Since the 1940s Citco has provided specialist financial services to alternative investment funds, investors, multinationals and private clients worldwide.
With over 6,000 employees in 45 countries we pioneer innovative solutions that meet our clients’ evolving needs, and deliver exceptional service.
Our continuous investment in learning means our people are among the best in the industry. And our corporate social responsibility programs provide meaningful and fulfilling work in the community.
A career at Citco isn’t just a job it’s an opportunity to excel in an environment that genuinely supports your personal and professional development.
About the Role :
This position is responsible for verifying that the security controls used for ensuring confidentiality, integrity and availability within Citco’s database environments is in accordance with the company’s security, audit and compliance requirements as well as industry standard best practices.
The position will also be responsible for implementation and administration of database monitoring and data encryption tools as well as performing vulnerability assessments.
This position will report to the IT Security Manager, GRC. The candidate will be based out of the Manila office. The incumbent will interact with the various technical, development, Q / A, UAT, project management and vendor groups as well as Data Owners (including the Management Team members) throughout numerous Citco business units.
Job Duties in Brief :
Technical Expectations / Professional Practices :
Periodically review Oracle and SQL database environments for compliance with Citco security policies and standards and make recommendations for improving security.
Work with the other Citco disciplines, particularly with Database Architects and Administrators in the review of new, proposed project implementations.
Specifically this task is to represent the IT Security policies and strategic interests of the department in the Technical Architecture Reviews.
Regularly assess and keep current database policies and standards to address potential vulnerabilities introduced by new versions or technologies.
Conduct ad-hoc and scheduled risk assessments, audits, system reviews and vulnerability scans. Using a combination of automated tools, manual methods, and interviewing techniques to gather the information necessary to provide written reports summarizing findings and recommendations.
Ensure (audit) that powerful database accounts are restricted and stored in Total Privileged Access Management (TPAM) appliance.
Participate in the incident response team in a hands-on, technical role. Identify the root cause of security incidents.
Recommend and implement solutions for limiting the scope of the incident. Work with senior management to recommend and implement additional controls to prevent future incidents.
Maintain expertise on security trends through training, research and development, personal certifications, in order to mitigate potential security exposures.
Deploy and maintain the database monitoring infrastructure, administering the rule base, generating reports, notification and investigation of policy violations.
Deploy and administer the database encryption infrastructure, software, key management solution, generate reports and investigate general support issues.
Perform other related duties incidental to the work described herein.
Management / Leadership Expectations :
Ability to work independently with or without direction and or supervision.
Portray professional demeanor and demonstrate professional judgment on the job.
Administrative Expectations :
Participate in meetings as required.
Review documentation as needed in order to identify security requirements for new and ongoing IT projects.
Manage time and tasks.
Prepare status reports and key metrics, as required.
Professional Expectations :
Excellent written, verbal and interpersonal presentation skills. Ability to communicate effectively at all organizational levels.
Accept responsibility and personal accountability; demonstrate reliability.
Maintain good attendance and punctuality; follow proper procedures for requesting time off; communicate with management appropriately.
Demonstrate flexibility and adaptability in approach to work.
Promptly respond to telephone calls, voice-mail, e-mail and other means of communication.
Demonstrate effective teamwork and working relationships with others, both from Citco and external clients.
Demonstrate a self-directed approach to learning new technologies in the field; pursue professional development.
About You :
Background / Qualifications :
Bachelor’s Degree or equivalent experience in Computer Science, Computer Engineering or related field.
Database and security certifications preferred : Oracle Certified Professional, MCDBA (Microsoft SQL)
Previous Work Experience :
Four or more years supporting and maintaining an Oracle / MSSQL infrastructure in a distributed global environment.
Two or more years experience securing a Oracle / MSSQL database environment.
Must have experience in a similar work environment and role, with multiple priorities and deadlines on a daily basis with high attention to detail.
Experience working in security oriented environments.
Experience with IBM Security Guardium
Experience with Imperva SecureSphere DAM (not required but would be a plus)
Experience with data encryption solutions (Oracle / MSSQL TDE, Guardium GDE, etc)
Specific Knowledge / Skills :
Securing, monitoring and auditing Oracle and MSSQL database environments.
Familiarity with best practices surrounding security incident response.
Demonstrated ability to identify, analyze, qualify and report on database security issues.
Experience developing and implementing policies and procedures.
Environmental Demands :
Must be able to maneuver effectively within environment. Demands may include additional hours within work environment during non-business hours.
Physical Demands :
Must be able to use a keyboard, read a display monitor, and use other office-related equipment.
Must be able to verbally communicate effectively in English.
Mental Demands :
Must be able to meet deadlines and changing priorities.
Must be able to work in high-pressured environment, especially during a crisis.
Possess the ability to stay calm and professional with clients and staff experiencing technical issues.
Flexibility and ability to deal with change.
Flexibility in work schedule according to project and business needs.
Ability to travel as needed.
Perform other duties as assigned.
Flexible and understands hours and schedule (24x7x365).
What We Offer :
A challenging and rewarding role in an award-winning global business.
Opportunities for personal and professional career development.
Great working environment, competitive salary and benefits, and opportunities for educational support.
Be part of an industry leading global team, renowned for excellence.