Database Security & Hardening Specialist
Aug 9, 2025 - Senior
$80.00 Hourly Project Overview & Business Challenge
* Company Introduction: We are a healthcare technology company that handles highly sensitive patient data. Our legal and ethical obligations require us to maintain the highest level of data security and comply with regulations like HIPAA.
* The Challenge: We have concerns about the security posture of our databases. We need a professional to conduct a thorough security audit to identify vulnerabilities, implement robust security measures, and ensure compliance with industry standards. The current setup lacks proper access controls, encryption, and audit trails.
* Objective: The goal is to perform a comprehensive security audit of our databases, harden them against potential threats, and establish a security framework that ensures compliance and protects our sensitive data.
Detailed Job Description & Responsibilities
* Core Tasks:
o Conduct a full security audit of our databases (e.g., MySQL, MSSQL), focusing on access controls, permissions, and configuration.
o Implement data encryption both at rest and in transit.
o Configure and secure user accounts and roles, enforcing the principle of least privilege.
o Set up a real‐time monitoring and alerting system for suspicious database activities.
o Develop and implement a comprehensive backup and recovery strategy with a focus on data integrity and security.
o Provide a support and maintenance plan for ongoing security monitoring and incident response.
o Generate a detailed report of findings and provide clear, actionable steps for remediation and compliance.
Required Skills & Qualifications
* Technical Expertise:
o Extensive experience in database security auditing and hardening.
o Expertise with multiple database systems (e.g., MySQL, PostgreSQL, Microsoft SQL Server).
o Deep knowledge of data encryption methods, access control lists (ACLs), and compliance standards (e.g., HIPAA, GDPR).
o Proficiency with security tools for vulnerability scanning and penetration testing.
o Relevant certifications (e.g., CISSP, CISM, CDPSE) are highly desirable.
Soft Skills
* High level of integrity and professional ethics when handling sensitive data.
* Excellent report writing and documentation skills.
* Strong communication skills to explain security risks to both technical and non-technical stakeholders.
* A comprehensive database security audit report.
* A documented security hardening plan and the implemented changes.
* A backup and recovery strategy.
* A final report confirming compliance and security posture.
How to Apply
* Instructions:
o Submit a cover letter detailing your experience in database security and compliance.
o Provide a portfolio or case study of a past project.
o State your hourly rate for this engagement.
Skills
* Technical: Database Security, MySQL, MSSQL, PostgreSQL, Encryption, HIPAA, GDPR, Backup and Recovery, Vulnerability Scanning.
* Soft: Ethics, Documentation, Problem-solving, Communication.
#J-18808-Ljbffr