Senior Security Engineer

About EnergyHub

EnergyHub empowers utilities and their customers to create a clean, distributed energy future. We help consumers turn their smart thermostats, EVs, batteries, and other products into virtual power plants that keep the grid stable and enable higher penetration of solar and wind power.

About the Opportunity

We're looking for an experienced Senior Security Engineer to join our team and help enhance the security of our infrastructure and software development lifecycle. This role will be hands-on with our cloud infrastructure and development toolchain and you will get to focus on both strategy and implementation to drive meaningful long-term improvements. You will have the opportunity to guide best practices for the entire EnergyHub engineering team and build and automate processes to enable fast and secure application delivery.

As one example of the scope of the work you might do in this role you could be asked to put together a roadmap of items we should do over the next year within a security related framework (like the CIS Critical Security Controls) then ensure other technical teams have enough context to complete items applicable to them while also doing some implementation yourself for items that don't fit into other team's domains.

Main Responsibilities: What you'll do

• Keep raising the bar for EnergyHub's infrastructure security to ensure customer data remains protected.
• Enable our engineering team to be highly productive, safely. Make it easy to do things the right way.
• Develop strategy for and participate in EnergyHub maintaining or achieving compliance with various regulatory frameworks such as SOC 2, SOX, ISO 27001, NIST-SP-800, NERC-CIP and others.
• Help guide the team in design and implementation of secure cloud infrastructure as we roll out improvements and new features.
• Identify and implement new controls to enhance our defense in depth.
• "Shift left" on application and container security by moving security testing farther upstream in the delivery process.
• Operate and automate our vulnerability management programs for applications, containers, and VMs.
• Manage core security tools and technologies such as SIEM, cloud security posture management, etc.
• Play a key role in cross-company security and compliance efforts.
• Partner with our parent security team (EnergyHub is an independent subsidiary of Alarm.com) to leverage additional tools and resources and capitalize on our collective strengths.

Required Skills and Experience: What you need

• At EnergyHub we care about your passion and how you can contribute to our mission. If most of the following describe you, we think you'll be a great fit for this role:
• You have in-depth knowledge of security principles and best practices developed over 7+ years of experience.
• You've managed AWS all the way from security groups to organizations and know the ins and outs of securing AWS infrastructure.
• You're comfortable tackling ambiguous projects that require you to gather information from multiple stakeholders and formulate a clear plan of action.
• You like to manage all your infrastructure as code, using tools such as Terraform, CloudFormation, or Ansible.
• You understand the security implications of containerized environments such as Kubernetes or ECS, and you know your way around container build processes.
• You're comfortable on the command line, can hack together a decent shell script, and have solid fundamentals of Linux system administration.
• You have a good understanding of core networking concepts such as TCP/IP, routing, and DNS, and of network security foundations such as ACLs, firewalls, and TLS.
• You have experience administering declarative CI/CD workflows in one tool or another. (We use GitHub Actions.)
• You can write useful Python or another high-level, general-purpose programming language.
• You stay on top of industry developments and have a good overall sense of the security solution spaces.
• You're familiar with security management frameworks such as CIS Controls, OWASP, etc.

Preferred Skills and Experience: Nice-to-haves

• You believe in EnergyHub's mission to empower utilities and their customers to create a carbon-free, distributed energy future.
• You love to build secure systems that are easy for other engineers to adopt and use.
• You get satisfaction from making things a little bit better each and every day.
• You're excited to join a growing engineering team and help shape its future.
• Bonus: you've worked on compliance efforts for audit frameworks such as SOC 2 or ISO 27001.

• Collaborate with outstanding people: Our employees work hard, do great work, and enjoy collaborating and learning from each other.
• Make an immediate impact: New employees can expect to be given real responsibility for bringing new technologies to the marketplace. You are empowered to perform as soon as you join the team!
• Gain well rounded experience: EnergyHub offers a diverse and dynamic environment where you will get the chance to work directly with executives and develop expertise across multiple areas of the business.
• Work with the latest technologies: You'll gain exposure to a broad spectrum of IoT, SaaS and machine learning obstacles, including distributed fault-tolerance, device control optimization, and process modeling to support scalable interaction with disparate downstream APIs.
• Be part of something important: Help create the future of how energy is produced and consumed. Make a positive impact on our climate.
• Focus on fun: EnergyHub places high value on our team culture. Happy hours and holiday parties are important to us, but what's also important is how our employees feel every single day.

EnergyHub offers a generous benefits package including 100% paid medical for employees and a 401(k) with employer match. We offer a casual environment, the flexibility to set your own schedule, a fully stocked fridge and pantry, free Citi Bike membership, secure bike rack, gym subsidy, paid parental leave, and an education assistance program.

EnergyHub is an Equal Opportunity Employer

EOE, Including Disability/Vets. Reasonable accommodations are available for individuals with disabilities throughout the application process. If you are a person with a disability needing assistance with the application process, please contact accommodations.apply@energyhub.net.

In connection with your application, we collect information that identifies, reasonably relates to or describes you ("Personal Information"). The categories of Personal Information that we may collect include your name, government-issued identification number(s), email address, mailing address, other contact information, emergency contact information, employment history, educational history, criminal record, and demographic information. We collect and use those categories of Personal Information about you for human resources and other business management purposes, including identifying and evaluating you as a candidate for potential or future employment or future positions, recordkeeping in relation to recruiting and hiring, conducting criminal background checks as permitted by law, conducting analytics, and ensuring compliance with applicable legal requirements and Company policies. By submitting your application, you acknowledge that we may retain some of the personal data that you provide in your application for our internal operations such as managing our recruitment system and ensuring that we comply with labor laws and regulations even after we have made our employment decision.

Notice To Third Party Agencies:

EnergyHub understands the value of professional recruiting services. However, we are not accepting resumes from recruiters or employment agencies for this position. In the event we receive a resume or candidate referral for this position from a third-party recruiter or agency without a previously signed agreement, we reserve the right to pursue and hire those candidate(s) without any financial obligation to you.