EnergyHub

Senior Security Engineer

United States

Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Utilities, Energy, Renewable Energy, Software & Cloud SecurityIndustries

About EnergyHub

EnergyHub empowers utilities and their customers to create a clean, distributed energy future. We help consumers turn their smart thermostats, EVs, batteries, and other products into virtual power plants that keep the grid stable and enable higher penetration of solar and wind power.

About the Opportunity

We're looking for an experienced Senior Security Engineer to join our team and help enhance the security of our infrastructure and software development lifecycle. This role will be hands-on with our cloud infrastructure and development toolchain, and you will get to focus on both strategy and implementation to drive meaningful long-term improvements. You will have the opportunity to guide best practices for the entire EnergyHub engineering team and build and automate processes to enable fast and secure application delivery.

As one example of the scope of the work you might do in this role, you could be asked to put together a roadmap of items we should do over the next year within a security-related framework (like the CIS Critical Security Controls), then ensure other technical teams have enough context to complete items applicable to them while also doing some implementation yourself for items that don’t fit into other team’s domains.

Main Responsibilities

What you’ll do:

  • Keep raising the bar for EnergyHub’s infrastructure security to ensure customer data remains protected.
  • Enable our engineering team to be highly productive, safely. Make it easy to do things the right way.
  • Develop strategy for and participate in EnergyHub maintaining or achieving compliance with various regulatory frameworks such as SOC 2, SOX, ISO 27001, NIST-SP-800, NERC-CIP and others.
  • Help guide the team in design and implementation of secure cloud infrastructure as we roll out improvements and new features.
  • Identify and implement new controls to enhance our defense in depth.
  • “Shift left” on application and container security by moving security testing farther upstream in the delivery process.
  • Operate and automate our vulnerability management programs for applications, containers, and VMs.
  • Manage core security tools and technologies such as SIEM, cloud security posture management, etc.
  • Play a key role in cross-company security and compliance efforts.
  • Partner with our parent security team (EnergyHub is an independent subsidiary of Alarm.com) to leverage additional tools and resources and capitalize on our collective strengths.

Required Skills and Experience

What you need: At EnergyHub, we care about your passion and how you can contribute to our mission. If most of the following describe you, we think you’ll be a great fit for this role:

  • You have in-depth knowledge of security principles and best practices developed over 7+ years of experience.
  • You’ve managed AWS all the way from security groups to organizations and know the ins and outs of securing AWS infrastructure.
  • You’re comfortable tackling ambiguous projects that require you to gather information from multiple stakeholders and formulate a clear plan of action.
  • You like to manage all your infrastructure as code, using tools such as Terraform, CloudFormation, or Ansible.
  • You understand the security implications of containerized environments such as Kubernetes or ECS, and you know your way around container build processes.
  • You’re comfortable on the command line, can hack together a decent shell script, and have solid fundamentals of Linux system administration.
  • You have a good understanding of core networking concepts such as TCP/IP, routing, and DNS, and of network security foundations such as ACLs, firewalls, and TLS.
  • You have experience administering declarative CI/CD workflows in one tool or another. (We use GitHub Actions.)
  • You can write useful Python or another high-level, general-purpose programming language.
  • You stay on top of industry developments and have a good overall sense of the security solution spaces.
  • You’re familiar with... [Information truncated]

Note: The "Salary" and "Location Type" fields were not provided in the original description.

Skills

Cloud Infrastructure Security
Security Strategy
Security Frameworks (CIS, SOC 2, SOX, ISO 27001, NIST-SP-800, NERC-CIP)
Secure Cloud Design
Security Controls
Container Security
Security Compliance
Security Automation

EnergyHub

Manages distributed energy resources for utilities

About EnergyHub

EnergyHub helps utility companies manage the complexities of the energy grid, especially with electric vehicles (EVs) and distributed energy resources (DERs). Their main product, the Distributed Energy Resource Management System (DERMS) platform, uses artificial intelligence to optimize energy control at the grid edge, including features like Managed Charging for EVs. EnergyHub stands out by integrating with a wide range of partners and leveraging resources from its parent company, Alarm.com. The goal is to provide advanced grid services that enhance utility operations and customer satisfaction.

New York City, New YorkHeadquarters
2007Year Founded
$30.7MTotal Funding
GRANTCompany Stage
Automotive & Transportation, EnergyIndustries
51-200Employees

Benefits

Health Insurance
401(k) Retirement Plan
401(k) Company Match
Flexible Work Hours
Paid Parental Leave
Gym Membership
Tuition Reimbursement

Risks

Increased competition from DERMS providers like AutoGrid and Enbala.
Rapid AI advancements may require significant investment to stay competitive.
Potential regulatory changes in California could impact virtual power plant profitability.

Differentiation

EnergyHub's DERMS platform optimizes grid edge management with AI technology.
The Managed Charging feature for EVs reduces infrastructure costs for utilities.
EnergyHub's deep partner ecosystem enhances its competitive edge in the energy market.

Upsides

Acquisition of Kapacity.io enhances demand-side flexibility in Europe.
Partnership with FranklinWH expands virtual power plant capabilities and customer engagement.
$1.5M grant supports virtual power plant expansion, focusing on low-income families.

Land your dream remote job 3x faster with AI