Security Engineer - Database
The Technical Services Division of the National Association of Insurance Commissioners (NAIC) has an exciting opportunity for a Security Engineer - Database. We are looking for a team member who would enjoy working for an organization that strives every day to support the public good and make a difference. Are you driven to utilize your skills while delivering excellent service to build long-lasting rapport? If so, this is a perfect opportunity for you!
This position is based in the NAIC’s state-of-the-art offices in Town Pavilion in the heart of downtown Kansas City which includes great restaurants and top-notch entertainment venues. This is a full-time position in a positive and flexible environment. The position will be remote with in-office requirements as scheduled.
The Security Engineer-Database is a member of the Security Operations Center (SOC). They utilize a variety of cloud and on-premises technologies to architect various security controls. They ensure that the proper security services are deployed to detect, analyze, respond to, and contain advanced attacks.
Primary Security Responsibilities:
- Leads security design and review of Database related solutions (e.g., Casandra, Microsoft SQL Server, Oracle, etc.), working with developers and application architects. This includes implementation, reporting, monitoring, and documentation of procedures.
- Understands Identify and Access Management technologies, as applicable for application integration with the database and communicates best practices at stakeholder meetings.
- Provides support for Cloud security and governance technologies, including design, implementation, reporting, monitoring, and documentation of procedures.
- Contributes input to other Security team members from an application perspective on vulnerability and benchmark risks and communicates decisions to development teams for implementation.
- Evaluates database log information for what will be most beneficial when investigating an issue, and therefore requires collection via the SIEM.
- Reviews with database administrators, database backup strategies to ensure they are reliable and protected from malware, to include either performing or auditing the associated annual SOC 2 controls.
- In-house expert on Database related security controls (e.g., SOC 1, SOC 2, SIG, etc.).
- Researches, implements, and supports new and/or required security technologies as needed.
- Investigates new development and scripting languages and code generation tools, to establish security measures or enhancements that may be required.
- Knowledgeable of credential handling in vault technologies to ensure adequate security and auditing.
- Supports security design and review of new or re-engineered applications, following OWASP Top 10 guidelines with strong Java or Java Script experience.
- Knowledge of security gates for CI/CD pipelines, establishing standards for what is allowed to pass.
- Understands static and dynamic security code scanning tool, ideally Fortify, and capable of assessing and approving any exceptions.
- Familiarity with containerized deployments and determines proper level of security scanning.
- Experience with the aforementioned duties in a cloud environment, ideally AWS.
- Able to lead vendor discussions in re-examining our current toolset or investigating new tools to accomplish the aforementioned objectives.
- Represents Security, policies, and standards, before Application Architects to ensure understanding and conformance.
- Reviews penetration test results and renders an opinion on the importance and difficulty to implement corrective action.
- Other duties may be assigned.
- May be called upon to travel to remote offices or organization sanctioned meetings in support of security initiatives.
- This position may be called upon to carry an on-call phone but must be accessible 7x24 as issues arise.
- Familiarity with Java and Java Script.
- Actively seeks proficiency in information security and shows aptitude to master techniques and technologies such as application security, cryptography, threat modeling, and penetration testing.
- Experience with Linux, and Microsoft Windows.
- Practical experience with other aspect(s) of computer security: network, email, operating systems.
- Ability to work on their own and in a team environment.
- Ability to comprehend installation/technical manuals.
- Must have very intuitive troubleshooting skills to look at the broad picture.
- Able to converse with executives on technical issues.
- Strong communication and interpersonal skills and fortitude to accomplish projects.
- Strong sense of ownership and drive.
- Delivers extraordinary customer experiences.
- Bachelor’s degree (B.A. or B.S.) from four-year College or university in a computer related field and 8 years of experience with database products (i.e. Oracle, AWS RDS, etc.) to include security technologies (e.g., LDAP, SAML, Terraform, etc.), and/or equivalent combination of education and experience.
- SQL and Terraform.
- Shell scripting or automation of tasks using a scripting language such as PowerShell or Python.
- Code repositories (e.g., GitLab), CI/CD pipelines, and containerization (e.g., Docker).
- Cloud technologies, to include PaaS and SaaS, ideally AWS.
- Understanding of secure-cloud configuration, (CloudTrail, AWS Config, etc.), especially infrastructure as code (e.g., Terraform).
AWS Certified Solutions Architect
$89,642 - $135,000 commensurate with education and experience.
Why Work at the NAIC/NIPR?
- Remote work schedule
- Flexible Work Environment
- 37.5 Hour Work Week
- Tuition Reimbursement
- Referral Bonuses
- Choice of Insurance Plans
- Vacation Buy Back
- Infants in the Work Place
- Adoption Assistance
- Parental Leave
- Employee Recognition Programs
- Days Off for Community Service
- Student Loan Repayment Program
- Fitness Center
For consideration, please apply online at:
Applicants for all positions are considered without regard to age, race, creed, color, religion, sex, sexual orientation, gender identity or expression, national origin or ancestry, marital status, pregnancy, genetic information, military or veteran status, disability, or any other basis protected by applicable law.