Cybersecurity Engineer

About The Position

Requirements

• Bachelor's degree or equivalent experience in business, computer science, or management information systems.
• 10 or more years of professional experience solving business problems with technology solutions at an energy facility or related industry.
• Minimum of 5 years of experience in IT security risk assessments and related frameworks (e.g., NIST 800 series, ISO 27000 series, IT General Controls).
• Strong knowledge of the Azure/AWS Infrastructure services.
• Knowledge of Identity and Access Management (IAM), Cryptography / Key Management, Access Controls and Security Protocols, secrets modernization, secrets management e.g., Multi-factor, SAML, OAuth, OIDC etc.
• Strong understanding of cloud security best practices, controls, policies, encryption, authentication, authorization, and audit capabilities.

Nice To Haves

• Preferred industry recognized experience in security (e.g., CISSP, CCSK, CISA, CISM, CEH).
• Experience designing and implementing security solutions for cloud-based systems, including IAM, network security, data protection, DevSecOps and compliance preferred.
• Superior written and oral communication skills.
• Strong analytical and system design skills.
• Self-motivated and directed, with the ability to effectively prioritize and execute tasks in a high-pressure environment.

Responsibilities

• Ensure delivery of an enterprise level cybersecurity program.
• Develop reference architectures that can be used to solve common requirements or mitigate trends in security findings in a repeatable way following (and identifying) recommended best practices.
• Lead threat modeling and partner with technical delivery teams to integrate security requirements and practices into solutions.
• Drive security architecture reviews of platforms & applications in complex multi-tenant, multi-provider, and vendor-cloud environments.
• Deliver strategic roadmaps - Research and investigate new effective ways of delivering security as code, automation into the existing security architecture assessments and processes and other service delivery optimizations.
• Partner with the IT teams to follow progress on strategic platform initiatives. Proactively manage oversight and pace for the architecture reviews, and promptly address any critical issues that may create risk.
• Ensure assessments are known, documented, and properly performed to produce consistent, timely, high-quality deliverables.
• Develop and maintain technical proficiency and related certifications for core products and solution areas.