Sr Database Security Engineer

  • Company: New York Life
  • Location: Clinton, New Jersey
  • Posted: December 19, 2017
  • Reference ID: 61536-en_US

New York Life Insurance Company (“New York Life” or “the company”) is the largest mutual life insurance company in the United States*. Founded in 1845, New York Life is headquartered in New York City, maintains offices in all fifty states, and owns Seguros Monterrey New York Life in Mexico.


New York Life is one of the most financially strong and highly capitalized insurers in the business. The company reported 2016 operating earnings of $1.954 billion. Total assets under management at year end 2016, with affiliates, totaled $538 billion.  As of year-end 2016, New York Life’s surplus was $23.336 billion**.  New York Life holds the highest possible financial strength ratings currently awarded to any life insurer from all four of the major ratings agencies: A.M. Best, A++; Fitch AAA; Moody’s Aaa; Standard & Poor’s AA+. (Source: Individual Third Party Ratings Report as of 8/17/16).


Financial strength, integrity and humanity—the values upon which New York Life was founded—have guided the company’s decisions and actions for over 170 years.


Job Function and Key Duties & Responsibilities


The Sr Database Security Engineer is an experienced IT professional responsible for providing advanced expertise to assure the effective architecture, engineering and operational transition of Data Protection security technologies. This is a senior engineering position within the Technology Security organization that will provide in depth hands on security engineering expertise for data protection technologies.

The well qualified candidate will apply his/her detailed technical expertise to provide engineering and technical guidance in the architecture, deployment and lifecycle management of Data Protection technology areas.

Role & Responsibilities


  • Engineer and document DB monitoring artifacts to enforce security strategies in accordance with policies, standards, guidelines and procedures established by NYL.
  • Develop database security standards, guidelines and procedures for hardening database configurations, users, roles, and profiles, etc. that support the NYL technology security strategy.
  • Evaluate updates to new/existing database security controls by determining the strengths/weaknesses.
  • Identify weaknesses in DB information security products and determine how to mitigate the technical control deficiencies.
  • Work with NYL Technology Security & Security Risk Management organization to understand their respective security needs and provide engineering direction, practices and procedures to support the NYL information security policy.
  • Engineer the ability to identify database security compliance issues and ensure that any non-compliance to security baseline configurations are identified and tracked.
  • Engineer monitoring artifacts used to detect and report security violations.
  • Evaluate vendor software updates.
  • Engineer & architect database security solutions; like encryption, masking, tokenization, & database firewalls.
  • Provides hands on engineering expertise for Data Activity Monitoring (DAM) related infrastructure;  including but not limited to Imperva and Guardium .
  • Familiawith other data security and data protection technologies; Symantec DLP, Varonis, Protegrity, and Veritas DataInsights.
  • Contributes to the design and build of new elements of the Data Protection program and provides guidance to the development of the emerging application protection capabilities at New York Life.
  • Leads engineering efforts for various NYL Data Protection capabilities – analysis of vendor proposals, evaluations of build versus buy, complete project plans, vendor coordination, and other key project deliverables.
  • Designs, executes and oversees the testing of new Data and Application protection security technologies to be implemented in the NYL environment.
  • When provided with an objective to improve performance in their area(s) of technology; develops and implements action plans.
  • Participates in infrastructure planning for the Data protection security areas providing insight into the future of their assigned areas of expertise.
  • Leads and drives the analysis of the performance of installed technologies. Proposes and implements any required changes to improve performance, including identifying and planning for any resulting impacts on other technologies.
  • Provides engineering direction and guidance for the problem management process, including assessing and evaluating system anomalies.
  • Manages the delivery of engineering documentation and/or implementation instructions prior to implementation.
  • Responsible for Technology Security engineering deliverables as part of design decisions for assigned areas of expertise, contributing an expert understanding of how the technology performs in the NY Life environment.
  • Manages and participates in ongoing 3rd level support and troubleshooting for installed technical solutions, able to resolve nearly all engineering issues in their assigned areas of expertise.
  • Provides coaching to less experienced staff to encourage quality and consistent approaches to engineering.
  • Leads cross-functional teams to deliver technology implementation projects.
  • Maintains contemporary knowledge of current and future security technologies and architectures.


    Required Qualifications:

  • Experience as a subject matter expert for planning, coordination, and executing complex high visibility tasks essential to the technology security and operation of New York Life.
  • Well versed in secure access and monitoring; methodologies and products – experience as an Imperva or Guardium DAM engineer as well as familiarity with Symantec DLP, Varonis, Protegrity and Veritas DataInsights.
  • Security engineering support and management experience (Tier II, Tier III, network infrastructure implementation and maintenance) focusing on network security, infrastructure security and vulnerability management.
  • Experienced with managing and performing root cause analysis, risk identification, and risk mitigation.
  • Contemporary experience in the areas of system and infrastructure design, Database Administration, operations and engineering. 
  • Detailed knowledge of major database platforms such as Oracle, SQL Server and AWS-RDS is a plus
  • Interpersonal skills including the ability to collaborate effectively, and excellent written and oral communications.
  • Detailed understanding of data protection concepts and operational functionalities; TCP/IP networking, Cryptography and tokenization, Data Encryption, Data Access Management and Governance.
  • Significant hands-on experience with engineering, lifecycle management, support and common problem resolution activities for data protection capabilities. Experience should include some automation of maintenance and support functions for assigned areas of expertise to support continuous improvement of quality and consistency of future operational tasks.
  • Prior Windows and/or UNIX scripting experience is a plus – Perl, PowerShell, and UNIX Shell Scripting.
  • Additional preferred experience – AWS and Azure cloud integrations.


    General Experience, Education and Professional Certifications:

  • Minimum 7-10 years of DBA, Database Security Engineer
  • BA/BS Degree in Engineering, Computer Science, or equivalent experience in Cyber Security and Engineering.
  • CISSP, Guardium or Imperva DAM or similar certifications







If you have difficulty using or interacting with any portions of this Web site due to incompatibility with an Assistive Technology, if you need the information in an alternative format, or if you have suggestions on how we can make this site more accessible, please contact us at: (212) 576-5811.


*Based on revenue as reported by “Fortune 500, ranked within Industries, Insurance: Life, Health (Mutual),” Fortune Magazine, June 17, 2016.  See  for methodology.

**Total surplus, which includes the Asset Valuation Reserve, is one of the key indicators of the company’s long-term financial strength and stability and is presented on a consolidated basis of the company.


1. Operating earnings is the key measure use by management to track Company’s profitability from ongoing operations and underlying profitability of the business. This indicator is based on generally accepted accounting principles in the US (GAAP), with certain adjustments Company believes to be appropriate as a measurement approach (non GAAP), primarily the removal of gains or losses on investments and related adjustments.


2. Assets under management represent Consolidated Domestic and International insurance Company Statutory assets (cash and invested assets and separate account assets) and third party assets principally managed by New York Life Investment management Holdings LLC, a wholly owned subsidiary of New York Life Insurance Company.

Share this Job