Database Security and Control Specialist

• Security Onboarding & Product Integration:
• Collaborate closely with Product Team to integrate and onboard product to security controls.
• Work with CSO to agree compliance and onboarding requirements to CSO controls. Interpret security policies and standards to define appropriate control compliance for new and existing products.
• Facilitate the implementation of security controls, including but not limited to: certificate management, dbRun (automation) access management and Authorisation, data encryption, and secure configuration.
• Work with engineering teams to implement and test security controls.
• Develop and maintain documentation for security onboarding processes and control implementation.
• Security Control Evidencing & Audit Readiness:
• Proactively identify and collect evidence demonstrating compliance with security controls and mapping to DB Standards and policies
• Prepare and maintain detailed documentation, reports, and artifacts for internal and external audits.
• Act as a primary point of contact during security control reviews, effectively explaining and demonstrating control effectiveness.
• Identify and track any gaps in control implementation or evidence, working with relevant teams to remediate them.
• Database Security Engineering (Oracle Focus):
• Possess expertise in Oracle database security principles, best practices, and configurations.
• Design, implement, and review security controls for Oracle platform.
• Perform security assessments and vulnerability reviews specifically for Oracle environments.
• Troubleshoot and resolve security-related issues within Oracle database environments.
• Management & Delivery:
• Manage security control onboarding streams concurrently, from initiation to closure.
• Develop and execute plans for onboarding controls, including scope definition, resource allocation, timelines, and risk management.
• Track progress, identify dependencies, and proactively address impediments.
• Communicate onboarding status, risks, and issues to stakeholders at all levels.
• Ensure timely and high-quality delivery of all security onboarding deliverables.
• Foster strong relationships with product managers, engineering leads, and security colleagues.

Required Skills & Experience:

• Education: Bachelor's degree in Computer Science, Information Security, Information Technology, or a related field. Relevant industry certifications (e.g., CISSP, Oracle Certified Professional - Security) are highly desirable.
• Security Expertise:
• Proven experience in security engineering, security architecture, or security compliance roles.
• Strong understanding of security principles, frameworks (e.g., NIST, ISO 27001), and compliance requirements (e.g., SOC 2, GDPR, HIPAA).
• Experience with various security controls, including access management (IAM), data encryption, network security, vulnerability management, and SIEM.
• Database Engineering (primarily Oracle):
• Experience with Oracle databases , including installation, configuration, administration, and security hardening.
• Understanding of Oracle security features (e.g., TDE, auditing).
• Experience with database patching, upgrades, and performance tuning from a security perspective.
• Familiarity with other database technologies (e.g., PostgreSQL, SQL Server, NoSQL) is a plus.
• Delivery Management:
• Demonstrated experience in managing and implementing controls
• Proficiency with project management methodologies (e.g., Agile, Waterfall) and tools (e.g., JIRA, Asana, Microsoft Project).
• Strong organizational skills, ability to prioritize tasks, and manage multiple parallel initiatives.
• Compliance:
• Experience in preparing for security control reviews and evidencing.
• Ability to gather, organize, and present evidence of design and control effectiveness.
• Understanding of compliance requirements and expectations.
• Excellent written and verbal communication skills, with the ability to articulate complex security concepts to technical and non-technical audiences.
• Proven ability to build strong relationships and collaborate effectively with diverse teams (Product, Engineering, Operations, Audit).
• Strong analytical and problem-solving skills.
• Self‑motivated, proactive, and able to work independently and as part of a team.