Job
Description
Job Purpose
Information security team member (with skip level reporting to CISO) who is proficient in maintaining & managing data base security DAM. Information Security tool management & governance. Understanding of regulatory requirements, maintaining the tool compliance, configuring the tool policy, logs review & alert/incident handling. Driving information Security projects & Monitoring Key Risk Indicators (KRIs) for Information Security.Duties and Responsibilities
A-Minimum required Accountabilities for this roleDeployment & Configuration
Lead or assist in the deployment of DAM tools (e.g., Imperva SecureSphere, IBM Guardium, DataSunrise, Oracle Audit Vault).
Configure agents/connectors for various database platforms (Oracle, SQL Server, MySQL, PostgreSQL, etc.).
Ensure proper integration with SIEM and other security infrastructure.
Validate data collection and ensure coverage across critical databases.
Management & MaintenanceCreate, Maintain and update DAM policies, rules, and configurations.
Monitor DAM tool health, performance, and data integrity.
Perform regular audits of DAM coverage and ensure alignment with compliance requirements.
Manage user access and role-based permissions within the DAM platform.
Incident Detection & HandlingMonitor alerts and logs for suspicious database activity (e.g., unauthorized access, privilege escalation, data exfiltration).
Investigate DAM-generated incidents and coordinate with SOC/IR teams.
Document incident findings and support forensic analysis.
Recommend and implement remediation actions based on incident outcomes.
Collaboration & Knowledge SharingWork closely with DBAs, InfoSec, and IT teams to ensure secure database operations.
Provide training and guidance on DAM tool usage and best practices.
Stay updated on DAM tool enhancements and database security|B-Additional Accountabilities pertaining to the role
Manage & maintain security tool policies like like AV/EDR, Vulnerability management tool, FIM, SIEM agent.Maintain compliance as per organization compliance policy Highlight risk & mitigation plan Work with SOC team to investigate security alerts and improve detection rules.Document security policies, configurations, and incident reports.Risk analysis and mitigationInteraction with OEM for Highly Critical technical support.Responsible for Reports & Technical documentation.Should be capable to guide the team/individual on requirement basis.Communicate effectively with stakeholders & cross function teamsResponsible for MIS Reports/ Technical documentsVendor Co-ordinationExcellent spoken and written English Communication.Strong troubleshooting, analytical, and communication skillsGood attitude towards corporate environment.Team player & Mentor to the team.Energetic, self-motivated and self-sufficient in accomplishing tasks.Good analytical and problem solving skills.
Key Decisions / Dimensions
Identification of right contacts to channelise the issue/problem for closure.
Review the alert/incident and categorised True positive / False positive and take require steps.
Discuss observation response as applicable & improve security controls.
Decide if the policy and procedure documents need changes based on new regulations or audit outcomes.
Major Challenges
Handling of fast changing environment with variety of cloud service providers
Handling of compliance expectations in stringent timelines
Handling multiple stakeholders at a time
Coordination with third party consultants who assist in auditing and compliance initiatives
Required Qualifications and Experience
a)QualificationsMinimum 3+ years of experience in Database Activity monitoring tool (DAM).Minimum 3+ years in Database operations/Installation & health monitoring/ Knowledge of SQL queries.b)Work ExperienceKnowledge & hands-on experience in information security tool compliance & incident management Database Activity monitoring tool (DAM).
Sound knowledge on IT infrastructure, Information Security concept & tools, ISMS & BCMS frameworks, regulatory guidelines related to IT and cyber for NBFCs
Experience in Project management.
Positive attitude, Hard Worker and team player
Excellent Communication and Leadership Skills
Certifications like CEH (Ethical Hacking), Azure/AWS Security, application penetration testing would be an added advantage
