Database Security Manager, Vice President

About The Position

Requirements

• Advanced technical experience in data security, data protection, cybersecurity, insider threat, incident response, security operations, or related information security field.
• Demonstrable experience in people leadership and management.
• Managing teams of individual contributors in cybersecurity practices
• Experience assessing performance of direct reports, identifying strengths and weaknesses and assigning responsibilities for the most effective result
• Identifying business needs and aligning strategic plans to support
• Assessing complex, technical programs and processes and identifying opportunities for maturity or improvement
• Database security, monitoring and protection
• Database activity monitoring platforms such as Imperva Data Security and Data Risk Analytics (DRA) and Imperva Data Security Fabric (DSF) (Sonar) DSPM
• In-depth working knowledge of databases and database technologies
• Familiarity with AWS technologies and methods including RDS (Relational Database Service) and Cloud Native Data Types
• Data security especially regarding cybersecurity tools and methods
• Cybersecurity experience in regulated banking or financial environment
• Information Security auditing practices and standards
• GRC Tools & Processes
• Strategic program development and improvement following current industry security trends and patterns and in alignment with business vision and needs
• Ability to manage and lead teams of multiple individuals, set direction, oversee workloads and support direct reports to success while meeting objectives of senior management
• Skilled in supporting audit, regulatory and risk partners to satisfy legal and regulatory requirements and avoid risk exposure
• Ability to understand security risks and controls, to analyze various methods of controlling information security problems, determine the strengths and weaknesses of each method and implement the best cost-justified solution.
• Advanced experience with DAM, SIEM, UEBA and related tools.
• Detailed knowledge of major database platforms and data stores, including cloud native
• Identify weak links in information security products and determine how to mitigate the control deficiencies.
• Maintain familiarity with industry trends and current security practices.
• Demonstrate ability to manage complex projects in an effective manner.
• Evaluate business process and application software, which effect the integrity, functionality, and reliability of the Bank's data.
• Proficient with development of documentation and presentations
• Working knowledge of regulatory requirements affecting data integrity, protection and monitoring, such as GLBA, SOX, PCI, CCPA/PRA, GDPR, etc.
• Reliable team management and workload prioritization and organization skills
• Liaise with business, technology and leadership partners
• Servant leadership showing strength and understanding
• Good communication (written and verbal) and interpersonal skills
• Good listener
• Demonstrates the ability to convey technical findings in simple language
• Reliable time management and organization skills
• Proactive mindset and actions
• Aptitude to lead complex efforts
• Visionary
• Ability to adapt to changing environments and handle multiple priorities

Nice To Haves

• Master’s Degree (preferred)
• Experience in the banking or finance industries preferred

Responsibilities

• The Database Security Manager is responsible for leading the team that implements and maintains security systems that provide detection, prevention, containment and deterrence mechanisms to protect the integrity of relational database systems, AWS cloud native databases, NoSQL and big data platforms, and the data they contain.
• Using effective management skills, security principles and best practice, the Manager will lead a team of security professionals to provide guidance and support to operational, business, regulatory and enterprise security teams.
• This leadership role is responsible for being a liaison between senior management and individual contributors, dedicated to supporting the goals and vision of management while supporting and encouraging their team to produce effective solutions and results.
• As a leader of this critical practice area, the Manager should be visionary in their thinking, strategic in their planning, opportunistic in their execution, show strength and understanding in their leadership and be attentive to the efforts and contribution of their direct reports.
• An in-depth understanding of data security practices and database security is required in this niche field, as it is often the sole responsibility of this team to identify threats and weaknesses in both database activity and configuration.
• The organization's crown jewels and most sensitive data, both customer and corporate, is stored in databases and the Database Security Manager is on the front line protecting that data.
• The Database Security Manager is a key position for providing leadership, protection and assurance on the controls safeguarding the bank’s information assets.
• Design, develop, test, document, monitor, and implement information and database security solutions to enforce security strategies and support new/existing systems in accordance with policies, standards, guidelines and procedures.
• Serve as a trusted partner to business, operations, development, risk and compliance teams providing database security subject matter expert (SME) guidance and analysis.
• Manage a database activity monitoring (DAM) platform for security and audit compliance, including policy creation, event and trend analysis, performance monitoring and infrastructure maintenance.
• Develop and maintain database security standards, guidelines and procedures for hardening database configurations, users and roles, profiles, etc.
• Refine and enhance existing controls, policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of data.
• Evaluate updates to new/existing database security controls by determining the strengths/weaknesses and coordinate the testing and implementation of the new/enhanced controls with all business partners that are affected.
• Identify weak links in information security products and determine how to mitigate the control deficiencies.
• Enhance preventive systems used to stop and/or deter security breaches.
• Evaluate database security patches from vendors and assesses potential risk and work with stakeholders to address vulnerabilities.
• Respond to security Incidents and assist with Tier-1 and Tier-2 incident investigations.
• Perform root cause analysis of security violations to determine if they are the result of misconfiguration or malfunction or if they are malicious and taking appropriate action depending on circumstances.
• Serve as technical lead on projects within area of responsibility.
• Work with database custodians at different levels of the organization to understand their respective security needs and assist with implementing practices and procedures consistent with the bank information security policy.
• Working with internal and external auditors to demonstrate and provide evidence of security controls are adherence to regulatory compliance.
• Execute and enhance monitoring systems used to detect and report security violations.
• Develop and present material related to the practice area, such as metrics, future state planning, maturity roadmaps, program overviews, incidents, etc.
• Maintain resources and assets within budget, project utilization growth and define budget needs, oversee utilization of licensing, plan for infrastructure upgrades and modernization.
• Develop plans to align with enterprise technology strategies and changes such as cloud transformation and international expansion.
• Oversee incident response and mitigation, respond rapidly, ensure all legal and compliance requirements are met and support database security SMEs with investigation, analysis and reporting, while keeping senior management and stakeholders apprised.
• Develop and maintain a trusted advisor reputation with key partners and stakeholders in such areas as Risk, Data Governance and Privacy, Audit, Database Administration, national and international business units and senior/executive management.
• Keep abreast of security trends and threats and develop strategies to ensure the highest level of protection for bank data and assets.
• Manage team workloads for both run-the-bank (RTB) and project work, ensuring timeliness, effectiveness and efficiency.
• Ensure the team meets all HR and internal process requirements timely and effectively, manage schedules, address personnel issues, including hiring, PIPs and termination, satisfy all compliance and risk training requirements.
• Serve as a single point of contact for audit and risk assessment teams, address requests in a timely manner, attend interviews, provide walkthroughs, detailed explanations and evidence to satisfy all concerns or questions.
• Define, develop and improve company policy as it relates to data protection.
• Ensure team processes and procedures are written and up-to-date, especially where it is required for regulatory and risk purposes, and to ensure job and business continuity in the event of turnover or disaster.
• Provide excellent leadership, utilizing strengths of individual contributors to the greatest success and assisting with growth in areas of weakness, assisting the team to overcome challenges and achieve their best quality of service for the company and colleagues.
• Lead the team to provide excellent and notable customer service to all colleagues.

Benefits

• comprehensive health and wellness benefits
• retirement plans
• educational assistance and training programs
• income replacement for qualified employees with disabilities
• paid maternity and parental bonding leave
• paid vacation, sick days, and holidays