Cyber Security Database Compliance Specialist
Information Technology company
Information Technology company
Jacksonville, FL 32256
W-2 onlyContract5373 views
Jacksonville, FL 32256
Contract
This posting has been closed

Job Description:

This position is a key member of the Cyber Security Threat Management team responsible for the engineering, implementation, configuration, tuning and maintenance of database compliance, integrity and activity monitoring of core business database management systems. The role will focus on systems and tools associated with database activity security monitoring, event correlation, vulnerability scanning and configuration compliance. Candidates will be responsible to support existing enterprise database activity monitoring solutions and optimize deployment and operations. Specific deliverables will support implementation of IBM Guardium Database Activity Monitoring, Vulnerability Assessor and Configuration Auditing System components and should have experience with core DBMS technologies including, but not limited to Oracle, IBM DB2 LUW, Microsoft SQL, Mongo, and Hadoop.

Responsibilities:

  • Performs installation, testing, monitoring, configuration, migration, maintenance and troubleshooting of assigned technology.
  • Manages system application environment and ongoing operations.
  • Proactively monitors and reports performance and utilization of assigned technologies.
  • Troubleshoots software and or hardware issues failures.
  • Performs solution design architecting, capacity planning, and configuration deployment of GIM, S-TAP.
  • Creates and publishes audit reports and risk performance metrics.
  • Ability to understand and report on current state of deployment architecture, assets, and databases within defined categories types, business or security framework alignments.
  • Technical experience with design and configuration of tool-based automation and workflow features, as well enabling integration to other SIEM, inventory and or ticketing systems such as Splunk and Remedy.
  • Understanding of industry security logging standards and best practices.
  • Resolves alerts and performs remediation activities.
  • Manages problem or escalated tickets and tasks and out of cycle requests from systems software owners.
  • Collects and presents data for reporting and planning Assists with developing tactical strategies, processes and procedures related to systems application administration.
  • Collaborates with IT and business area partners on work groups and initiatives Assist in identification of alternative configurations and approaches to enable business needs.
  • Serves as a liaison with IT and business area partners to identify, understand, document and advise on security requirements, impacts and risks.
  • Develops and maintains documentation for security systems, procedures and security diagrams Analyzes, proposes and implements solutions concerning residual risk, vulnerabilities and other security exposures.
  • Participates on assigned projects, ensuring that security best practices and requirements are considered and addressed.
  • Participates in initiatives to identify, select and implement technical controls Develops information security processes, policies and procedures. Advises on service level agreements and works to ensure that security controls are managed and maintained.

Requirements:

  • IBM Guardium implementation and operations experience

Strongly preferred:

  • RHEL Linux experience
  • IBM AIX experience IaaS, PaaS, SaaS understanding
  • Microservices experience (Kubernetes, Docker, etc.)
  • Software Development Lifecycle Waterfall and Agile
  • 2+ years of experience in Systems and Information Security administration with at least 1-2 years professional experience related to Database compliance and Security Monitoring
  • More than 2 years' experience with the IBM Guardium implementations.
  • Working knowledge of core database platforms Oracle, Microsoft SQL Server, IBM DB2LUW, Mongo, Hadoop, and PostgreSQL.
  • Experience integrating security capabilities with ITSM preferably BMC Remedy integration experience Experience with log management and enterprise log management implementations.
  • Understanding of how to secure next-generation datacenter solutions (e.g. PaaS, SaaS or IaaS).
  • Demonstrate a working knowledge of multiple technologies and their interfaces and integration.
  • Extensive experience implementing and administering managing technical solutions in major, large-scale system implementations.
  • Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management.
  • Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.
  • Experience developing, documenting and maintaining security procedures. Knowledge of operating systems and security applications, as well as a working knowledge of basic network protocols and tools.
  • Ability to manage tasks independently and take ownership of responsibilities.
  • Ability to learn from mistakes and apply constructive feedback to improve performance.
  • Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
  • Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
  • Ability to adapt to a rapidly changing environment.
  • Critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy.
  • Familiarity with PCI, HIPAA, NIST, HITRUST and other compliance frameworks.
  • Preferred Experience analyzing business requirements and translating them into technical solutions.
Skills
Skill Proficiency Years Experience Percent Used
IBM Guardium
3 - 6100%
Cyber Security
Any75%
Information Security
Any75%
Security Admin
3 - 675%
Linux
Any50%
Risk Assessment
Any50%
Compliance
Any25%
DB2
Any25%
DB2 LUW
Any25%
HIPAA
Any25%
IAM
Any25%
NIST
Any25%
Oracle
Any25%
PCI
Any25%
PostgreSQL
Any25%
SIEM
Any25%
SQL
Any25%
SQL Server
Any25%
Vulnerability Managment
Any25%