Database Analyst Security

This role sits on our Data Security team and will need to have a firm understanding of corporate enterprise security frameworks and encryption methods. The ideal person is someone who has been a SQL DBA, and previous knowledge in supporting security practices w/I databases is perfect.

MySQL is a big plus

Previous experience running vulnerability scanners, intrusion detection software, and performing audits
Previous experience with database monitoring activity programs - responding to alerts on configured rules, performing CVE vulnerability checks, and database classification / content inspection.
Onsite, no less than 3 days/week, and up to 5 if required

The Database Security Analyst will play a crucial role in ensuring databases' integrity, confidentiality, and availability. Leveraging extensive experience in database administration and information security, the position will be responsible for monitoring, evaluating, and enhancing the security of our database systems. The Analyst will leverage our existing tools to monitor access/activity for anomalous behavior, verify sensitive data, and perform vulnerability and threat assessments.

Essential Duties & Responsibilities

• Collaborate with cross-functional teams to identify database security requirements and implement effective solutions.
• Monitor database systems for unauthorized access, unusual activities, or potential security breaches.
• Conduct regular audits to verify the accuracy and validity of sensitive data stored within the databases.
• Perform vulnerability assessments and penetration testing to identify and address potential weaknesses in the database infrastructure.
• Stay up to date with security threats, trends, and technologies, and proactively recommend enhancements.
• Develop and implement security policies, procedures, and best practices for database management.
• Respond promptly to security incidents, analyze root causes, and implement corrective actions to prevent future occurrences.
• Assist in designing and implementing access controls, encryption, and authentication mechanisms to protect sensitive data.
• Collaborate with the IT team to ensure database systems are patched and updated to mitigate known vulnerabilities.
• Provide training and guidance to junior team members and raise awareness about database security among staff members.

Qualifications

• Strong background in information security, including knowledge of security frameworks, encryption methods, and access control mechanisms.
• Experience with database security tools and technologies, such as intrusion detection systems, vulnerability scanners, and auditing tools.
• Excellent analytical and problem-solving skills, with the ability to think critically and make informed decisions under pressure.
• Strong communication skills to collaborate effectively with cross-functional teams and convey complex security concepts to non-technical stakeholders.

Education & Experience
Bachelor's degree in Computer Science, Information Security, or related field preferred, or equivalent work experience required
5+ years' of experience in database administration across various platforms (e.g. Oracle, SQL Server, MySQL, Aurora, Redshift)

Licenses & Credentials
Industry certifications like Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) are preferred

Systems & Technology
Experience with Oracle, SQL Server, MySQL, Aurora, and Redshift databases.
Proficiency in scripting languages (e.g., Python, PowerShell) for automating security tasks is preferred.