Job Title: Database Security Architect - Dallas, TX preferable
Summary of Responsibilities:
The Database Security Analyst will ensure all NMG corporate databases comply with regulatory and industry mandates such as SOX, PCI, CIS benchmarks, and NMG’s published policies and standards. The role will primarily coordinate the database security vulnerability assessments and identify, prioritize, and mitigate the identified deficiencies. The analyst is also responsible for partnering with the business, IT, and security organizations to coordinate the implementation and automation of the security controls to achieve a higher database security posture within all NMG environments.
Essential Functions:
Database Vulnerability Assessment – Lead the configuration of the database vulnerability assessment tools and work with the Security Operations to conduct the assessments.
Mitigation of Security Vulnerabilities – Develop a mitigation plan for all identified vulnerabilities and coordinate with application, security, compliance, and database administration teams to successfully implement all fixes.
Database Standards Management – Review and modify existing database standards utilizing up-to-date database security best practices and regulatory requirements.
Data Discovery and Classification – Provide technical support in scanning the sensitive data on all in-scope databases.
Risk & Compliance – Act as database SME during all risk and compliance assessments. Evaluate all risks and audit findings, devise a mitigation plan, and validate the implementation per the requirements.
Requirements:
The ideal candidate will possess the following:
Bachelor’s degree in Information Security, Information Technology, Information Systems Management, Computer Science, Engineering, or related field(s).
10+ years of experience in Oracle database security and administration.
Candidates with database security and administration certifications will be preferred.
Technical Knowledge:
The candidates MUST possess a solid working knowledge of:
Database security, including accounts and access management features.
Identity and Access Management & Governance concepts and technologies such as Microfocus NetIQ (including IGA), Active Directory, Centrify, Entra, etc.
Database vulnerability management tools such as Oracle DBSAT and Rapid7 InsightVM.
Control frameworks and objectives (ex NIST CSF, NIST RMF, PCI-DSS, SOX, GDPR, CCPA, etc.)
Operating systems, databases, and middleware components.
Conducting compliance and risk assessments.
Management of IT and security projects.
Work Environment Characteristics:
Self-motivated and results-oriented, including the ability to prioritize conflicting demands.
Exceptional organizational skills to balance work and lead projects.
Strong verbal and written skills.
The candidate must be outgoing and service-oriented.
- The candidate must build consensus, collaborate, and build strong relationships with various internal and external stakeholders (business, development, security, etc.)
- Ability to adapt and apply information to new scenarios and technologies.