Storage Security Expert
Storage Security Expert
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
The Storage Security Expert is a critical role responsible for ensuring the security and integrity of the organizations data storage infrastructure. This role focuses primarily on preventing detecting and responding to malware and virus threats targeting stored data. The expert will be responsible for designing implementing and managing advanced security solutions with a deep understanding of storage systems malware analysis and incident response and facilitate building solutions and automations with programming and DevOps skills to improve operational efficiency in our Cloud. This individual will collaborate closely with other IT teams including infrastructure networking and application development to maintain a robust and secure storage environment.
Responsibilities
* Malware and Virus Prevention & Detection:**
* Design implement and manage enterpriselevel malware and virus scanning solutions for all storage platforms (e.g. file servers NAS SAN object storage cloud storage).
* Configure and optimize scanning engines signature updates and heuristic analysis to maximize detection rates while minimizing false positives.
* Evaluate and recommend new security technologies and tools to enhance malware and virus protection capabilities.
* Develop and maintain policies and procedures for malware prevention detection and remediation within the storage environment.
* Stay uptodate on the latest malware trends attack vectors and vulnerabilities and proactively implement defenses.
* Perform regular vulnerability assessments and penetration testing of storage systems to identify and address security weaknesses.
* Incident Response & Remediation:**
* Lead incident response efforts related to malware or virus infections affecting storage systems.
* Analyze infected systems and data to determine the scope and impact of security breaches.
* Develop and implement remediation plans to contain eradicate and recover from malware incidents.
* Conduct forensic analysis of malware samples and infected systems to identify root causes and improve security measures.
* Document security incidents response actions and lessons learned.
* Storage Security Architecture & Design:**
* Develop and maintain a comprehensive storage security architecture that aligns with industry best practices and regulatory requirements.
* Design and implement secure storage configurations including access controls encryption and data loss prevention (DLP) measures.
* Evaluate and recommend storage security solutions to meet the organizations needs.
* Participate in the planning and implementation of new storage infrastructure projects ensuring security considerations are integrated from the outset.
* Monitoring & Reporting:**
* Implement and manage security monitoring tools to detect and alert on suspicious activity within the storage environment.
* Develop and maintain security dashboards and reports to track key security metrics and trends.
* Provide regular security updates and reports to management.
* Collaboration & Communication:**
* Collaborate with other IT teams to ensure security is integrated into all aspects of the storage environment.
* Provide security training and awareness to IT staff and endusers.
* Communicate security risks and mitigation strategies to stakeholders.
* Work with vendors to resolve security issues and implement security updates.
Qualifications
* Technical Expertise:
* Deep understanding of storage technologies including file systems (NFS SMB/CIFS) block storage (SAN) object storage and cloud storage platforms (AWS Azure GCP).
* Extensive experience with malware analysis reverse engineering and incident response.
* Proficiency in using and managing enterpriselevel antivirus and antimalware solutions (e.g. Symantec McAfee CrowdStrike Trend Micro SentinelOne).
* Strong knowledge of security principles protocols and best practices.
* Experience with vulnerability scanning and penetration testing tools.
* Understanding of networking concepts including TCP/IP DNS firewalls and intrusion detection/prevention systems.
* Experience with scripting languages (e.g. Python PowerShell) for automation and security tasks along with DevOps skills.
* Familiarity with Cloud (GCP Azure or AWS) concepts and services.
* Experience with SIEM (Security Information and Event Management) systems (e.g. Splunk QRadar Sentinel) for security monitoring and analysis.
* Security Knowledge:
* Indepth knowledge of common malware types attack vectors and mitigation techniques.
* Understanding of security frameworks and compliance standards (e.g. NIST ISO 27001 HIPAA PCI DSS).
* Knowledge of data encryption technologies and key management practices.
* Familiarity with data loss prevention (DLP) concepts and technologies.
* General Skills:
* Excellent analytical and problemsolving skills.
* Strong communication and interpersonal skills.
* Ability to work independently and as part of a team.
* Ability to prioritize tasks and manage time effectively.
* Ability to document security procedures and processes.
* Experience:
* 57 years of experience in information security with a focus on storage security and malware analysis. (Adjust the years to match the seniority you need)
* Experience in designing implementing and managing security solutions in complex storage environments.
* Experience in incident response and forensic analysis.
Education & Certifications:
* Bachelors degree in Computer Science Information Security or a related field. (Masters degree preferred)
* Relevant security certifications such as:
* CISSP (Certified Information Systems Security Professional)
* CISM (Certified Information Security Manager)
* CEH (Certified Ethical Hacker)
* GIAC certifications (e.g. GCIA GCIH GREM)
* Security
Bonus Points (Nice to Have):
* Experience with specific storage vendor security features (e.g. NetApp Dell EMC Pure Storage).
* Contributions to the security community (e.g. writing blog posts presenting at conferences).
* Experience with cloud security technologies and best practices.
* Knowledge of threat intelligence platforms and feeds.
Employment Type
Full-Time
