Security - New

Technical Expertise:

- Deep understanding of storage technologies, including file systems (NFS, SMB/CIFS), block storage (SAN), object storage, and cloud storage platforms (AWS, Azure, GCP).
- Extensive experience with malware analysis, reverse engineering, and incident response.
- Proficiency in using and managing enterprise-level antivirus and anti-malware solutions (e.g., Symantec, McAfee, CrowdStrike, Trend Micro, SentinelOne).
- Strong knowledge of security principles, protocols, and best practices.
- Experience with vulnerability scanning and penetration testing tools.
- Understanding of networking concepts, including TCP/IP, DNS, firewalls, and intrusion detection/prevention systems.
- Experience with scripting languages (e.g., Python, PowerShell) for automation and security tasks along with DevOps skills.
- Familiarity with Cloud (GCP, Azure or AWS) concepts and services.
- Experience with SIEM (Security Information and Event Management) systems (e.g., Splunk, QRadar, Sentinel) for security monitoring and analysis.
- Security Knowledge:

- In-depth knowledge of common malware types, attack vectors, and mitigation techniques.
- Understanding of security frameworks and compliance standards (e.g., NIST, ISO 27001, HIPAA, PCI DSS).
- Knowledge of data encryption technologies and key management practices.
- Familiarity with data loss prevention (DLP) concepts and technologies.
- General Skills:

- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills.
- Ability to work independently and as part of a team.
- Ability to prioritize tasks and manage time effectively.
- Ability to document security procedures and processes.
- Experience:

- [5-7]+ years of experience in information security, with a focus on storage security and malware analysis. (Adjust the years to match the seniority you need)
- Experience in designing, implementing, and managing security solutions in complex storage environments.
- Experience in incident response and forensic analysis.

**Education & Certifications**:

- Bachelor's degree in Computer Science, Information Security, or a related field. (Master's degree preferred)
- Relevant security certifications such as:

- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- CEH (Certified Ethical Hacker)
- GIAC certifications (e.g., GCIA, GCIH, GREM)
- Security+

**Bonus Points (Nice to Have)**:

- Experience with specific storage vendor security features (e.g., NetApp, Dell EMC, Pure Storage).
- Contributions to the security community (e.g., writing blog posts, presenting at conferences).
- Experience with cloud security technologies and best practices.
- Knowledge of threat intelligence platforms and feeds.

**_* Malware and Virus Prevention & Detection**: _**
- Design, implement, and manage enterprise-level malware and virus scanning solutions for all storage platforms (e.g., file servers, NAS, SAN, object storage, cloud storage).
- Configure and optimize scanning engines, signature updates, and heuristic analysis to maximize detection rates while minimizing false positives.
- Evaluate and recommend new security technologies and tools to enhance malware and virus protection capabilities.
- Develop and maintain policies and procedures for malware prevention, detection, and remediation within the storage environment.
- Stay up-to-date on the latest malware trends, attack vectors, and vulnerabilities, and proactively implement defenses.
- Perform regular vulnerability assessments and penetration testing of storage systems to identify and address security weaknesses.

**_* Incident Response & Remediation**: _**
- Lead incident response efforts related to malware or virus infections affecting storage systems.
- Analyze infected systems and data to determine the scope and impact of security breaches.
- Develop and implement remediation plans to contain, eradicate, and recover from malware incidents.
- Conduct forensic analysis of malware samples and infected systems to identify root causes and improve security measures.
- Document security incidents, response actions, and lessons learned.
- Storage Security Architecture & Design**:

- Develop and maintain a comprehensive storage security architecture that aligns with industry best practices and regulatory requirements.
- Design and implement secure storage configurations, including access controls, encryption, and data loss prevention (DLP) measures.
- Evaluate and recommend storage security solutions to meet the organization's needs.
- Participate in the planning and implementation of new storage infrastructure projects, ensuring security considerations are integrated from the outset.

**_* Monitoring & Reporting**: _**
- Implement and manage security monitoring tools to detect and alert on suspicious activity within the storage environment.
- Develop and maintain security dashboards and reports to track key security metrics and trends.
- P