174 Power Global
Cybersecurity Engineer
174 Power Global, Houston, Texas, United States, 77246
COMPANY OVERVIEW174 Power Global, headquartered in Irvine, California, is an affiliate company of Hanwha Group, a FORTUNE Global 500 firm that is among the eight largest business enterprises in South Korea. 174 Power Global designs, builds and manages solar power plant solutions. The company brings a decade of global leadership in solar PV to North America, combining best-of-world technology, processes and partnerships to deliver utility-grade solar PV solutions customized for local energy markets. 174 Power Global offers the full spectrum of PV solutions – from power plant development, design, construction, operations and maintenance. With proven capabilities across the solar value chain, 174 Power Global minimizes uncertainty and risk, and helps customers achieve a higher return on their investment in solar energy.POSITION OVERVIEWWe are seeking an experienced and highly skilled Cybersecurity Engineer to join our team. This role is crucial in safeguarding our organization's digital infrastructure through proactive threat management, strategic security planning, and effective incident response. The ideal candidate will have a deep understanding of cybersecurity frameworks, cloud security best practices, and the ability to collaborate across teams to ensure a secure and compliant environment. You will be instrumental in developing and implementing security measures, leading incident response efforts, and continuously improving our security posture in line with emerging threats.This position is located in Houston, TX, and the ideal candidate will be within commutable distance to the Houston office location.
KEY RESPONSIBILITIES
Proactive Threat Management:
Continuously monitor and assess the security of networks, systems, and applications to identify vulnerabilities.Implement and prioritize proactive security measures to mitigate risks and prevent security breaches.Stay updated on emerging threats and vulnerabilities, adjusting security protocols as necessary.
Incident Response and Management:
Lead the detection, containment, eradication, and recovery efforts during cybersecurity incidents.Collaborate with Managed Service Provider (MSP) and Security Operations Center (SOC) teams to ensure effective incident response.Document, analyze, and refine incident response protocols based on lessons learned.
Cybersecurity Strategy Development:
Design and implement a comprehensive cybersecurity strategy that evolves with emerging threats and industry trends.Conduct regular risk assessments and ensure the organization’s security posture remains robust and adaptable.Provide strategic input on system architecture to integrate security from the design phase onward.
Compliance and Audit Support:
Ensure that cybersecurity policies and practices align with industry standards and regulatory requirements (e.g., NIST, ISO 27001, CIS Controls).Prepare and maintain documentation to support internal and external audits, demonstrating continuous compliance.Keep thorough records of all security activities and protocols to ensure audit readiness.
Security Architecture and Design:
Play a key role in the architecture and design of secure systems and applications, ensuring that security is integrated from the ground up.Evaluate and recommend new security technologies and tools to enhance the organization’s security posture.Lead or participate in security architecture reviews for new and existing projects.
Threat Intelligence and Analysis:
Monitor and analyze threat intelligence sources to stay ahead of potential threats and vulnerabilities.Integrate threat intelligence into the overall security strategy to ensure proactive defense measures are in place.Conduct in-depth analysis of attack patterns and methodologies to refine security controls.
Automation and Scripting:
Develop and implement automation scripts to streamline repetitive security tasks, improving efficiency and accuracy.Utilize scripting languages (e.g., Python, PowerShell) to automate monitoring, incident response, and other security processes.Maintain and update automation tools to adapt to new security challenges.
Data Loss Prevention (DLP):
Implement and manage Data Loss Prevention (DLP) solutions to protect sensitive data from unauthorized access or leaks.Develop and enforce policies and procedures to ensure the secure handling of data across the organization.Monitor DLP systems to identify and respond to potential data breaches or policy violations.
Third-Party Risk Management:
Assess the security posture of third-party vendors and service providers to ensure they meet the organization's security requirements.Work with procurement and legal teams to include security clauses in contracts and service agreements.Conduct regular security assessments and audits of third-party vendors.
QUALIFICATIONS
Educational Background:
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.Experience:
Minimum of 4-5 years in a cybersecurity role, with proven experience in a mid to large-sized organization.Certifications:
CISSP, CCSP, CCSK, CASP+, CEH, OSCP, or other relevant certifications are highly desirable.Technical Skills:
Deep knowledge of cybersecurity frameworks (NIST, ISO 27001, CIS Controls).Hands-on experience with security tools and technologies (e.g., firewalls, IDS/IPS, SIEM, endpoint protection).Strong understanding of cloud security, particularly with Azure and AWS environments.Extensive knowledge and working experience of Microsoft 365 Admin Centers (Entra ID, Intune, Exchange, Security, Compliance).Proven ability to manage and respond to cybersecurity incidents effectively.Proficiency in programming and scripting languages (e.g., Python, PowerShell).
Analytical Skills:
Excellent problem-solving skills with the ability to analyze complex security issues and devise effective solutions.Communication Skills:
Strong communication abilities, particularly in articulating security concepts to non-technical stakeholders.Collaboration:
Experience working across departments to integrate security considerations into all areas of business operations.Vulnerability Management:
Expertise in vulnerability management and penetration testing, with a focus on prioritizing and addressing critical vulnerabilities.Project Management:
Experience in managing security projects, including planning, execution, and monitoring, with the ability to coordinate cross-functional teams.Forensics and Investigation:
Experience with digital forensics and investigation, including the ability to analyze compromised systems and identify root causes.Zero Trust Architecture:
Familiarity with Zero Trust principles and the ability to design and implement a Zero Trust architecture within the organization.Salary:
$140,000 - $175,000 a yearAttention external recruitment firms, we will not accept any unsolicited resumes at this time. Please do not contact any internal member of our company to discuss the position or to solicit candidates.174 Power Global provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.www.174powerglobal.com .
#J-18808-Ljbffr
KEY RESPONSIBILITIES
Proactive Threat Management:
Continuously monitor and assess the security of networks, systems, and applications to identify vulnerabilities.Implement and prioritize proactive security measures to mitigate risks and prevent security breaches.Stay updated on emerging threats and vulnerabilities, adjusting security protocols as necessary.
Incident Response and Management:
Lead the detection, containment, eradication, and recovery efforts during cybersecurity incidents.Collaborate with Managed Service Provider (MSP) and Security Operations Center (SOC) teams to ensure effective incident response.Document, analyze, and refine incident response protocols based on lessons learned.
Cybersecurity Strategy Development:
Design and implement a comprehensive cybersecurity strategy that evolves with emerging threats and industry trends.Conduct regular risk assessments and ensure the organization’s security posture remains robust and adaptable.Provide strategic input on system architecture to integrate security from the design phase onward.
Compliance and Audit Support:
Ensure that cybersecurity policies and practices align with industry standards and regulatory requirements (e.g., NIST, ISO 27001, CIS Controls).Prepare and maintain documentation to support internal and external audits, demonstrating continuous compliance.Keep thorough records of all security activities and protocols to ensure audit readiness.
Security Architecture and Design:
Play a key role in the architecture and design of secure systems and applications, ensuring that security is integrated from the ground up.Evaluate and recommend new security technologies and tools to enhance the organization’s security posture.Lead or participate in security architecture reviews for new and existing projects.
Threat Intelligence and Analysis:
Monitor and analyze threat intelligence sources to stay ahead of potential threats and vulnerabilities.Integrate threat intelligence into the overall security strategy to ensure proactive defense measures are in place.Conduct in-depth analysis of attack patterns and methodologies to refine security controls.
Automation and Scripting:
Develop and implement automation scripts to streamline repetitive security tasks, improving efficiency and accuracy.Utilize scripting languages (e.g., Python, PowerShell) to automate monitoring, incident response, and other security processes.Maintain and update automation tools to adapt to new security challenges.
Data Loss Prevention (DLP):
Implement and manage Data Loss Prevention (DLP) solutions to protect sensitive data from unauthorized access or leaks.Develop and enforce policies and procedures to ensure the secure handling of data across the organization.Monitor DLP systems to identify and respond to potential data breaches or policy violations.
Third-Party Risk Management:
Assess the security posture of third-party vendors and service providers to ensure they meet the organization's security requirements.Work with procurement and legal teams to include security clauses in contracts and service agreements.Conduct regular security assessments and audits of third-party vendors.
QUALIFICATIONS
Educational Background:
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.Experience:
Minimum of 4-5 years in a cybersecurity role, with proven experience in a mid to large-sized organization.Certifications:
CISSP, CCSP, CCSK, CASP+, CEH, OSCP, or other relevant certifications are highly desirable.Technical Skills:
Deep knowledge of cybersecurity frameworks (NIST, ISO 27001, CIS Controls).Hands-on experience with security tools and technologies (e.g., firewalls, IDS/IPS, SIEM, endpoint protection).Strong understanding of cloud security, particularly with Azure and AWS environments.Extensive knowledge and working experience of Microsoft 365 Admin Centers (Entra ID, Intune, Exchange, Security, Compliance).Proven ability to manage and respond to cybersecurity incidents effectively.Proficiency in programming and scripting languages (e.g., Python, PowerShell).
Analytical Skills:
Excellent problem-solving skills with the ability to analyze complex security issues and devise effective solutions.Communication Skills:
Strong communication abilities, particularly in articulating security concepts to non-technical stakeholders.Collaboration:
Experience working across departments to integrate security considerations into all areas of business operations.Vulnerability Management:
Expertise in vulnerability management and penetration testing, with a focus on prioritizing and addressing critical vulnerabilities.Project Management:
Experience in managing security projects, including planning, execution, and monitoring, with the ability to coordinate cross-functional teams.Forensics and Investigation:
Experience with digital forensics and investigation, including the ability to analyze compromised systems and identify root causes.Zero Trust Architecture:
Familiarity with Zero Trust principles and the ability to design and implement a Zero Trust architecture within the organization.Salary:
$140,000 - $175,000 a yearAttention external recruitment firms, we will not accept any unsolicited resumes at this time. Please do not contact any internal member of our company to discuss the position or to solicit candidates.174 Power Global provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.www.174powerglobal.com .
#J-18808-Ljbffr