Sr. Cybersecurity Engineer

Fluence

1010

Houston, TX, USA, United States

Posted on: 2024-07-13

Category: energy

Apply now

Please let Fluence know you found this job on Work in Green. This will help us grow!

Apply to job

Employment type:

Full time

Experience required:

Senior

Salary

Salary not provided

About the company:

Fluence is the leading global energy storage technology and services company, created and backed by Siemens and AES, two industry powerhouses and pioneers in energy storage. Fluence unites the scale, experience, breadth, and financial backing of the two most experienced icons in energy storage.

Our mission is to create a more sustainable future by transforming the way we power our world. Energy storage is critical to this transformation, yet today the market is fragmented and customers face the challenge of finding a trusted technology partner amidst conflicting technical claims, inexperienced vendors and installers, and new market entrants with limited power sector knowledge.

Fluence brings the proven technology solutions and services that overcome the commercial and regulatory barriers that stand in the way of modernizing our energy networks. We are the partner that can deliver at a global scale with the most experienced and knowledgeable team in the world.

The Sr Cybersecurity Engineer will perform as a member of a dynamic product team ensuring the security of Fluence products. The Sr Cybersecurity engineer must have an analytical mind and a detailed understanding of secure design, defense in depth strategies, operations, & security best practices. Sr Cybersecurity engineers are expected to have meticulous attention to detail, outstanding problem-solving and documentation skills, work comfortably under pressure, and deliver on tight deadlines.

What does a Sr. Cybersecurity Engineer do at Fluence?

Participating in an agile team and tracking day to day activities in Jira.

Evaluating and implementing new and state-of-the-art technology to address challenging customer problems. Participate in network and security design reviews.

Ensuring network security and communicating security vulnerabilities of all severities to affected stakeholders within the product organization.

Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks.

Troubleshooting and debugging production environments and providing support to a global organization.

Identifying opportunities to improve workflow and creating/maintaining supporting documentation.

What does the ideal candidate look like?

Minimum of 5+ years of experience in cybersecurity roles.

The preferred candidate will have a background B.S. degree in Information Technology, Information Security, Cybersecurity, Networking, Computer Science, or related technical field.

Solid understanding of OSI layer and TCP/IP models, defense in depth strategies, and applying secure design principles in securing applications, networks, servers and cloud environments.

Ability to work independently with little day to day guidance to achieve targets and goals.

SDLC Security Integration: Collaborate with cross-functional teams to integrate security measures and best practices into the Software Development Life Cycle (SDLC).

Product Security Assurance: Conduct comprehensive security assessments and audits, vulnerability assessment, testing, and code reviews for software components utilized in our Industrial Control Systems. Identify potential vulnerabilities and design flaws and provide recommendations for remediation and mitigation.

Secure Code Development: Assist software development teams in adopting secure coding practices, including adherence to coding standards and best practices.

Threat Modeling: Perform threat modeling exercises to identify potential attack vectors and security weaknesses in software components. Work proactively to address these threats during the development process.

Incident Response: Collaborate with the Incident Response team to investigate and respond to any security incidents related to ICS software components. Provide technical expertise to support incident analysis and recovery efforts.

Security Awareness Training: Conduct training sessions to raise awareness among OT and development teams about potential cyber threats and best practices in ICS security.

Regulatory Compliance: Stay updated on relevant industry regulations and standards (e.g., NERC CIP, IEC 62443) to ensure compliance and alignment with best practices.

Risk Assessment: Assist in conducting risk assessments of software components, development, production and ICS environments, identifying and prioritizing potential security risks.

Documentation: Create and maintain technical documentation related to security assessments, vulnerability findings, and recommended remediation measures, SOPs, work instructions and procedures.

Continuous Improvement: Actively participate in the continuous improvement of security processes, methodologies, and tools used in the OT cyber security program.

Relevant certifications: Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), CompTIA Security+, Certified Ethical Hacker (CEH) etc.

Excellent communication and interpersonal skills.

7949 Energy jobs