Back to jobs

Principal Cybersecurity Engineer - Battery Storage

Remote

Company Overview 

Plus Power is an energy storage market leader, with a market-leading 10+ GW portfolio across more than 25 US states and Canadian provinces that will transform North American electric grids into cleaner and more versatile critical infrastructure.

Standalone energy storage is rapidly transforming the North American energy markets, because it is cheaper than new natural gas plants, faster to build than fossil peakers or transmission, and able to perform diverse energy services. Plus Power partners with electricity system operators, utilities, and investors to originate, develop, finance, own and operate standalone energy storage projects that provide critical services to the wholesale electric market. Plus Power’s team applies an intentional mindset to energy storage development by using a data-driven approach to development and operations.

At Plus Power, we are focused on solving hard climate problems, profitably.  We are growing fast, and value candidates who, like us, share a focus on setting high expectations, owning and learning from mistakes in the spirit of radical transparency, and are committed to internal partnering as a key element of our ideas meritocracy. Our team praises Plus Power’s culture and excels through our game-changing mission and supportive ecosystem.

 

About the Role 

Plus Power recruits outstanding energy industry professionals who are driven to develop, build and operate assets safely and reliably to decarbonize the power markets while growing their careers. Our team looks for data-driven and fact-based mindsets, engaging and collaborative behaviors, and personal growth-focused professionals.     

In order for the global energy system to make the transition from a carbon-based grid, to a renewable energy grid, large scale energy storage must be introduced into the electricity system to balance intra-hour supply and demand.  Energy storage is the enabler of high penetration variable renewable generation like solar and wind. 

We are currently seeking a Principal Cybersecurity Engineer who will lead and execute on key cybersecurity activities and protections at the company. The ideal candidate has deep expertise and understanding of cybersecurity principles and frameworks, and has built or managed InfoSec, AppSec, SecOps, identity and access management, and data privacy programs. Reporting to the Manager of Information Technology, you will work cross functionally with our IT, Data Engineering, Data Science, Operational Technology, Asset Management, Engineering Procurement and Construction, Legal, External Relations, and HR teams to create strategies, policies, and manage cybersecurity controls and testing associated with our project needs and corporate needs.  

  

Responsibilities 

  • Work day-to-day with a broad set of stakeholders and contributors to drive Plus Power’s cybersecurity program and activities aligning with the company’s compliance and security postures 
  • Promote secure by design and secure by default strategies 
  • Baseline, monitor, identify, and assess security vulnerabilities and risks in applications and infrastructure across operational technology (OT), information technology (IT), data science, and data engineering environments 
  • Own and drive the resolution of different security events, control gaps, policy questions, and technical security risks 
  • Contribute to building repeatable/reusable/systematic security processes and frameworks to identify potential security events, quantifying and documenting their feasibility, and enumerating the potential blast radius for the organization 
  • Manage the company’s Compliance & Security Posture Management (CSPM) Platforms, and advance the enterprise's efforts to obtain cybersecurity framework certifications that align with compliance posture along with attestations to reassure internal stakeholders and external customers of our cybersecurity posture, including:  
    • Provide project management for the implementation of security controls while operating cross-functionally  
    • Conduct automated evidence collection operations to guarantee the longevity and uniformity of our controls 
    • Assist with identification and mitigation of cybersecurity risks including compliance concerns (SOX, ISO, NERC-CIP, NIST CSF 2.0)  
    • Develop, communicate, and assess the compliance stance of the framework in relation to internal and external policies 
  • Build out and run a Third-Party Cyber Risk Management (TPRM) Program and mitigate systemic risk from security posture vendors and end-to-end software supply chain 
  • Communicate and maintain cybersecurity and risk metrics for senior executives and leaders of various business units 
  • Work with External Relations team on proposed cybersecurity legislation and regulations 
  • Work with Legal and Compliance team to establish cybersecurity controls to facilitate compliance with applicable laws and regulations 

 

Qualifications  

  • 8+ years of experience in identifying security issues and developing mitigation plans 
  • Bachelor's or Master's degree in Information Systems, Computer Science, Software Engineering, or a closely related field 
  • Deep hands-on technical expertise in at least two of the following areas: network security, embedded/hardware security, cryptography, web and network protocols, secure bill of materials, threat modeling, pen tests, or vulnerability assessments 
  • Demonstrated use of scripting/software development skills (e.g., Python, Rust) to automate processes 
  • Certifications in Security: CISSP, CISM, CRISC, CISA, GIAC, and EC-Council desired 
  • Knowledge of fundamental security Email Security, DLP, CSPM, ZTNA, EDR/XDR, and additional security technologies preferred 
  • Experience in successfully implementing KPIs and metrics for security and risk management 
  • Proficient in overseeing the execution of audits, certification programs, and control assessments, encompassing responsibilities such as scope planning, delineating control procedures in accordance with established policies, standards, and requirements, conducting control testing, associating issues with risks, and disseminating findings 
  • Experience with SOC2 ISO27001, and/or NIST security frameworks, controls, tests, and auditing and associated requirements, in addition to familiarity with SOX-regulated environments 
  • Excellent written and verbal communication skills to communicate effectively at all levels 
  • Ability to work in a fast-paced environment while managing multiple priorities 
  • Ability to operate as a team and/or independently while demonstrating flexibility to changing requirements 
  • Demonstrated ability to work well in a cross-functional environment with both technical and non-technical team members 
  • Ability to effectively use Microsoft Office products – Word, Excel, Power Point, Outlook 
  • Knowledge of operational technologies preferred 

 

Compensation, Location, and Benefits

Highly competitive total compensation from one of North America’s leading energy storage developers, owners and operators. Flexible, work from home or hybrid work from Plus Power’s offices in San Francisco, Houston, Chicago, Seattle, and Palm Beach.

The expected salary range* for this position begins at $150,000. We may ultimately pay more or less than the posted range based on several factors including, but not limited to relevant experience, skills, qualifications, geographic labor market, and other factors consistent with applicable law. This position is also eligible to participate in our annual bonus program.

Plus Power offers a comprehensive benefits program, unlimited vacation, flexible remote work, educational assistance, parental leave, and a highly engaging company culture with opportunities for in-person connection and learning and growth.

The deadline* for applying to this role is 12/12/2024

 

Plus Power is committed to a diverse and inclusive workplace where people of all backgrounds can thrive. Plus Power is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

 

*This information is provided in accordance with applicable law.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf


Education

Select...
Select...
Select...
Select...
Select...

What is your desired compensation? *
Select...
Select...
Please select all of the cybersecurity competencies that you have experience with: *
Select...
Select...
Do you have any of the following certifications? *

Please select all that apply

Select...
What industries or project types do you have experience with? *

Please select all that apply

Select...

CALIFORNIA PRIVACY NOTICE TO JOB APPLICANTS

Plus Power, LLC and/or any affiliated entities (collectively, the “Company”) provide this California Privacy Notice (“Notice”) to describe our privacy practices with respect to our collection of Personal Information as required under the California Consumer Privacy Act of 2018 (“CCPA”). This Notice applies only to job applicants and candidates for employment who reside in the State of California (“Consumers”) and from whom we collect “Personal Information” as described in the CCPA. We provide you Notice because under the CCPA, California residents who are job applicants qualify as Consumers. For purposes of this Notice, when we refer to Consumers, we mean you only to the extent you are a job applicant of the Company who resides in California.

The Company collects and uses Personal Information for human resources, employment, benefit administration, health and safety, and business-related purposes and to be in legal compliance. For the purposes of this Notice, Personal Information does not include publicly available information from government records, or de-identified or aggregated consumer information. Below are the categories of Personal Information we may collect:

  • Protected Classifications, such as your sex, sexual orientation, gender identity, religion, age, date of birth, race, ethnic origin, marital status, disability, medical or mental condition, familial status, and veteran or military status.
  • Personal Identifiers and Contact Information, such as full name, alias, postal or mailing address, email address, telephone numbers, driver’s license or state identification card number, candidate ID number, username and passwords for Company accounts and systems, SSN, passport and visa information, immigration status and documentation, and emergency contact information.
  • Pre-Hire Information and Educational/Professional Background, such as work history, academic and professional qualifications, educational records, references, interview notes, job application, resume, background check results, drug test results, candidate evaluation records and assessments, work samples, voluntary disclosures, and Wage Opportunity Tax Credit (WOTC) information.
  • Profiles or Summaries, regarding an applicant’s preferences, characteristics, opinions, attitudes, and/or aptitudes.

 The Company collects the Personal Information listed above to use or disclose as appropriate to:

  • Fulfill or meet the purpose for which you provided the information.
  • Comply with all applicable laws and regulations, including but not limited to local, state, and federal law and regulations requiring employers to maintain certain records (such as immigration compliance records, travel records, personnel files, wage and hour records, payroll records, accident or safety records, and tax records), as well as local, state, and federal law, regulations, ordinances, guidelines, and orders relating to COVID-19.
  • To evaluate your job application and candidacy for employment.
  • Obtain and verify background check and references.
  • Communicate with you regarding your candidacy for employment.
  • Fulfill other purposes as reasonably determined in the Company’s discretion.
  • Promote and foster diversity and inclusion in the workplace.
  • Investigate and enforce compliance with and potential breaches of Company policies and procedures.
  • Perform workforce analytics, data analytics, and benchmarking.
  • Administer and maintain the Company’s operations, including for safety purposes.
  • Exercise or defend the legal rights of the Company, its employees, affiliates, customers, contractors, and/or agents.

If you have any questions about this Notice or need to access this Notice in an alternative format due to having a disability, please contact recruiting@pluspower.com or call (832) 585-1238.


Candidate Demographics

We invite applicants to share their demographic background. If you choose to complete this survey, your responses will remain confidential and summary data may be used to identify areas of improvement in our hiring process.

Select...
Select...
Select...