Senior Information Security Analyst

Mightyworks       |    Location:FL       |    Country:United States Of America

<p>&nbsp;</p> <p>This position is a key member of the Cyber Security Threat Management team responsible for the engineering, implementation, configuration, tuning and maintenance of database compliance, integrity and activity monitoring of core business database management systems. The role will focus on systems and tools associated with database activity security monitoring, event correlation, vulnerability scanning and configuration compliance. Candidates will be responsible to support existing enterprise database activity monitoring solutions and optimize deployment and operations. Specific deliverables will support the implementation of IBM Guardium Database Activity Monitoring, Vulnerability Assessor and Configuration Auditing System components and should have experience with core DBMS technologies including, but not limited to Oracle, IBM DB2 LUW, Microsoft SQL, Mongo, and Hadoop.</p> <p>&nbsp;</p> <p>1. Performs installation, testing, monitoring, configuration, migration, maintenance and troubleshooting of assigned technology</p> <p>2. Manages system/application environment and ongoing operations</p> <p>3. Proactively monitors and reports performance and utilization of assigned technologies</p> <p>4. Troubleshoots software and/or hardware issues/failures</p> <p>5. Performs solution design architecting, capacity planning, and configuration/deployment of GIM, S-TAP.</p> <p>6. Creates and publishes audit reports and risk/performance metrics. Ability to understand and report on current state of deployment architecture, assets, and databases within defined categories/types, business or security framework alignments.</p> <p>7. Technical experience with design and configuration of tool-based automation and workflow features, as well as enabling integration to other SIEM, inventory and/or ticketing systems such as Splunk and Remedy.</p> <p>8. Understanding of industry security logging standards and best practices</p> <p>9. Resolves alerts and performs remediation activities</p> <p>10. Manages problem or escalated tickets and tasks and out of cycle requests from systems/software owners</p> <p>11. Collects and presents data for reporting and planning</p> <p>12. Assists with developing tactical strategies, processes and procedures related to systems/application administration</p> <p>13. Collaborates with IT and business area partners on workgroups and initiatives</p> <p>14. Assist in the identification of alternative configurations and approaches to enable business needs</p> <p>15. Serves as a liaison with IT and business area partners to identify, understand, document and advise on security requirements, impacts and risks.</p> <p>16. Develops and maintains documentation for security systems, procedures and security diagrams</p> <p>17. Analyzes propose and implement solutions concerning residual risk, vulnerabilities and other security exposures.</p> <p>18. Participates on assigned projects, ensuring that security best practices and requirements are considered and addressed.</p> <p>19. Participates in initiatives to identify, select and implement technical controls</p> <p>20. Develops information security processes, policies and procedures.</p> <p>21. Advises on service level agreements and works to ensure that security controls are managed and maintained.</p> <p>22. Other duties as assigned</p> <p>&nbsp;</p> <p><strong>Must have:</strong></p> <ul> <li>IBM Guardium implementation and operations experience</li> <li>Strongly preferred:</li> <li>RHEL Linux experience</li> <li>IBM AIX experience</li> <li>IaaS, PaaS, SaaS understanding</li> <li>Microservices experience (Kubernetes, Docker, etc.)</li> <li>Software Development Lifecycle: Waterfall and Agile</li> </ul> <p>&nbsp;</p> <p><strong>Additional Requirements:</strong></p> <p>&bull; 2-4 years of experience in Systems and Information Security administration with at least 1-2 years of professional experience related to Database compliance and Security Monitoring</p> <p>&bull; More than 2 years&rsquo; experience with the IBM Guardium implementations</p> <p>&bull; Working knowledge of core database platforms: Oracle, Microsoft SQL Server, IBM DB2/LUW, Mongo, Hadoop, and PostgreSQL</p> <p>&bull; Experience integrating security capabilities with ITSM; preferably BMC Remedy integration experience</p> <p>&bull; Experience with log management and enterprise log management implementations</p> <p>&bull; Understanding of how to secure next-generation data centre solutions (e.g. PaaS, SaaS or IaaS).</p> <p>&bull; Demonstrate a working knowledge of multiple technologies and their interfaces and integration</p> <p>&bull; Extensive experience implementing and administering/managing technical solutions in major, large-scale system implementations</p> <p>&bull; Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management</p> <p>&bull; Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.</p> <p>&bull; Experience developing, documenting and maintaining security procedures.</p> <p>&bull; Knowledge of operating systems and security applications, as well as a working knowle