Database Security Engineer
Access Talent Today, LLC
- Irvine, CA
The Database Security Engineer executes routine information security operations activities related to deploying, monitoring, analyzing, improving, troubleshooting a secure database environment. With guidance from management and senior staff, supports the implementation of appropriate application and data security procedures and products. Assists senior staff in the evaluation, development, implementation and operational aspects of security standards, procedures and guidelines for multiple platforms and diverse systems environments.
This job will liaise with various teams, and therefore requires a strong communicator.
- Assist in the review, monitoring and/or auditing ofapplicable daily Security Log Activity and Events. Take action as necessary; escalate to senior staff if required. Logs include, but are not limited to the following:
- Vulnerability Scans – Kubernetes/Containers
- Vulnerability Scans – Database
- Vulnerability Scans – PCI ASV
- Active Directory Changes
- User Activity
- Netflow Analytics
- Firewall and ACL Changes
- DAST Scan Results (e.g. Acunetix, Burp Suite, Nessus, etc)
- Group Policy Changes
- Where needed, update or create standards for secure database architectures and access mechanisms
- Manage remediation of any findings from internal or external assessments
- Support our compliance programs (such as PCI) by helping implementing and documenting controls, examining evidence for compliance to standards.
- Conduct Threat Modeling / Risk Assessments in accordance with policies and Standards, document, and work with business units to remedy findings.
Knowledge, Skills and Abilities:
- Possess an understanding of PCI Compliance and EU GDPR Requirements
- Familiar with SQL Server Administration and Queries
- Knowledge of common scripting languages (e.g. PowerShell, Python, T-SQL etc.)and/or the ability to learn is required.
- Provide support for strategic business process/reengineering consulting as appropriate and work on multiple technically complex high profile projects.
- Demonstrate an understanding of key IT operational policies, processes and methodologies applicable to governance, risk management and compliance.
- General understanding of security fundamentals (cryptography, least privilege, segregation of duties,…) and general security technologies, including operating systems, network security (firewalls, VPNs, etc.), security event management, business continuity, physical security, identity management, directory services, etc.
- Knowledge of Active Directory, DDNS, Group Policy, Microsoft Windows Server and Desktop operating systems
- Strong work ethic, including consistent documentation
- Ability to work in fast paced, rapidly changing environment and a strong desire to learn
- Experience with cloud, systems and network security
- Experience with various tooling in the Database Security space
- Experience identifying, assessing, and remediating technical security vulnerabilities
- Knowledge of IT/Information Security Audit and assessment.
- Knowledge of PCI DSS and EU GDPR
- Knowledge researching, analyzing and recommending information security solutions
- Knowledge of, experience in Key Management Administration for encryption keys and secrets
- A working knowledge of information security practices and concepts including intrusion detection/ prevention, access controls, risk analysis, vulnerability scanning, and data encryption
- Strong organizational, excellent written, verbal and interpersonal communication skills are needed to work effectively with a wide variety of staff, outside consultants and vendors.
- Generally requires 3-5 years experience in information systems as a system administrator, database administrator, or network administrator with at least two of those with direct information security duties
- Bachelor’s Degree in Information Technology, Information Security, Computer Science, or related field required.
- Advanced industry certification strongly desired, e.g. SANS GIAC, CompTIA Security+, CISSP, CISM
Wednesday, August 8, 2018