Apply on Employer Site

ThinkBAC Consulting · 1 month ago

Lead Energy Storage Cyber Security Engineer \- REMOTE

United States

Full-time

Remote

Senior Level

$160K/yr - $160K/yr

5+ years exp

ThinkBAC Consulting is an industry-leading renewable energy venture focused on the development and operations of utility-scale energy storage projects. The Lead Energy Storage Cybersecurity Engineer will own the enterprise cyber strategy and execute protections to reduce risk while collaborating with various departments to embed security into project delivery and corporate operations.

Information Technology & Services

Responsibilities

Drive the cybersecurity program: Partner daily with stakeholders to align activities to company security/compliance posture; champion secure-by-design and secure-by-default across the company

Own threat & vulnerability management: Baseline, monitor, and assess risk across OT/IT/data environments; triage and resolve security events, control gaps, policy questions, and technical risks

Build scalable security operations: Create repeatable frameworks to detect events, quantify feasibility, document risk, and model blast radius; project-manage implementation of security controls

Lead compliance & posture management: Administer CSPM platforms; run automated evidence collection; develop, communicate, and assess compliance vs. internal/external policies; advance certifications/attestations (SOX, ISO, NERC-CIP, NIST CSF 2.0)

Secure the ecosystem: Stand up and run a Third-Party Cyber Risk Management (TPRM) program to mitigate vendor and software supply-chain risk

Elevate governance & reporting: Publish executive-ready cyber/risk metrics; partner with Legal & Compliance to operationalize controls and meet laws/regulations; collaborate with External Relations on proposed cyber legislation

Qualification

Cybersecurity certificationsNetwork security expertisePython/Rust automationAudit & compliance leadershipEmail Security knowledgeThreat modelingVulnerability assessmentCommunication skillsTeam collaborationTechnical writing

Required

Proven impact: 8+ years identifying vulnerabilities and deliver mitigation plans in fast-paced settings; juggle multiple priorities while operating independently or as part of a team

Deep technical breadth: Hands-on expertise in 2+ areas (e.g., network or embedded/hardware security, cryptography, web/network protocols, SBOM, threat modeling, pen testing, vulnerability assessment)

Automation & measurement: Use Python/Rust to automate security workflows; establish and track KPIs/metrics that quantify security and risk performance

Audit & compliance leadership: Run audits and certification programs end-to-end—scope, control design, testing, risk mapping, and reporting—across SOC 2, ISO 27001, NIST frameworks; experienced in SOX environments

Stack fluency: Working knowledge of Email Security, DLP, CSPM, ZTNA, EDR/XDR and adjacent security technologies to strengthen enterprise posture

Credentials & communication: BS/MS in IS/CS/SE (or related); strong written/verbal communicator with cross-functional teams (technical & non-technical); proficient with Microsoft Word, Excel, PowerPoint, Outlook

Solid exposure to cybersecurity best practices for software development and distributed architecture systems

Ideal candidates for this role will have experience working in Senior, Lead, Principal, Hands-on Manager, and Hands-on Director level roles as Principal Cybersecurity Engineer, Cybersecurity Architect, Enterprise Security Engineer, Cyber Security Manager, Platform Security Engineer, Security Solutions Architect