- Leveraging previous database administrator experience this position will be focused on applying that experience to : author database security policies, standards and strategies, manage database security projects and report on issues, risks and status, participate in the implementation of security tools designed for database security, define non-compliance reporting, analyze reports , configuration and other data, develop operational controls to remediate non-compliance.
- Bachelor’s degree or higher in Information Management, Computer Science Engineering or related subject.
- Must have experience in identity and access management, infrastructure technology, database security, security event logging or some combination thereof.
- Must have exemplary written and verbal skills.
- Must have experience in conducting research, interpreting policies and standards, gathering information from other SMEs, and driving an improved security posture for databases.
- Experience working as a Database Administrator, where the majority of time was spent building and securing access to and data in the databases.
- Excellent analytical skills with a demonstrated ability to understand and document complex business, technology and security requirements.
- Understanding of the full development project lifecycle and a project lifecycle methodology.
- Experience planning, documenting scope and estimating work effort, producing quality deliverables on time and budget.
- Reports to an IT Risk Information Security Manager.
- Frequently advises Manager and Director of deliverable status, issues, risks, and provides recommendations to overcome obstacles.
- Frequently advises Director on best practices to secure databases.
- Will be involved in various phases of project and delivery lifecycle for security.
- Authors requirements and works w/ the delivery team to design and deliver security solutions in accordance w/ the requirements.
- Assist in developing, implementing and monitoring compliance to policies, standards and procedures, and other policies and standards as appropriate.
- Enforce security policies by administering and monitoring profiles, reviewing violation reports and investigating possible exceptions; document controls.
- Prepare status reports on security or other risk matters to help develop risk analysis scenarios and response procedures.
- Track, monitor and report on compliance initiatives.
- Author and/or consult on controls, processes, and procedures.
- Facilitate meetings to gather information, document process changes, or ensure remediation actions are taken.
- Maintain internal documentation library, ensuring that process and other documentation is regularly updated to reflect latest operational processes and requirements.
- Provide root cause analysis assistance for incident management or post-implementation efforts.
- Provide analytical support as needed for issue management, operational risk assessments, and reporting.
- Participate in the evaluation of products and/or procedures to reduce risk, improve security posture, enhance productivity and effectiveness.
- Support the analysis of underlying trends and action plans associated with IAM security.
- Prepare materials (reports, presentations, spreadsheets, etc) to enable informed decision making; verify completeness, accuracy and relevance of data gathered.
- Utilize tools and documented processes to ensure consistency and optimization of risk management processes; work in support of efforts to measure and improve risk management processes.
- Maintain records to allow for historical trending analysis.