Description

Job Description

The Storage Security Expert is a critical role responsible for ensuring the security and integrity of the organization's data storage infrastructure. This role focuses primarily on preventing, detecting, and responding to malware and virus threats targeting stored data. The expert will be responsible for designing, implementing, and managing advanced security solutions, with a deep understanding of storage systems, malware analysis, Antivirus (AV), Endpoint Detection & Response (EDR) and incident response and facilitate building solutions and automations with programming and DevOps skills to improve operational efficiency in our Cloud. This individual will collaborate closely with other IT teams, including infrastructure, networking, and application development, to maintain a robust and secure storage environment.

Responsibilities

* Antivirus (AV) and Endpoint Detection & Response (EDR) :**

* Design, implement, and manage Antivirus and EDR solutions across enterprise-level storage systems and endpoints (e.g., file servers, NAS, SAN, object storage, cloud storage).

* Monitor and respond to security alerts generated by Antivirus and EDR platforms.

* Perform regular threat hunting and forensic analysis using EDR tools.

* Ensure AV/EDR coverage, compliance, and reporting across all infrastructure components.

* Manage policy creation and enforcement for Antivirus and EDR tools.

* Maintain up-to-date virus definitions, signatures, and EDR agent versions.

* Work closely with the Security Operations Center (SOC) and Incident Response (IR) teams to triage and remediate security incidents.

* Conduct vulnerability assessments on storage systems and apply mitigation strategies.

* Collaborate with infrastructure, storage, and application teams to ensure security controls do not impact system performance or availability.

* Develop and maintain documentation, SOPs, runbooks, and security guidelines.

* Incident Response & Remediation:**

* Lead incident response efforts related to malware or virus infections affecting storage systems.

* Analyze infected systems and data to determine the scope and impact of security breaches.

* Develop and implement remediation plans to contain, eradicate, and recover from malware incidents.

* Conduct forensic analysis of malware samples and infected systems to identify root causes and improve security measures.

* Document security incidents, response actions, and lessons learned.

* Storage Security Architecture & Design:**

* Develop and maintain a comprehensive storage security architecture that aligns with industry best practices and regulatory requirements.

* Design and implement secure storage configurations, including access controls, encryption, and data loss prevention (DLP) measures.

* Evaluate and recommend storage security solutions to meet the organization's needs.

* Participate in the planning and implementation of new storage infrastructure projects, ensuring security considerations are integrated from the outset.

* Monitoring & Reporting:**

* Implement and manage security monitoring tools to detect and alert on suspicious activity within the storage environment.

* Develop and maintain security dashboards and reports to track key security metrics and trends.

* Provide regular security updates and reports to management.

* Collaboration & Communication:**

* Collaborate with other IT teams to ensure security is integrated into all aspects of the storage environment.

* Provide security training and awareness to IT staff and end-users.

* Communicate security risks and mitigation strategies to stakeholders.

* Work with vendors to resolve security issues and implement security updates.

Qualifications

Required Skills & Experience:

* Technical Expertise:

* Deep understanding of storage technologies, including file systems (NFS, SMB/CIFS), block storage (SAN), object storage, and cloud storage platforms (AWS, Azure, GCP).

* Hands-on experience with leading AV/EDR platforms, reverse engineering, and incident response.

* Proficiency in using and managing enterprise-level antivirus and anti-malware solutions (e.g., Symantec, McAfee, CrowdStrike, Trend Micro, SentinelOne).

* Deep understanding of storage technologies (NAS, SAN, DAS), data protection, and secure storage practices.

* Strong knowledge of security principles, protocols, and best practices.

* Experience with vulnerability scanning and penetration testing tools.

* Understanding of networking concepts, including TCP/IP, DNS, firewalls, and intrusion detection/prevention systems.

* Experience with scripting languages (e.g., Python, PowerShell) for automation and security tasks along with DevOps skills.

* Familiarity with Cloud (GCP, Azure or AWS) concepts and services.

* Experience with SIEM (Security Information and Event Management) systems (e.g., Splunk, QRadar, Sentinel) for security monitoring and analysis.

* Security Knowledge:

* In-depth knowledge of common malware types, attack vectors, and mitigation techniques.

* Understanding of security frameworks and compliance standards (e.g., NIST, ISO 27001, HIPAA, PCI DSS).

* Knowledge of data encryption technologies and key management practices.

* Familiarity with data loss prevention (DLP) concepts and technologies.

* General Skills:

* Excellent analytical and problem-solving skills.

* Strong communication and interpersonal skills.

* Ability to work independently and as part of a team.

* Ability to prioritize tasks and manage time effectively.

* Ability to document security procedures and processes.

* Experience:

* [5-7]+ years of experience in information security, with a focus on storage security and malware analysis. (Adjust the years to match the seniority you need)

* Experience in designing, implementing, and managing security solutions in complex storage environments.

* Experience in incident response and forensic analysis.

Education & Certifications:

* Bachelor's degree in Computer Science, Information Security, or a related field. (Master's degree preferred)

* Relevant security certifications such as:

* CISSP (Certified Information Systems Security Professional)

* CISM (Certified Information Security Manager)

* CEH (Certified Ethical Hacker)

* GIAC certifications (e.g., GCIA, GCIH, GREM)

* Security+

Bonus Points (Nice to Have):

* Experience with specific storage vendor security features (e.g., NetApp, Dell EMC, Pure Storage).

* Contributions to the security community (e.g., writing blog posts, presenting at conferences).

* Experience with cloud security technologies and best practices.

* Knowledge of threat intelligence platforms and feeds.