Database Security Engineer Lead, Vice President
MUFG
- Tampa, FL
- $145,000-176,000 per year
- Permanent
- Full-time
- Designing, developing, testing, documenting, monitoring, and implementing information and database security solutions to enforce security strategies and support to new/existing systems in accordance with policies, standards, guidelines and procedures.
- Serve as a trusted partner to business, operations, development, risk and compliance teams providing database security subject matter expert (SME) guidance and analysis.
- Managing a database activity monitoring (DAM) platform for security and audit compliance, including policy creation, event and trend analysis, performance monitoring and infrastructure maintenance.
- Developing and maintaining database security standards, guidelines and procedures for hardening database configurations, users and roles, profiles, etc.
- Refining and enhancing existing controls, policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of data.
- Evaluating updates to new/existing database security controls by determining the strengths/weaknesses and coordinate the testing and implementation of the new/enhanced controls with all business partners that are affected.
- Identifying weak links in information security products and determine how to mitigate the control deficiencies.
- Enhancing preventive systems used to stop and/or deter security breaches.
- Evaluating database security patches from vendors and assesses potential risk and work with stakeholders to address vulnerabilities.
- Respond to security Incidents and assist with Tier-1 and Tier-2 incident investigations.
- Performing root cause analysis of security violations to determine if they are the result of misconfiguration or malfunction or if they are malicious, and taking appropriate action depending on circumstances.
- Serve as technical lead on projects within area of responsibility.
- Working with database custodians at different levels of the organization to understand their respective security needs and assist with implementing practices and procedures consistent with the bank information security policy.
- Working with internal and external auditors to demonstrate and provide evidence of security controls are adherence to regulatory compliance.
- Executing and enhancing monitoring systems used to detect and report security violations.
- Identify weak links in information security products and determine how to mitigate the control deficiencies.
- Maintain familiarity with industry trends and current security practices.
- Demonstrate ability to manage complex projects in an effective manner. This includes the ability to prepare detailed task plans outlining all requirements to complete the given assignment.
- Evaluate business process and application software, which effect the integrity, functionality, and reliability of the Bank's network and systems.
- Degree or equivalent work experience equally preferable
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or Related Fields or relevant industry certifications and comparable experience
- Master’s Degree (preferred)
- 5-7+ years of technical experience in cybersecurity, insider threat, incident response, security operations, or related information security field
- Experience in the banking or finance industries preferred
- Database security, monitoring and protection
- Database activity monitoring platforms such as Imperva Data Security and Data Risk Analytics (DRA) and Imperva Data Security Fabric (DSF / Sonar)
- Imperva Data Security Specialist (IDSS) certification strongly preferred
- In-depth working knowledge of databases and database technologies
- Familiarity with AWS technologies and methods including RDS (Relational Database Service)
- Data protection especially with regard to cybersecurity tools and methods
- Database Firewall, Data Classification
- Vulnerability detection and mitigation
- Cybersecurity experience in regulated banking or financial environment
- Penetration testing and attack forensics
- IS audit
- GRC Tools & Processes
- Ability to understand security risks and controls, to analyze various methods of controlling information security problems, determine the strengths and weaknesses of each method and implement the best cost-justified solution.
- Advanced experience with DAM, SIEM, UEBA and related tools.
- Detailed knowledge of major database platforms such as Oracle, SQLSERVER, MySQL, etc.
- Working knowledge of at least two or more operating systems and corresponding security systems (Linux, Unix, Windows, etc.)
- Proficient with development of documentation, presentations and architecture diagrams.
- Working knowledge of regulatory requirements affecting data integrity, protection and monitoring, such as GLBA, SOX, PCI, etc.
- These certification are a plus - Imperva Database Security Specialist (IDSS),Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), Certified in Governance, Risk and Compliance (CGRC), formerly Certified Authorization Professional [CAP], Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)