Job Description

Database Security Engineer

The mission of the EGSO SAE organization s  Database Activity Monitoring
(DAM) team is to monitor sensitive data, safeguarding against negative
impacting cyber events that compromise the Confidentiality, Integrity, and
Availability of that data.

The EGSO DAM Team performs the following key functions:

Identify Sensitive Data and Protection of that sensitive data through
suitable logging and monitoring methods. Perform Control Engineering of security tools to detect, monitor and protect
sensitive data against potential malicious activity. Ensuring Security Compliance against regulations enforced by respective
governments. Identify restricted data (PII, PCI and PHI) in structured and unstructured
data both On-Prem and cloud platforms. The focus for the role will be on Data identification and Monitoring both in
cloud and on-premises data repositories.

The Senior Data Security Engineer develops roadmaps and sets the technical
direction for data protection service areas such as database activity
monitoring On-Prem and in Cloud (AWS, AZURE ,GCP and OCI).  This engineer
will establish the tactical roadmap (aligned to the tower strategy) that is
focused on the implementation of future state security controls following these
guiding principles: Agile, Available, Simple to implement, and Automated.

The Data Security Engineer is responsible for the build-out of the data
security controls and for planning to ensure health and data protection is
maintained at the highest levels. This role is the escalation point for Data
Protection technical gaps and provides change governance.

Data Security Engineer Functions

Provide SME expertise on security tool capabilities and configuration
adjustments, when needed, to implement controls such as: Identify restricted
Data, implement database monitoring, Perform Active Threat Analytics, Database
misconfiguration and Database Entitlement reporting as well as during security
incidents or block future security attacks

Collaborate with the Manager to identify capability gaps and operational
inconsistencies within the Data Protection controls environment and develop a
plan to address through product enhancement, reconfiguration, upgrades and/or
automation of processes

Build, manage, and maintain the automated reporting dashboards system

Provide on-call support

Collaborate with Customers and other technology teams to ensure operational
requests and incidents are resolved within defined SLAs

Leverage tooling to monitor and optimize the performance of the wider data
protection operations team

Analyze, troubleshoot, and resolve complex technical Data Protection control
issues working with vendor and internal teams

Build, manage, and maintain the intake process for requests on service now or
a suitable tool.

Examine concepts, work on Proof of Concepts, develop Minimum Viable Product
and scale and operationalize the product including documentation and process
development,

Data Security Engineer Responsibilities

TIMELY COMPLETION OF WORK:

Establish a baseline plan and corresponding execution roadmaps.

Refresh and re-publish tactical Plan for advanced data protection controls

Report progress against roadmap every month

Refresh Data Protection roadmap/s quarterly

Define plan and roadmap for dashboard automation and service now intake
process and report weekly progress against plan

QUALITY OF WORK:

Ensure Technical and Process documentation is 100% current all the time (all
changes thoroughly documented)

Ensure new builds/integrations/agent implementation follow operational
readiness processes, are fully documented, health/performance KPIs are defined
and in place, and monitoring and ing is in place before promoting to
production

Provide change governance

FOLLOW PROCESS:

Publish build documentation for the Relevant Data Protection controls on the
EGSO WiKi

EFFECTIVE COMMUNICATION:

Maintain objective progress documentation.

Documentation - documentation of business cases, POCs, Procedures, results of
POCs, Test cases, integration guides and relevant runbooks to operationalize
database activity monitoring and data discovery.
Skill Requirements

Must have:

BS in Science and technology or Engineering or Equivalent 5+ years of job
experience in IT and at least 3+ years in security

Database administration skill of 2+ years or Demonstrated knowledge by
industry recognized certifying authority

Strong communication skills

In-depth knowledge of various operation systems On-Premise: Windows,
Linux/Unix , Mainframe and shell scripts

Experience working with cloud platforms like AWS, Oracle, Azure , Google

Experience with Data activity monitoring tools like IBM Guardium, Imperva,
SecuPi ,Datiphy

Knowledge of Network technologies

Knowledge of SIEM tools and Dashboard creation tools like PowerBI

Preferable:

Certified in DAM tools and security certifications like CISSP,CISM and CCSP