Posted in

Database Security Specialist Lead – Vice President

Database Security Specialist Lead – Vice President

CompanyMitsubishi UFG
LocationTampa, FL, USA, Tempe, AZ, USA
Salary$137000 – $176000
TypeFull-Time
DegreesBachelor’s, Master’s
Experience LevelSenior, Expert or higher

Requirements

  • Degree or equivalent work experience equally preferable
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or Related Fields or relevant industry certifications and comparable experience
  • Master’s Degree (preferred)
  • 5-7+ years of technical experience in cybersecurity, insider threat, incident response, security operations, or related information security field
  • Experience in the banking or finance industries preferred
  • Database security, monitoring and protection
  • Database activity monitoring platforms such as Imperva Data Security and Data Risk Analytics (DRA) and Imperva Data Security Fabric (DSF / Sonar)
  • Imperva Data Security Specialist (IDSS) certification strongly preferred
  • In-depth working knowledge of databases and database technologies
  • Familiarity with AWS technologies and methods including RDS (Relational Database Service)
  • Data protection especially with regard to cybersecurity tools and methods
  • Database Firewall, Data Classification
  • Vulnerability detection and mitigation
  • Cybersecurity experience in regulated banking or financial environment
  • Penetration testing and attack forensics
  • IS audit
  • GRC Tools & Processes
  • Ability to understand security risks and controls, to analyze various methods of controlling information security problems, determine the strengths and weaknesses of each method and implement the best cost-justified solution
  • Advanced experience with DAM, SIEM, UEBA and related tools
  • Detailed knowledge of major database platforms such as Oracle, SQLSERVER, MySQL, etc.
  • Working knowledge of at least two or more operating systems and corresponding security systems (Linux, Unix, Windows, etc.)
  • Proficient with development of documentation, presentations and architecture diagrams
  • Working knowledge of regulatory requirements affecting data integrity, protection and monitoring, such as GLBA, SOX, PCI, etc.

Responsibilities

  • Designing, developing, testing, documenting, monitoring, and implementing information and database security solutions to enforce security strategies and support to new/existing systems in accordance with policies, standards, guidelines and procedures
  • Serve as a trusted partner to business, operations, development, risk and compliance teams providing database security subject matter expert (SME) guidance and analysis
  • Managing a database activity monitoring (DAM) platform for security and audit compliance, including policy creation, event and trend analysis, performance monitoring and infrastructure maintenance
  • Developing and maintaining database security standards, guidelines and procedures for hardening database configurations, users and roles, profiles, etc.
  • Refining and enhancing existing controls, policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of data
  • Evaluating updates to new/existing database security controls by determining the strengths/weaknesses and coordinate the testing and implementation of the new/enhanced controls with all business partners that are affected
  • Identifying weak links in information security products and determine how to mitigate the control deficiencies
  • Enhancing preventive systems used to stop and/or deter security breaches
  • Evaluating database security patches from vendors and assesses potential risk and work with stakeholders to address vulnerabilities
  • Respond to security Incidents and assist with Tier-1 and Tier-2 incident investigations
  • Performing root cause analysis of security violations to determine if they are the result of misconfiguration or malfunction or if they are malicious, and taking appropriate action depending on circumstances
  • Serve as technical lead on projects within area of responsibility
  • Working with database custodians at different levels of the organization to understand their respective security needs and assist with implementing practices and procedures consistent with the bank information security policy
  • Working with internal and external auditors to demonstrate and provide evidence of security controls are adherence to regulatory compliance
  • Executing and enhancing monitoring systems used to detect and report security violations
  • Identify weak links in information security products and determine how to mitigate the control deficiencies
  • Maintain familiarity with industry trends and current security practices
  • Demonstrate ability to manage complex projects in an effective manner. This includes the ability to prepare detailed task plans outlining all requirements to complete the given assignment
  • Evaluate business process and application software, which effect the integrity, functionality, and reliability of the Bank’s network and systems.

Preferred Qualifications

  • These certification are a plus – Imperva Database Security Specialist (IDSS), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), Certified in Governance, Risk and Compliance (CGRC), formerly Certified Authorization Professional [CAP], Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)