Principal Cybersecurity Engineer – Battery Storage

Job not on LinkedIn

November 15

Apply Now

Receive Emails with Similar Jobs

Plus Power

WebsiteLinkedInAll Job Openings

Energy

Plus Power is a company committed to transforming the electric grid by developing, owning, and operating battery energy storage systems that provide efficient and reliable grid services. With projects in over 28 U. S. states and Canadian provinces, it enhances grid stability by storing excess energy and injecting it back into the grid during peak demand. Plus Power's battery facilities, such as the Kapolei Energy Storage project and the Sierra Estrella Energy Storage facility, demonstrate significant achievements in renewable integration and grid resilience. The company plays a pivotal role in solving climate challenges by offering flexible and fast-dispatch energy solutions, uniquely providing power plant-like services at scale. Plus Power's initiatives ensure enhanced power reliability and energy resilience, supporting the transition to sustainable energy sources and aiding grids in managing renewable energy more effectively.

51 - 200 employees

⚡ Energy

💰 $219M Debt Financing on 2021-11

📋 Description

• Lead key cybersecurity activities and protections at the company • Work day-to-day with a broad set of stakeholders and contributors to drive Plus Power’s cybersecurity program and activities aligning with the company’s compliance and security postures • Promote secure by design and secure by default strategies • Baseline, monitor, identify, and assess security vulnerabilities and risks in applications and infrastructure across operational technology (OT), information technology (IT), data science, and data engineering environments • Own and drive the resolution of different security events, control gaps, policy questions, and technical security risks • Contribute to building repeatable/reusable/systematic security processes and frameworks to identify potential security events • Manage the company’s Compliance & Security Posture Management (CSPM) Platforms • Provide project management for the implementation of security controls while operating cross-functionally • Conduct automated evidence collection operations to guarantee the longevity and uniformity of our controls • Assist with identification and mitigation of cybersecurity risks including compliance concerns (SOX, ISO, NERC-CIP, NIST CSF 2.0) • Develop, communicate, and assess the compliance stance of the framework in relation to internal and external policies • Build out and run a Third-Party Cyber Risk Management (TPRM) Program and mitigate systemic risk from security posture vendors and end-to-end software supply chain • Communicate and maintain cybersecurity and risk metrics for senior executives and leaders of various business units • Work with External Relations team on proposed cybersecurity legislation and regulations • Work with Legal and Compliance team to establish cybersecurity controls to facilitate compliance with applicable laws and regulations

🎯 Requirements

• 8+ years of experience in identifying security issues and developing mitigation plans • Bachelor's or Master's Degree in Information Systems, Computer Science, Software Engineering, or a closely related field • Deep hands-on technical expertise in at least two of the following areas: network security, embedded/hardware security, cryptography, web and network protocols, secure bill of materials, threat modeling, pen tests, or vulnerability assessments • Demonstrated use of scripting/software development skills (e.g., Python, Rust) to automate processes • Certifications in Security: CISSP, CISM, CRISC, CISA, GIAC, and EC-Council desired • Knowledge of fundamental security Email Security, DLP, CSPM, ZTNA, EDR/XDR, and additional security technologies preferred • Experience in successfully implementing KPIs and metrics for security and risk management • Proficient in overseeing the execution of audits, certification programs, and control assessments • Experience with SOC2 ISO27001, and/or NIST security frameworks, controls, tests, and auditing and associated requirements, in addition to familiarity with SOX-regulated environments • Excellent written and verbal communication skills • Ability to work in a fast-paced environment while managing multiple priorities • Ability to operate as a team and/or independently while demonstrating flexibility to changing requirements • Demonstrated ability to work well in a cross-functional environment with both technical and non-technical team members • Ability to effectively use Microsoft Office products – Word, Excel, Power Point, Outlook

🏖️ Benefits

• unlimited vacation • flexible remote work • work from home stipend • educational assistance • parental leave • highly engaging company culture with opportunities for in-person connection and learning and growth