Deputy Vice President - Network and Database Security Operations Lead
Typical functional areas would include Network Security architecture & Database Security controls for review, assessments & strengthening the overall posture
Skill & Experience Required :
- Experience of working with Network Security (Firewall, NIPS etc.), Database Security (DAM) solutions.
- Deep knowledge and understanding of enterprise network environment (architecture, design).
- Overall at least 10 Years in Information Security and 6+ years of experience in Network, Database Security and related technologies
Description for Internal Candidates :
:
A. Network Security Management :
- Serves as a Network Security expert in Network design & Implementation, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices
- Collaborate with systems, network, database, vendor teams to ensure security is maintained at all layers
- Develop framework for securely implementing, integrating and managing Network
- Prepare Network hardening standards in-line with organization\'s security policy
- Conduct Network Architecture Review periodically inline with the Policy requirement
- Conduct Firewall Configuration & Rule Review periodically inline with the Policy requirement
B. Database Security Management :
- Serves as a security expert in database design, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices
- Establish data protection strategy and coordinate data protection solution design, architecture and implementation
- Leads the assessment secure configurations of databases & platforms
- Implement, maintain and review database standards, guidelines and operational policies and procedures
- Develop framework for securely implementing, integrating with and managing databases
- Preparation of database hardening standards in-line with organization\'s security policy
- Provide consultation to DB admins on key Cyber Security risks and mitigations (technology and manual) around database integrations & implementations
- Responsible for consulting on full life cycle and building capability of of Database Activity Monitoring and related technologies
- Review database physical structure along with the monitor performance, tuning, maintenance and utilities associated with them
- Review database storage media configuration
- Reviewing application\'s access to the database structures
- Implement, maintain, and test backup & recovery strategies
- Design and review appropriate users/authority/roles within the Database
- Design framework to include database security review for installation, database migration and development of new features/functionality
- Design and monitor framework for change to any database objects as required
- Maintains and monitors database security, integrity and access controls.
- Controls privileges and permissions to database users.
- Provides audit trails to detect potential security violations
- Makes recommendations to improve security.
- Participates in security investigations as needed.
- Assures that appropriate information security is applied in all task
Measure of Success :
- Conducting Network & Database security assessments within the mandated timelines
- Get all the findings remediated as per the TAT defined in the Policy
- Increase in maturity of Infrastructure security (Adoption & Capabilities)
- Development and adherence of security best practices within bank
- Delivery of project plans, milestone updates, presentations, assessment reports and communications to senior management and other relevant stakeholders.
Skill Set & Experience Required :
- Individual must possess the knowledge and the following skills and abilities or be able to perform the essential functions of the job;
- Ability and experienced in highly secure and restrictive enterprise environments.
- Working experience on various operating systems (Unix/Linux/AIX/Window Servers etc.), implementation of network and security devices like Firewall, IPS, VPN, APT, proxy etc.
- Strong understanding of LAN/WAN/Cloud hosting technologies/Databases and Operating systems.
- Technical knowledge: UNIX, Linux, Windows, OS X, various firewalls, digital certificates, SSL, VPN, TCP/IP, DNS, web security architecture, MySQL, Oracle
- Good knowledge of information security principles and practices.
- Ability to lead, collaborate, challenge and influence peers. Passion for project based execution and process improvement.
- Excellent Documentation, Communication, presentation, interpersonal and leadership Skills
- knowledgeable about how DAM fits into the broader Security Program and generally understand Data Security concepts around data loss prevention (DLP), tokenization and encryption, database activity monitoring, Cloud Access Security Brokers (CASB).
- Well versed with key Cyber Security risks and mitigations (technology and manual) around database integrations & implementations
- Good knowledge in hardware and networking.
- Proven ability to effectively manage multiple priorities and meet deadlines.
- Ability to adapt to varied roles and job responsibilities and problem-solving skills.
- Demonstrated ability using a life cycle management process for implementation of changes in technology.
- Ability to performs a variety of professional tasks including, but not limited to, technology services representative on various committees or task forces
- Demonstrated ability to excel both independently and as a team member in a lively, collaborative environment.
- Excellent written and verbal communications skills with a demonstrated ability to make difficult concepts easy to understand
- 10+ years overall experience in information security
- 6+ relevant experience in Network, Database Security and related technologies
Must Have Qualification :
A. A Bachelor\'s Degree in a related area such as Computer Science or Information Technology.
B. Industry-standard certifications such as ISO27001 LI, CISSP, CISM or other desired security certifications as preferred.
IIM Jobs
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.