Sr. Cybersecurity Engineer (OT & Cloud Infrastructure) jobs in United States
cer-icon
Apply on Employer Site
company-logo

ON.energy · 8 hours ago

Sr. Cybersecurity Engineer (OT & Cloud Infrastructure)

positionMiami, Florida, United States
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

ON.energy is building the power infrastructure that makes the AI era possible. We are looking for a Sr. Cybersecurity Engineer to architect and implement technical security controls for our grid-connected energy portfolio, ensuring the security of the entire data lifecycle from industrial control systems to cloud environments.

AnalyticsEnergyEnergy ManagementEnergy StorageRenewable EnergySoftware

Responsibilities

Cloud & Infrastructure Security
Cloud Architecture: Secure the AWS infrastructure that hosts our energy management platforms. Implement hardening baselines and manage security groups for cloud resources
SIEM & Observability (Wazuh): Architect a centralized and on-prem SIEM deployment to ingest logs from CloudTrail, VPC Flow Logs, and Linux servers. Configure custom decoders to detect threats across both cloud and on-prem environments
Infrastructure as Code (IaC): Review and secure Terraform/CloudFormation scripts. Manage security configurations (including Wazuh agents and Authentik outposts) via Ansible or similar automation tools
IoT/Edge Security: Secure the telemetry pipeline from the edge device (site controller) to the cloud, ensuring encryption (TLS 1.2/1.3) and proper certificate management (PKI) for edge
Identity & Access Management (IAM)
Unified IAM (Authentik): Architect Authentik as the central Identity Provider (IdP), enforcing MFA and SSO across cloud consoles, internal engineering tools, and Grafana dashboards
Least Privilege: Engineer granular IAM roles for cloud resources and service accounts, ensuring that automated services have only the permissions necessary to function
Operational Technology (OT) Security
Network Segmentation: Design and implement IEC 62443-aligned network architectures (Purdue Model), strictly controlling traffic between the IT, Cloud, and OT zones
Vulnerability & Integrity Monitoring: Deploy Wazuh agents on industrial PCs and HMIs to perform File Integrity Monitoring (FIM) and vulnerability scanning without disrupting critical real-time processes
Industrial Protocols: Analyze and secure communications (Modbus, DNP3) to ensure integrity between field assets and control centers

Qualification

WazuhAuthentikAWSOT SecurityInfrastructure as CodeLinuxIndustrial ProtocolsDocker/KubernetesGICSPGRIDAWS Certified SecurityOpen-Source AdvocateHands-on

Required

5–8 years of technical cybersecurity experience, with a specific blend of Cloud/Linux Engineering and OT/Industrial exposure
Deep experience deploying Wazuh managers/agents, writing custom rules/decoders, and tuning FIM/SCA modules for low-noise environments
Experience configuring Authentik Providers (OIDC, SAML), Outposts, and proxying legacy applications
Proficiency with AWS (GuardDuty, IoT Core, IAM) or Azure (Defender for IoT, Entra ID)
Proven experience working with industrial control systems (ICS), SCADA, or utility/energy infrastructure
Deep expertise in securing Linux-based cloud environments and managing infrastructure via code
You are comfortable debugging a failed Wazuh agent on a Linux server or tracing a dropped packet in a cloud VPC
You prefer tailoring flexible open-source tools to fit specific architectural needs rather than relying solely on 'black box' commercial vendors

Preferred

Experience with Docker/Kubernetes security in an edge computing context
Knowledge of industrial protocols (Modbus TCP, DNP3, IEC 61850)
Certifications: GICSP, GRID, AWS Certified Security – Specialty

Benefits

Medical, dental, and vision insurance
401(k) with company match
Paid time off and company holidays
Christmas Bonus (Aguinaldo): 30 days
Major medical expenses and life insurance
Paid time off and holidays (per local policy)
Professional development and growth opportunities
Opportunity to grow with a mission-driven team shaping the future of clean energy

Company

ON.energy

twittertwittertwitter
company-logo
Battery storage IPP. A fully-integrated energy storage developer, technology company and asset owner. using proprietary software.
dateFounded in 2016
location
Miami, Florida, USA
people-size51-200 employees
web-link
https://www.on.energy

Funding

Current Stage
Growth Stage
Total Funding
$262.6M
Key Investors
Lombard Odier Investment ManagersLive Oak BankUltra Capital
2025-01-28Debt Financing· $77.6M
2024-04-25Debt Financing· $25M
2023-12-20Debt Financing· $40M

Leadership Team

leader-logo
Alan Cooper
Chief Executive Officer
linkedin
leader-logo
Ricardo de Azevedo
Chief Technology Officer
linkedin

Recent News

Business Wire
ON.energy Signs Largest Dedicated Transformer Deal in the U.S. for Data Center and Renewable Applications
2025-12-11
PR Newswire
EPC Power Corp. and ON.energy Partner to Advance the Next Generation of Grid-Safe AI Infrastructure
2025-11-14
Business Wire
Hyperscale Meets Grid Stability: ON.energy Launches Medium-Voltage UPS Built for AI Data Centers
2025-10-23
Company data provided by crunchbase