This position is a key member of the Cyber Security Threat Management team responsible for the engineering, implementation, configuration, tuning and maintenance of database compliance, integrity and activity monitoring of core business database management systems.
The role will focus on systems and tools associated with database activity security monitoring, event correlation, vulnerability scanning and configuration compliance.
Candidates will be responsible to support existing enterprise database activity monitoring solutions and optimize deployment and operations.
Specific deliverables will support implementation of IBM Guardium Database Activity Monitoring, Vulnerability Assessor and Configuration Auditing System components and should have experience with core DBMS technologies including, but not limited to Oracle, IBM DB2 LUW, Microsoft SQL, Mongo, and Hadoop.
- Performs installation, testing, monitoring, configuration, migration, maintenance and troubleshooting of assigned technology
- Manages system/application environment and ongoing operations
- Proactively monitors and reports performance and utilization of assigned technologies
- Troubleshoots software and/or hardware issues/failures
- Performs solution design architecting, capacity planning, and configuration/deployment of GIM, S-TAP.
- Creates and publishes audit reports and risk/performance metrics. Ability to understand and report on current state of deployment architecture, assets, and databases within defined categories/types, business or security framework alignments.
- Technical experience with design and configuration of tool-based automation and workflow features, as well enabling integration to other SIEM, inventory and/or ticketing systems such as Splunk and Remedy.
- Understanding of industry security logging standards and best practices
- Resolves alerts and performs remediation activities
- Manages problem or escalated tickets and tasks and out of cycle requests from systems/software owners
- Collects and presents data for reporting and planning
- Assists with developing tactical strategies, processes and procedures related to systems/application administration
- Collaborates with IT and business area partners on work groups and initiatives
- Assist in identification of alternative configurations and approaches to enable business needs
- Serves as a liaison with IT and business area partners to identify, understand, document and advise on security requirements, impacts and risks.
- Develops and maintains documentation for security systems, procedures and security diagrams
- Analyzes, proposes and implements solutions concerning residual risk, vulnerabilities and other security exposures.
- Participates on assigned projects, ensuring that security best practices and requirements are considered and addressed.
- Participates in initiatives to identify, select and implement technical controls
- Develops information security processes, policies and procedures.
- Advises on service level agreements and works to ensure that security controls are managed and maintained.
- Other duties as assigned
Must have: IBM Guardium implementation and operations experience
Strongly preferred: RHEL Linux experience IBM AIX experience IaaS, PaaS, SaaS understanding Micro services experience (Kubernetes, Docker, etc.)
Software Development Lifecycle: Waterfall and Agile
- 2-4 years of experience in Systems and Information Security administration with at least 1-2 years professional experience related to Database compliance and Security Monitoring
- More than 2 year's experience with the IBM Guardium implementations
- Working knowledge of core database platforms: Oracle, Microsoft SQL Server, IBM DB2/LUW, Mongo, Hadoop, and PostgreSQL
- Experience integrating security capabilities with ITSM; preferably BMC Remedy integration experience
- Experience with log management and enterprise log management implementations
- Understanding of how to secure next-generation datacenter solutions (e.g. PaaS, SaaS or IaaS).
- Demonstrate a working knowledge of multiple technologies and their interfaces and integration
- Extensive experience implementing and administering/managing technical solutions in major, large-scale system implementations
- Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management
- Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.
- Experience developing, documenting and maintaining security procedures.
- Knowledge of operating systems and security applications, as well as a working knowledge of basic network protocols and tools.
- Ability to manage tasks independently and take ownership of responsibilities
- Ability to learn from mistakes and apply constructive feedback to improve performance
- Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
- Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
- Ability to adapt to a rapidly changing environment
- Critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy.
- Familiarity with PCI, HIPAA, NIST, HITRUST and other compliance frameworks
- Experience analyzing business requirements and translating them into technical solutions
- Industry standard Cyber Security Certifications: CompTIA Security+, CSANS GIAC Security Essentials (GSEC), Systems Security Certified Practitioner (ISC2 SSCP), ISACA Certified in Risk and Information Systems Control (CRISC)