Senior Cyber Security Engineer

ORAU•Madison, WI

About The Position

ORAU is conducting the search on behalf of Type One Energy for a permanent, full‑time Cyber Security Engineer in Knoxville, TN or Madison, WI. About Type One Energy Type One Energy Group is mission-driven to provide sustainable, affordable fusion power to the world. Established in 2019 and venture-backed in 2023, the company is led by a team of globally recognized fusion scientists with a strong track record of building state-of-the-art stellarator fusion machines, together with veteran business leaders experienced in scaling companies and commercializing energy technologiesIf you are searching for the best new ideas and share our vision, join us as a Senior Cyber Secruity Engineer. This is what you need to know: Your role in the mission: The Cyber Security Engineer will be the primary hands-on security operator, responsible for day-to-day cyber security operations and the implementation and operation of core security platforms. This role partners closely with the Director of IT, who sets security strategy, priorities, and risk tolerance, while the Cyber Security Engineer executes, operates, and continuously improves the technical security program. The Cyber Security Engineer is responsible for coordinating closely with the MSP on these services, ensuring they are correctly configured, monitored, and aligned with internal security objectives. While certain operational tasks are delegated, accountability for security outcomes remains internal. This role will play a central part in establishing durable, auditable, and defensible cyber security operations.

Requirements

Typically 3–7 years of experience in cybersecurity, systems engineering, or a closely related field.
Experience operating security controls in production environments with real accountability.
Experience working with Managed Service Providers while retaining internal ownership of outcomes.
Ability to communicate security risks clearly to non-security stakeholders.
Sound judgment balancing security requirements with business and research needs.
Comfort operating in an environment where execution is shared, but accountability is not.

Nice To Haves

Prior experience in regulated or high-scrutiny environments preferred.
Direct experience with CMMC, NIST 800-171, SOC 2, or IPO readiness.
Relevant certifications (e.g., CISSP, GCIH, GCED, CCSP).

Responsibilities

Own day-to-day internal cyber security operations and outcomes.
Monitor, triage, and investigate security alerts and incidents.
Act as the primary internal technical responder for security events.
Coordinate closely with the MSP on managed security services (including SentinelOne), retaining internal accountability.
Implement, configure, and operate core security platforms, including Zscaler and Aurascape.
Design and enforce security policies; integrate with identity, endpoint, and network systems.
Serve as technical owner for MSP-managed platforms by defining standards, reviewing findings, and validating response actions.
Lead implementation and operation of a SIEM platform, including logging standards, alerting, and workflows.
Lead technical investigation, containment, and remediation of security incidents.
Conduct post-incident reviews and recommend control improvements.
Operate vulnerability scanning and configuration assessment tools.
Prioritize and track remediation based on risk and business impact.
Implement and operate technical controls supporting CMMC Level 2 and NIST 800-171.
Maintain defensible documentation of security controls and operations.
Support audits, investor due diligence, and third-party security assessments.
Partner with leadership to identify and remediate gaps.
Work closely with the Director of IT on priorities, risk acceptance, and escalation decisions.
Advise IT, engineering, and research teams on secure system design and operational trade-offs.