Cyber Data Security Specialist
Role details
Job location
Tech stack
Job description
We are hiring for a Cyber Data Security Specialist to ensure data security software is installed, configured, maintained and supported across a global manufacturing enterprise within a heterogeneous environment - comprised of both on-premises and cloud-based server and storage platforms. Roles and Responsibilities
-
Install, maintain, and support anti-malware on all network storage devices ensuring complete coverage in environment. Monitor/remediate malware alerts. Ensure alerts/logs are defined and are successfully sent to SIEM.
-
Check daily scheduled jobs and services for errors/issues. Open support cases with vendors, as needed. See remediation of issues to end.
-
Review event collection on all monitored devices to ensure complete coverage. Correct any issues to prevent event loss.
-
Monitor CVEs related to data security software and related to Windows/Linux OSes. Follow software vendor's releases. Install updates and patches in a timely manner to ensure vulnerability gaps are closed. Implement other countermeasures where updates are not yet released for vulnerabilities.
-
Run projects to identify and remediate data that has excessive access permissions.
-
Collaborate with internal teams (such as server, storage, collaboration, active directory, business units, etc.) to accomplish project objectives and provide support/expertise on storage security.
-
Provide support to Collaboration team to place data classification labels on data.
-
Provide requested reports to users. Examples include, but not limited to:
-
Show all activity for user in provided timeframe.
-
Determine how files on a share\folder disappeared and who did it.
-
Provide a report of stale data.
-
Show where sensitive files exist with open permissions.
-
Display where files exist containing SSNs or Credit Card numbers.
-
Collaborate with and assist internal Cyber teams, such as Incident Detection, Incident Response, Investigation, and Data Loss Prevention on data security needs.
-
Use data security software to define alerts of anomalous activity and ensure alerts are sent to SIEM.
-
Perform health checks on servers, monitor resource usage, and proactively request additional resources to ensure optimal performance.
-
Work with Incident Detection, Incident Response, Investigation, and Data Loss Prevention teams providing needed data out of data security tools.
-
Manage implementation of data security hardware/software at new sites from start to end, including submission of firewall rule modification request.
Requirements
-
Bachelor's Degree or Equivalent experience
-
2+ years Experience with installing, configuring, and using cybersecurity software for securing data. Knowledge of NetApp, Varonis and Trend Micro Server Protect is a bonus.
-
Exceptional understanding of CIFS and NTFS, as well as competent in underlining network protocols these rely upon.
-
Experience with and be highly competent in NTFS permissions, ownership, share/folder ACLs, inheritance, etc.
-
Administrative knowledge of both Windows Server and Linux OSes, as well as scripting on those platforms.
-
Excellent troubleshooting and diagnostic skills.
-
Experience leading change controls in large global manufacturing enterprise.
-
Collaborating with Cybersecurity to investigate alerts, provide alert details and reports. Requires clear communication on a stable phone line.
-
Understanding of software's required network ports and protocols. Responsible for submitting firewall requests to open necessary ports for new modules or Varonis servers.
-
Experience using a SIEM for querying data. KQL query experience with Sentinel preferred; but not required, providing one has the experience building queries using other languages, such as SQL.
-
Experience leading the evaluations and proof-of-concepts for new products. Creating unbiased analysis using defined evaluation criteria and providing easy to understand matrix of data supporting recommendations.