Database Security Signature Engineer
As a Database Security Signature Engineer you will be part of an engineering team that is responsible for the research, development, and delivery of compliance signatures for product - Policy Compliance (PC). In this team you will work on numerous security standards like CIS, NIST, DISA, PCI-DSS and help customers assess the the database configurations and compliance.
- Research and Develop signatures to identify non-compliant OS security settings in the areas of Unix/Linux, Windows, Application Software that will be processed by the Qualys engine to collect data from target machines that are being audited.
- Hardening and Configuration of end-points, ranging from Operating systems to Database to Application software such as Apache HttpServer, Tomcat Server and Microsoft IIS.
- Provide subject matter expertise to internal core engineering and infrastructure teams
- BS/MS in Computer Science or a related field
- Experience of 2+ years with BS/BE/MCA in Technical/Software field.
- Experience with Unix/Linux, Windows OS Application Software and Network Devices in productive environment.
- Strong understanding of HTTP(S), TCP/IP, SSH and SSHD protocols.
- Proficient in Shell and Python scripting language
- Proficient in Regular Expressions and Programming methods.
- Installation, Configuration and administration of Applications on Windows/Linux/Unix and other environments.
- Knowledge of programming in the Unix/Linux/windows environment.
- History of working with source control (SVN) and bug tracking tools (JIRA)
- Good communication skills.
- Windows system administration experience including system configuration and in-depth under the hood working of: Local security Policy, Domain Security Policy, WMI, GPO, User Account Control, User Rights, Account policy, Audit policy, Event Log, Windows Firewall, Updates and various security Options.
- UNIX system administration experience including system configuration and in-depth under the hood working of: Secure Boot Settings, TCP Wrappers, IPtables, Logging and Auditing, syslog, auditd, logrotate, cron, PAM, File permissions, user and group settings
- Working experience on database: MSSQL, OracleDB, DB2, Sybase, SAP HANA, Neo4j, Mysql, Informix, etc
- Working experience on database in the Cloud: AWS RDS, Azure SQL, Oracle Cloud