IT.IT Security Administrator
- Manila, National Capital Region, Philippines
- Permanent, Full time
- Citco Fund Services APAC
- 18 Apr 19
IT.IT Security Administrator
Security Database Administrator - IBM Guardium / Vormetrics / Imperva
Since the 1940s Citco has provided specialist financial services to alternative investment funds, investors, multinationals and private clients worldwide. With over 6,000 employees in 45 countries we pioneer innovative solutions that meet our clients' evolving needs, and deliver exceptional service.
Our continuous investment in learning means our people are among the best in the industry. And our corporate social responsibility programs provide meaningful and fulfilling work in the community.
A career at Citco isn't just a job - it's an opportunity to excel in an environment that genuinely supports your personal and professional development.
About the Role:
This position is responsible for verifying that the security controls used for ensuring confidentiality, integrity and availability within Citco's database environments is in accordance with the company's security, audit and compliance requirements as well as industry standard best practices. The position will also be responsible for implementation and administration of database monitoring and data encryption tools as well as performing vulnerability assessments.
This position will report to the IT Security Manager, GRC. The candidate will be based out of the Charlotte office. The incumbent will interact with the various technical, development, Q/A, UAT, project management and vendor groups as well as Data Owners (including the Management Team members) throughout numerous Citco business units.
Job Duties in Brief:
- Periodically review Oracle and SQL database environments for compliance with Citco security policies and standards and make recommendations for improving security.
- Work with the other Citco disciplines, particularly with Database Architects and Administrators in the review of new, proposed project implementations. Specifically this task is to represent the IT Security policies and strategic interests of the department in the Technical Architecture Reviews.
- Regularly assess and keep current database policies and standards to address potential vulnerabilities introduced by new versions or technologies.
- Conduct ad-hoc and scheduled risk assessments, audits, system reviews and vulnerability scans. Using a combination of automated tools, manual methods, and interviewing techniques to gather the information necessary to provide written reports summarizing findings and recommendations.
- Ensure (audit) that powerful database accounts are restricted and stored in Total Privileged Access Management (TPAM) appliance.
- Participate in the incident response team in a hands-on, technical role. Identify the root cause of security incidents. Recommend and implement solutions for limiting the scope of the incident. Work with senior management to recommend and implement additional controls to prevent future incidents.
- Maintain expertise on security trends through training, research and development, personal certifications, in order to mitigate potential security exposures.
- Deploy and maintain the database monitoring infrastructure, administering the rule base, generating reports, notification and investigation of policy violations.
- Deploy and administer the database encryption infrastructure, software, key management solution, generate reports and investigate general support issues.
- Perform other related duties incidental to the work described herein…..
- Bachelor's Degree or equivalent experience in Computer Science, Computer Engineering or related field.
- Database and security certifications preferred: Oracle Certified Professional, MCDBA (Microsoft SQL)
- Four or more years supporting and maintaining an Oracle/MSSQL infrastructure in a distributed global environment.
- Two or more years' experience securing a Oracle/MSSQL database environment.
- Must have experience in a similar work environment and role, with multiple priorities and deadlines on a daily basis with high attention to detail.
- Experience working in security-oriented, regulated environments.
- Experience with IBM Security Guardium
- Experience with Imperva SecureSphere DAM (not required but would be a plus)
- Experience with data encryption solutions (Oracle/MSSQL TDE, Guardium GDE, etc)
- Securing, monitoring and auditing Oracle and MSSQL database environments.
- Familiarity with best practices surrounding security incident response.
- Demonstrated ability to identify, analyze, qualify and report on database security issues.
- Experience developing and implementing policies and procedures
- Must be able to meet deadlines and changing priorities
- Excellent written, verbal and interpersonal and presentation skills.
- Accept responsibility and personal accountability; demonstrate reliability.
- Maintain good attendance and punctuality; follow proper procedures for requesting time off; communicate with management appropriately.
- Demonstrate effective teamwork and working relationships with others, both from Citco and external clients.
- Demonstrate a self-directed approach to learning new technologies in the field; pursue professional development
- Ability to travel as needed
- A challenging and rewarding role in an award-winning global business.
- Opportunities for personal and professional career development.
- Great working environment, competitive salary and benefits, and opportunities for educational support.
- Be part of an industry leading global team, renowned for excellence.