EnergyHub is hiring a
Senior Security Engineer

Logo of EnergyHub

EnergyHub

💵 $130k-$170k
📍Remote - United States

Summary

Join EnergyHub's team as a Senior Security Engineer to enhance the security of our infrastructure and software development lifecycle. This role will be hands-on with our cloud infrastructure and development toolchain, focusing on strategy and implementation to drive meaningful long-term improvements.

Requirements

  • You have in-depth knowledge of security principles and best practices developed over 7+ years of experience
  • You've managed AWS all the way from security groups to organizations and know the ins and outs of securing AWS infrastructure
  • You’re comfortable tackling ambiguous projects that require you to gather information from multiple stakeholders and formulate a clear plan of action
  • You like to manage all your infrastructure as code, using tools such as Terraform, CloudFormation, or Ansible
  • You understand the security implications of containerized environments such as Kubernetes or ECS, and you know your way around container build processes
  • You’re comfortable on the command line, can hack together a decent shell script, and have solid fundamentals of Linux system administration
  • You have a good understanding of core networking concepts such as TCP/IP, routing, and DNS, and of network security foundations such as ACLs, firewalls, and TLS
  • You have experience administering declarative CI/CD workflows in one tool or another. (We use GitHub Actions.)
  • You can write useful Python or another high-level, general-purpose programming language
  • You stay on top of industry developments and have a good overall sense of the security solution spaces
  • You’re familiar with security management frameworks such as CIS Controls, OWASP, etc

Responsibilities

  • Keep raising the bar for EnergyHub's infrastructure security to ensure customer data remains protected
  • Enable our engineering team to be highly productive, safely. Make it easy to do things the right way
  • Develop strategy for and participate in EnergyHub maintaining or achieving compliance with various regulatory frameworks such as SOC 2, SOX, ISO 27001, NIST-SP-800, NERC-CIP and others
  • Help guide the team in design and implementation of secure cloud infrastructure as we roll out improvements and new features
  • Identify and implement new controls to enhance our defense in depth
  • Operate and automate our vulnerability management programs for applications, containers, and VMs
  • Manage core security tools and technologies such as SIEM, cloud security posture management, etc
  • Play a key role in cross-company security and compliance efforts
  • Partner with our parent security team (EnergyHub is an independent subsidiary of Alarm.com) to leverage additional tools and resources and capitalize on our collective strengths

Preferred Qualifications

  • Bonus: you’ve worked on compliance efforts for audit frameworks such as SOC 2 or ISO 27001
  • Bonus: you’re familiar with NERC-CIP

Benefits

  • 100% paid medical for employees
  • 401(k) with employer match
  • Casual environment
  • Flexibility to set your own schedule
  • Fully stocked fridge and pantry
  • Free Citi Bike membership
  • Secure bike rack
  • Gym subsidy
  • Paid parental leave
  • Education assistance program

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.

Similar Remote Jobs

Please let EnergyHub know you found this job on JobsCollider. Thanks! 🙏