration tests, as well as network vulnerability/risk assessments on all NG 9-1-1 and 988 related infrastructure, including Next Gen Cloud Based 9-1-1 Call Processing Equipment (NG 9-1-1 CPE), the NG 9-1-1 network, and the 988 network as well as the 988 hardware/ software suite (Call Processing Equipment (CPE), Customer Resource Management software (CRM), and Mobile Dispatch Software (MDS) in California. The contractor shall provide regular reports to the CA 9-1-1 Branch, with detailed information regarding the health and stability of these three components.

Cal OES requires a statewide cybersecurity assessment of the 988 network, CPE, CRM, and MDS. Cal OES has begun the buildout of the 988 network using one (1) contract to provide a NENA i3 V2 compliant system for California. The Contractor shall complete an evaluation of the disaster recovery and cyber- related vulnerability / risk assessment to ensure the 988 network, CPE, CRM, and MDS systems possess the highest degree of resiliency, reliability, redundancy, and serviceability.

TERM OF CONTRACT

The term of this Contract will be two (2) years, with an estimated start date of January 8, 2025. The State, at its sole discretion, may exercise the options to execute two (2) - one (1) year extension.

Location and Availability

Contractor work shall be performed within the Contractor's own offices, remotely, and/or within the Cal OES 9-1-1 Branch computer lab as needed and as requested by Cal OES. In addition to this in-person work in the 9-1-1 Branch computer lab in Sacramento, there will be a minimum of one (1) required in- person leadership meeting with Cal OES in Sacramento, California per year that the contract is active. The State will provide a set of collaboration tools to facilitate remote development. Contractor staff shall be based in the United States and remote work is not guaranteed. For the required meetings, and in the event onsite services are required, the State will provide five at least (5) business days advance notice to the Contractor to participate in meetings and/or perform work at the address below.

California Governor’s Office of Emergency Services Public Safety Communications

CA 9-1-1 Branch

601 Sequoia Pacific Blvd., MS 9-1-1

Sacramento, CA 95811

Normal hours of access are Monday through Friday, 7:00 a.m. to 5:00 p.m. Pacific Time (PT), excluding State holidays.

Anticipated Start Date: January 8th 2025

STAFF QUALIFICATIONS

Mandatory Qualifications:

Candidate(s) must have a minimum of two (2) years’ experience within the past three (3) years performing cloud development, security architecture, and operational services for the US Federal Government, a State, or a large commercial entity (Fortune 1000). This experience must be with either Amazon Web Services (AWS) or Microsoft Azure services and must include configuration definition, compliance assurance, security monitoring strategy and implementation, high availability implementation, disaster recovery strategy and implementation, and complex cloud network environments.

Candidate(s) must have two (2) years’ experience in SecDevOps environments and maintaining security in Continuous Integration and Continuous Deployment (CI/CD) processes.

Candidate(s) must have two (2) years’ experience with Next Generation 9-1-1 technology.

Candidate(s) must have five (5) years or more in enterprise level cyber security as a security architect and/or security engineer and/or security analyst.

Two (2) or more years’ experience providing cybersecurity services to the State of California.

A valid Certified Cloud Security Professional (CCSP) certification OR certifications, both as an AWS Professional and a Microsoft Certified Solutions Expert.