Database Security Specialist

Evolver Federal is looking for a Database Security Specialist ­to join our team supporting our government client.

The successful candidate will work with Database Administrators, ISSOs and System Teams to support the client in ensuring the security of its databases across the enterprise. By collaborating with other stakeholders (Federal and Contractor), the candidate will support the ISD Security Tools Team and System DBAs in establishing the initial configuration of database scans using TIO (Tenable Nessus). The candidate will also monitor successful application of security patching for all databases and troubleshoot where necessary, review database-related POA&Ms and provide input into POA&M milestones and associated remediation plans, review artifacts for POA&M closure relating to documented database weaknesses and advise on closure, assist the team in hardening databases throughout the enterprise, and assist DBAs in onboarding database logs to the organization's SIEM tool. The candidate must be a self-starter.

The client environment is diverse and currently contains Oracle, Postgres, SQL Server, and mySQL databases.

Responsibilities

• Review output of database scans using Tenable io (TIO), work with System DBAs to remediate findings, including vulnerabilities and hardening.
• Provide input and recommendations into approved security configuration baselines for database types including Oracle, Postgres, SQL Server, and mySQL.
• Provide input and recommendations into approved database versions based on database type.
• Work with members of the POA&M Management Support Team to review artifacts submitted as evidence of POA&M closure for database-related weaknesses.
• Review, validate, and track false positives and known deviations in scan results to provide assurance that IT systems meet established configuration baseline(s) for approved database types.
• Review documentation submitted in support of requesting a waiver for compliance with specified security requirements per the NIST SP 800-53 and provide recommendations to client for approval and acceptance of associated risk. Specific to security requirements relating to databases and the database layer of a system.
• Participate in process improvement initiatives to mature the client's internal business processes in areas including, but not limited to, vulnerability remediation, patch remediation efforts, STIG compliance, and approved database instances.
• Work with Database Administrators, ISSOs, and System Admin Teams to configure database assets to send the appropriate logging data to Splunk / designated SIEM tool.
• Provide recommendations for database logging standards across the enterprise for each database type within the enterprise to facilitate establishing new and enhancing existing logging standards.
• Perform other duties as assigned by the Government.
• Ability to work efficiently and effectively in a dynamic and fast-paced environment.
• Determine the clearest and most logical way to present information and instructions for greatest reader comprehension and write and edit technical information accordingly.
• Meet with other Technical SMEs (Federal and Contractor) to ensure specialized topics are appropriately addressed, discussed, and understood.

Basic Qualifications

Preferred Qualifications

Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military / veteran status, or any other factor protected by law.

Actual salary will depend on factors such as skills, qualifications, experience, market and work location. Evolver Federal offers competitive benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies.

Job Posted by ApplicantPro