Cyber Data Security Specialist

Toyota Tsusho Systems

About TTS-US

Founded in 2011, Toyota Tsusho Systems US, Inc. (TTS-US) is a Toyota group company, that develops IT solutions wherever global businesses operate. Transforming into a technology and mobility company, TTS-US with it's 8 TTS affiliates worldwide is establishing a secure and resilient Toyota global value chain. The creative capacity to forge such limitless business opportunities is one of the strengths of Toyota Tsusho Systems.

Summary

We are hiring for a Cyber Data Security Specialist to ensure data security software is installed, configured, maintained and supported across a global manufacturing enterprise within a heterogeneous environment - comprised of both on-premises and cloud-based server and storage platforms.

Roles and Responsibilities

  • Install, maintain, and support anti-malware on all network storage devices – ensuring complete coverage in environment. Monitor/remediate malware alerts. Ensure alerts/logs are defined and are successfully sent to SIEM.
  • Check daily scheduled jobs and services for errors/issues. Open support cases with vendors, as needed. See remediation of issues to end.
  • Review event collection on all monitored devices to ensure complete coverage. Correct any issues to prevent event loss.
  • Monitor CVEs related to data security software and related to Windows/Linux OSes. Follow software vendor’s releases. Install updates and patches in a timely manner to ensure vulnerability gaps are closed. Implement other countermeasures where updates are not yet released for vulnerabilities.
  • Run projects to identify and remediate data that has excessive access permissions.
  • Collaborate with internal teams (such as server, storage, collaboration, active directory, business units, etc.) to accomplish project objectives and provide support/expertise on storage security.
  • Provide support to Collaboration team to place data classification labels on data.
  • Provide requested reports to users. Examples include, but not limited to:
    • Show all activity for user in provided timeframe.
    • Determine how files on a share\folder disappeared and who did it.
    • Provide a report of stale data.
    • Show where sensitive files exist with open permissions.
    • Display where files exist containing SSNs or Credit Card numbers.
  • Collaborate with and assist internal Cyber teams, such as Incident Detection, Incident Response, Investigation, and Data Loss Prevention on data security needs.
  • Use data security software to define alerts of anomalous activity and ensure alerts are sent to SIEM.
  • Perform health checks on servers, monitor resource usage, and proactively request additional resources to ensure optimal performance.
  • Work with Incident Detection, Incident Response, Investigation, and Data Loss Prevention teams – providing needed data out of data security tools.
  • Manage implementation of data security hardware/software at new sites from start to end, including submission of firewall rule modification request.
  • Manage and support host-based intrusion detection systems.

Requirements

  • Bachelor's Degree or Equivalent experience
  • 2+ years Experience with installing, configuring, and using cybersecurity software for securing data. Knowledge of NetApp, Varonis and Trend Micro Server Protect is a bonus.
  • Exceptional understanding of CIFS and NTFS, as well as competent in underlining network protocols these rely upon.
  • Experience with and be highly competent in NTFS permissions, ownership, share/folder ACLs, inheritance, etc.
  • Administrative knowledge of both Windows Server and Linux OSes, as well as scripting on those platforms.
  • Excellent troubleshooting and diagnostic skills.
  • Experience leading change controls in large global manufacturing enterprise.
  • Collaborating with Cybersecurity to investigate alerts, provide alert details and reports. Requires clear communication on a stable phone line.
  • Understanding of software’s required network ports and protocols. Responsible for submitting firewall requests to open necessary ports for new modules or Varonis servers.
  • Experience using a SIEM for querying data. KQL query experience with Sentinel preferred; but not required, providing one has the experience building queries using other languages, such as SQL.
  • Experience leading the evaluations and proof-of-concepts for new products. Creating unbiased analysis using defined evaluation criteria and providing easy to understand matrix of data supporting recommendations.