Previous Job
Previous
CIS Data Protection Engineer-Raleigh, NC
Ref No.: 18-03139
Location: Raleigh, North Carolina
 
CIS Data Protection Engineer
Location    : Raleigh, NC
Duration    : 13 months
Rate            : DOE
 
US Citizen, GC Holder and EAD
 
Desired experience and skills:
 
Background supporting engineering and integration of new and existing security and data security technologies, and operational services support for a large enterprise. Experience evaluating and ensuring that appropriate security controls are selected, deployed, and are operating effectively across a variety of platforms and technologies. The following is desired:
 
•                     Knowledge of financial services industry applicable regulations and industry standards relevant to data security (PCI DSS, SOX, NYDFS, GLBA, FISMA);
•                     Experience implementing, configuring, or supporting IBM Security Guardium.
•                     You have experience protecting database environments, including Oracle, DB2 or MS-SQL;
•                     Demonstrated working experience with the Windows and UNIX operating environment, as an administrator or power user.
•                     You have a working knowledge of cryptography, encryption, related algorithms and protocols;
•                     Experience working for a large financial services company is a plus.
•                     IBM Security Guardium certification is a plus.
•                     Database experience is a plus.
 
Essential Duties and Responsibilities:
 
This role provides the expertise and knowledge required to support technologies and processes related to protecting the confidentiality and integrity of sensitive data. This role will function in the CIS organization under then Database Security team. The following is a summary of the duties and responsibilities supported by this role and team. Other duties may be performed, both major and minor, which are not mentioned below.  Specific activities may change from time to time.
 
•                     Provide engineering, implementation and production support for BB&T database security management platforms;
•                     Deploy and maintain the database monitoring infrastructure, administering the rule base, generating reports, notification and investigation of policy violations.
•                     Work with data owners to implement audit processes to insure the confidentiality and integrity of their data and meet the requirements of the applicable regulations;
•                     Implement and support database security standards and best practices;
•                     Serve as the SME for BB&T supported database security technologies, solutions, and lifecycle support. Maintain a thorough understanding of related standards and best practices;
•                     Research and testing of new technologies related to database security methods; 
•                     Through research, training, and participation in professional organizations, maintain expert knowledge and skills required to maintain BB&T's strict adherence to data privacy and security;
•                     Coordinate with other teams to ensure high quality of database security services and support;
 
Required Skills and Competencies:
 
The requirements listed below are representative of the knowledge, skill and/or ability required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
•                     Bachelor's degree in Computer Science or relevant field, or equivalent education and related training;
•                     Knowledge and understanding of database auditing and administration;
•                     Knowledge and understanding of application security planning and security architecture;
•                     Knowledge and understanding of information security risk assessment or audit;
•                     Experience with managing database audit events and audit records
•                     2-3 years experience with IBM Security Guardium;
•                     Experience with Guardium Vulnerability Assessment, Data Isolation and Data Classification;
•                     3-5 years of experience in Information Security;
•                     Certified Information Systems Security Professional (CISSP) or other Information Security related certifications;
•                     Strong proven verbal and written communication skills, including business and technical writing skills;