Security - New

Job Description

The Storage Security Expert is a critical role responsible for ensuring the security and integrity of the organization's data storage infrastructure. This role focuses primarily on preventing, detecting, and responding to malware and virus threats targeting stored data. The expert will be responsible for designing, implementing, and managing advanced security solutions, with a deep understanding of storage systems, malware analysis, and incident response and facilitate building solutions and automations with programming and DevOps skills to improve operational efficiency in our Cloud. This individual will collaborate closely with other IT teams, including infrastructure, networking, and application development, to maintain a robust and secure storage environment.

Responsibilities

• Malware and Virus Prevention & Detection:**
• Design, implement, and manage enterprise-level malware and virus scanning solutions for all storage platforms (e.g., file servers, NAS, SAN, object storage, cloud storage).
• Configure and optimize scanning engines, signature updates, and heuristic analysis to maximize detection rates while minimizing false positives.
• Evaluate and recommend new security technologies and tools to enhance malware and virus protection capabilities.
• Develop and maintain policies and procedures for malware prevention, detection, and remediation within the storage environment.
• Stay up-to-date on the latest malware trends, attack vectors, and vulnerabilities, and proactively implement defenses.
• Perform regular vulnerability assessments and penetration testing of storage systems to identify and address security weaknesses.
• Incident Response & Remediation:**
• Lead incident response efforts related to malware or virus infections affecting storage systems.
• Analyze infected systems and data to determine the scope and impact of security breaches.
• Develop and implement remediation plans to contain, eradicate, and recover from malware incidents.
• Conduct forensic analysis of malware samples and infected systems to identify root causes and improve security measures.
• Document security incidents, response actions, and lessons learned.
• Storage Security Architecture & Design:**
• Develop and maintain a comprehensive storage security architecture that aligns with industry best practices and regulatory requirements.
• Design and implement secure storage configurations, including access controls, encryption, and data loss prevention (DLP) measures.
• Evaluate and recommend storage security solutions to meet the organization's needs.
• Participate in the planning and implementation of new storage infrastructure projects, ensuring security considerations are integrated from the outset.
• Monitoring & Reporting:**
• Implement and manage security monitoring tools to detect and alert on suspicious activity within the storage environment.
• Develop and maintain security dashboards and reports to track key security metrics and trends.
• Provide regular security updates and reports to management.
• Collaboration & Communication:**
• Collaborate with other IT teams to ensure security is integrated into all aspects of the storage environment.
• Provide security training and awareness to IT staff and end-users.
• Communicate security risks and mitigation strategies to stakeholders.
• Work with vendors to resolve security issues and implement security updates.
  
  
  

Qualifications

• Technical Expertise:
• Deep understanding of storage technologies, including file systems (NFS, SMB/CIFS), block storage (SAN), object storage, and cloud storage platforms (AWS, Azure, GCP).
• Extensive experience with malware analysis, reverse engineering, and incident response.
• Proficiency in using and managing enterprise-level antivirus and anti-malware solutions (e.g., Symantec, McAfee, CrowdStrike, Trend Micro, SentinelOne).
• Strong knowledge of security principles, protocols, and best practices.
• Experience with vulnerability scanning and penetration testing tools.
• Understanding of networking concepts, including TCP/IP, DNS, firewalls, and intrusion detection/prevention systems.
• Experience with scripting languages (e.g., Python, PowerShell) for automation and security tasks along with DevOps skills.
• Familiarity with Cloud (GCP, Azure or AWS) concepts and services.
• Experience with SIEM (Security Information and Event Management) systems (e.g., Splunk, QRadar, Sentinel) for security monitoring and analysis.
• Security Knowledge:
• In-depth knowledge of common malware types, attack vectors, and mitigation techniques.
• Understanding of security frameworks and compliance standards (e.g., NIST, ISO 27001, HIPAA, PCI DSS).
• Knowledge of data encryption technologies and key management practices.
• Familiarity with data loss prevention (DLP) concepts and technologies.
• General Skills:
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Ability to prioritize tasks and manage time effectively.
• Ability to document security procedures and processes.
• Experience:
• [5-7]+ years of experience in information security, with a focus on storage security and malware analysis. (Adjust the years to match the seniority you need)
• Experience in designing, implementing, and managing security solutions in complex storage environments.
• Experience in incident response and forensic analysis.
  
  
  

Education & Certifications:

• Bachelor's degree in Computer Science, Information Security, or a related field. (Master's degree preferred)
• Relevant security certifications such as:
• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• CEH (Certified Ethical Hacker)
• GIAC certifications (e.g., GCIA, GCIH, GREM)
• Security+
  
  
  

Bonus Points (Nice to Have):

• Experience with specific storage vendor security features (e.g., NetApp, Dell EMC, Pure Storage).
• Contributions to the security community (e.g., writing blog posts, presenting at conferences).
• Experience with cloud security technologies and best practices.
• Knowledge of threat intelligence platforms and feeds.