Storage Security Expert

About The Company 

Ford is a global company with shared ideals and a deep sense of family. From our earliest days as a pioneer of modern transportation, we have sought to make the world a better place – one that benefits lives, communities and the planet. We are here to provide the means for every person to move and pursue their dreams, serving as a bridge between personal freedom and the future of mobility. In that pursuit, our 186,000 employees around the world help to set the pace of innovation every day.

Job Role : Storage Security Expert

Job Description:

The Storage Security Expert is a critical role responsible for ensuring the security and integrity of the organization's data storage infrastructure. This role focuses primarily on preventing, detecting, and responding to malware and virus threats targeting stored data. The expert will be responsible for designing, implementing, and managing advanced security solutions, with a deep understanding of storage systems, malware analysis, and incident response and facilitate building solutions and automations with programming and DevOps skills to improve operational efficiency in our Cloud. This individual will collaborate closely with other IT teams, including infrastructure, networking, and application development, to maintain a robust and secure storage environment.

Responsibilities:

 Malware and Virus Prevention & Detection:

•        Design, implement, and manage enterprise-level malware and virus scanning solutions for all storage platforms (e.g., file servers, NAS, SAN, object storage, cloud storage).
•        Configure and optimize scanning engines, signature updates, and heuristic analysis to maximize detection rates while minimizing false positives.
•        Evaluate and recommend new security technologies and tools to enhance malware and virus protection capabilities.
•        Develop and maintain policies and procedures for malware prevention, detection, and remediation within the storage environment.
•        Stay up-to-date on the latest malware trends, attack vectors, and vulnerabilities, and proactively implement defenses.
•        Perform regular vulnerability assessments and penetration testing of storage systems to identify and address security weaknesses.

  Incident Response & Remediation:

•        Lead incident response efforts related to malware or virus infections affecting storage systems.
•        Analyze infected systems and data to determine the scope and impact of security breaches.
•        Develop and implement remediation plans to contain, eradicate, and recover from malware incidents.
•       Conduct forensic analysis of malware samples and infected systems to identify root causes and improve security measures.
•        Document security incidents, response actions, and lessons learned.

Storage Security Architecture & Design:**

•        Develop and maintain a comprehensive storage security architecture that aligns with industry best practices and regulatory requirements.
•        Design and implement secure storage configurations, including access controls, encryption, and data loss prevention (DLP) measures.
•        Evaluate and recommend storage security solutions to meet the organization's needs.
•        Participate in the planning and implementation of new storage infrastructure projects, ensuring security considerations are integrated from the outset.

   Monitoring & Reporting:

•        Implement and manage security monitoring tools to detect and alert on suspicious activity within the storage environment.
•        Develop and maintain security dashboards and reports to track key security metrics and trends.
•        Provide regular security updates and reports to management.

Collaboration & Communication:

•        Collaborate with other IT teams to ensure security is integrated into all aspects of the storage environment.
•        Provide security training and awareness to IT staff and end-users.
•        Communicate security risks and mitigation strategies to stakeholders.
•        Work with vendors to resolve security issues and implement security updates.

Qualification:

 Technical Expertise:

•       Deep understanding of storage technologies, including file systems (NFS, SMB/CIFS), block storage (SAN), object storage, and cloud storage platforms (AWS, Azure, GCP).
•        Extensive experience with malware analysis, reverse engineering, and incident response.
•        Proficiency in using and managing enterprise-level antivirus and anti-malware solutions (e.g., Symantec, McAfee, CrowdStrike, Trend Micro, SentinelOne).
•        Strong knowledge of security principles, protocols, and best practices.
•        Experience with vulnerability scanning and penetration testing tools.
•        Understanding of networking concepts, including TCP/IP, DNS, firewalls, and intrusion detection/prevention systems.
•        Experience with scripting languages (e.g., Python, PowerShell) for automation and security tasks along with DevOps skills.
•        Familiarity with Cloud (GCP, Azure, or AWS) concepts and services.
•        Experience with SIEM (Security Information and Event Management) systems (e.g., Splunk, QRadar, Sentinel) for security monitoring and analysis.

  Security Knowledge:

•        In-depth knowledge of common malware types, attack vectors, and mitigation techniques.
•        Understanding of security frameworks and compliance standards (e.g., NIST, ISO 27001, HIPAA, PCI DSS).
•        Knowledge of data encryption technologies and key management practices.
•        Familiarity with data loss prevention (DLP) concepts and technologies.

General Skills:

•        Excellent analytical and problem-solving skills.
•        Strong communication and interpersonal skills.
•        Ability to work independently and as part of a team.
•        Ability to prioritize tasks and manage time effectively.
•        Ability to document security procedures and processes.