Sr. Information Security Analyst

Experis is looking for a Cyber Security Database Compliance Specialist for a long term contract role in the Jacksonville, FL area.

This position is a key member of the Cyber Security Threat Management team responsible for the engineering, implementation, configuration, tuning and maintenance of database compliance, integrity and activity monitoring of core business database management systems.

The role will focus on systems and tools associated with database activity security monitoring, event correlation, vulnerability scanning and configuration compliance.

Candidates will be responsible to support existing enterprise database activity monitoring solutions and optimize deployment and operations.

Specific deliverables will support implementation of IBM Guardium Database Activity Monitoring, Vulnerability Assessor and Configuration Auditing System components and should have experience with core DBMS technologies including, but not limited to Oracle, IBM DB2 LUW, Microsoft SQL, Mongo, and Hadoop.

1.

Performs installation, testing, monitoring, configuration, migration, maintenance and troubleshooting of assigned technology 2.

Manages systemapplication environment and ongoing operations 3.

Proactively monitors and reports performance and utilization of assigned technologies 4.

Troubleshoots software andor hardware issuesfailures 5.

Performs solution design architecting, capacity planning, and configurationdeployment of GIM, S-TAP.

6.

Creates and publishes audit reports and riskperformance metrics.

Ability to understand and report on current state of deployment architecture, assets, and databases within defined categoriestypes, business or security framework alignments.

7.

Technical experience with design and configuration of tool-based automation and workflow features, as well enabling integration to other SIEM, inventory andor ticketing systems such as Splunk and Remedy.

8.

Understanding of industry security logging standards and best practices 9.

Resolves alerts and performs remediation activities 10.

Manages problem or escalated tickets and tasks and out of cycle requests from systemssoftware owners 11.

Collects and presents data for reporting and planning 12.

Assists with developing tactical strategies, processes and procedures related to systemsapplication administration 13.

Collaborates with IT and business area partners on work groups and initiatives 14.

Assist in identification of alternative configurations and approaches to enable business needs 15.

Serves as a liaison with IT and business area partners to identify, understand, document and advise on security requirements, impacts and risks.

16.

Develops and maintains documentation for security systems, procedures and security diagrams 17.

Analyzes, proposes and implements solutions concerning residual risk, vulnerabilities and other security exposures.

18.

Participates on assigned projects, ensuring that security best practices and requirements are considered and addressed.

19.

Participates in initiatives to identify, select and implement technical controls 20.

Develops information security processes, policies and procedures.

21.

Advises on service level agreements and works to ensure that security controls are managed and maintained.

22.

Other duties as assigned Must have IBM Guardium implementation and operations experience Strongly preferred RHEL Linux experience IBM AIX experience IaaS, PaaS, SaaS understanding Microservices experience (Kubernetes, Docker, etc.) Software Development Lifecycle Waterfall and Agile Additional Requirements 2-4 years of experience in Systems and Information Security administration with at least 1-2 years professional experience related to Database compliance and Security Monitoring More than 2 years experience with the IBM Guardium implementations Working knowledge of core database platforms Oracle, Microsoft SQL Server, IBM DB2LUW, Mongo, Hadoop, and PostgreSQL Experience integrating security capabilities with ITSM preferably BMC Remedy integration experience Experience with log management and enterprise log management implementations Understanding of how to secure next-generation datacenter solutions (e.g.

PaaS, SaaS or IaaS).

Demonstrate a working knowledge of multiple technologies and their interfaces and integration Extensive experience implementing and administeringmanaging technical solutions in major, large-scale system implementations Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.

Experience developing, documenting and maintaining security procedures.

Knowledge of operating systems and security applications, as well as a working knowledge of basic network protocols and tools.

Ability to manage tasks independently and take ownership of responsibilities Ability to learn from mistakes and apply constructive feedback to improve performance Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.

Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.

Ability to adapt to a rapidly changing environment Critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy.

Familiarity with PCI, HIPAA, NIST, HITRUST and other compliance frameworks Preferred Experience analyzing business requirements and translating them into technical solutions Industry standard Cyber Security Certifications CompTIA Security, CSANS GIAC Security Essentials (GSEC), Systems Security Certified Practitioner (ISC2 SSCP), ISACA Certified in Risk and Information Systems Control (CRISC) Experis is an Equal Opportunity Employer (EOEAA)