Website:
idfcfirst.bank.in
Job details:
Job Requirements
Job Title
Senior Security Engineer (DAM)
Role Overview
We are seeking a senior Database Security & Activity Monitoring (DAM) professional to design, operate, and enhance enterprise database access monitoring and data misuse detection capabilities. The role focuses on protecting sensitive data by monitoring database activity, detecting anomalous access patterns, and supporting regulatory and internal security requirements.
The role is DAM-first, with exposure to adjacent security domains such as endpoint detection and virtual desktop environments considered a strong advantage.
Primary Responsibilities – Database Activity Monitoring (Core Focus)
- Design, implement, and manage Database Activity Monitoring (DAM) solutions across enterprise environments.
- Work with DAM technologies such as Oracle DAM, IBM Guardium, Imperva DAM, McAfee/Trellix DAM, or equivalent platforms.
- Monitor and analyse:
- Database access activity
- Privileged user behaviour
- Application-to-database interactions
- Develop and enforce database security policies, alerts, and access controls aligned with regulatory and internal risk requirements.
- Build detection use cases for:
- Unauthorized access
- Privilege abuse
- Suspicious query behaviour
- Data exfiltration and misuse attempts
- Integrate DAM telemetry with SIEM platforms for centralized visibility and correlation.
- Support regulatory audits, compliance reviews, and forensic investigations involving database access.
- Perform root cause analysis for database security incidents and recommend corrective and preventive controls.
- Collaborate with DBA, application, risk, and compliance teams to ensure security controls align with business operations.
Secondary Responsibilities – Good To Have (Contextual Skills)
Endpoint & User Context (Good to Have)
- Understand how endpoint posture and user behaviour influence database access risk.
- Collaborate with EDR and identity teams during investigations involving credential misuse or insider threats.
Endpoint Detection & Response – EDR (Good to Have)
- Exposure to EDR platforms such as SentinelOne, CrowdStrike, Microsoft Defender, or equivalent.
- Support cross-domain investigations where endpoint compromise leads to data access risk.
Required Skills & Experience
Core (Mandatory)
- Strong hands-on experience with Database Activity Monitoring (DAM) technologies.
- Deep understanding of:
- Database security principles
- Privileged access monitoring
- Database auditing and logging
- Data access misuse and insider risk scenarios
- Experience supporting regulatory and compliance audits in banking or regulated environments.
- Ability to analyse complex access patterns and translate findings into actionable security controls.
- Strong documentation, investigation, and stakeholder communication skills.
Good to Have
- Experience integrating DAM with SIEM platforms (Splunk, Sentinel, Elastic).
- Familiarity with EDR/XDR tools.
- Exposure to broader data security concepts such as DLP, access governance, DSPM, or insider risk management.
Click on Apply to know more.