Cyber Data Security Specialist
Toyota Tsusho Systems US, Inc. · Plano, TX · 1 wk ago
RemoteRemoteInformation TechnologyFull-time
Roles And Responsibilities
- Install, maintain, and support anti-malware on all network storage devices - ensuring complete coverage in environment.
- Monitor/remediate malware alerts.
- Ensure alerts/logs are defined and are successfully sent to SIEM.
- Check daily scheduled jobs and services for errors/issues.
- Open support cases with vendors, as needed.
- See remediation of issues to end.
- Review event collection on all monitored devices to ensure complete coverage.
- Correct any issues to prevent event loss.
- Monitor CVEs related to data security software and related to Windows/Linux OSes.
- Follow software vendor's releases.
- Install updates and patches in a timely manner to ensure vulnerability gaps are closed.
- Implement other countermeasures where updates are not yet released for vulnerabilities.
- Run projects to identify and remediate data that has excessive access permissions.
- Collaborate with internal teams (such as server, storage, collaboration, active directory, business units, etc.) to accomplish project objectives and provide support/expertise on storage security.
- Provide support to Collaboration team to place data classification labels on data.
- Provide requested reports to users. Examples include, but not limited to: Show all activity for user in provided timeframe. Determine how files on a share\folder disappeared and who did it. Provide a report of stale data. Show where sensitive files exist with open permissions. Display where files exist containing SSNs or Credit Card numbers.
- Collaborate with and assist internal Cyber teams, such as Incident Detection, Incident Response, Investigation, and Data Loss Prevention on data security needs.
- Use data security software to define alerts of anomalous activity and ensure alerts are sent to SIEM.
- Perform health checks on servers, monitor resource usage, and proactively request additional resources to ensure optimal performance.
- Work with Incident Detection, Incident Response, Investigation, and Data Loss Prevention teams - providing needed data out of data security tools.
- Manage implementation of data security hardware/software at new sites from start to end, including submission of firewall rule modification request.
- Manage and support host-based intrusion detection systems.
Requirements
- Bachelor's Degree or Equivalent experience
- 2+ years Experience with installing, configuring, and using cybersecurity software for securing data.
- Knowledge of NetApp, Varonis and Trend Micro Server Protect is a bonus.
- Exceptional understanding of CIFS and NTFS, as well as competent in underlining network protocols these rely upon.
- Experience with and be highly competent in NTFS permissions, ownership, share/folder ACLs, inheritance, etc.
- Administrative knowledge of both Windows Server and Linux OSes, as well as scripting on those platforms.
- Excellent troubleshooting and diagnostic skills.
- Experience leading change controls in large global manufacturing enterprise.
- Collaborating with Cybersecurity to investigate alerts, provide alert details and reports.
- Requires clear communication on a stable phone line.
- Understanding of software's required network ports and protocols.
- Responsible for submitting firewall requests to open necessary ports for new modules or Varonis servers.
- Experience using a SIEM for querying data. KQL query experience with Sentinel preferred; but not required, providing one has the experience building queries using other languages, such as SQL.
- Experience leading the evaluations and proof-of-concepts for new products.
- Create unbiased analysis using defined evaluation criteria and provide easy to understand matrix of data supporting recommendations.