Information Security Engineer

4 days ago Be among the first 25 applicants Array Technologies, Inc. is a global leader in solar energy solutions – and we have been for over 30 years Our dramatic growth is creating incredible opportunities on our dynamic, innovative and creative team. Are you self-motivated, highly-skilled and possess previous Cyber Security / Information Security experience? Would you love to play a key role in advancing the clean energy revolution? Join the company that is leading the way What you’ll do: The engineer will be a key member in maturing the IT and OT Security organization. They will be part of a global security team that provides support for all areas of Information Security. A successful candidate will have experience with and/or strong interest in becoming a subject matter expert in multiple Security disciplines. These include Zero Trust Architecture, Application and Cloud Security, IAM and/or Data Protection/DLP. Additionally, the engineer will be a point of escalation for investigating and remediating potential threats. The engineer will continuously be apprised of emerging technologies, threats, attacks, and countermeasures and recommend enhancements based on industry best practices. You will: Design, document, test, maintain, and provide issue resolution recommendations for security solutions related to Zero Trust tools, secure software development, cloud, access, authentication/directory services, email, and/or endpoint security. Work with various departments to design, implementation, and maintain IAM policy. Contribute to the development and maintenance of Zero Trust Architecture and SASE tools. Partner with Dev teams to define, execute, and continuously improve our secure software development processes. Partner with IT and Product teams to assess, document and develop Cloud Security best practices. Participates in security incident response activities, conducts technical investigation of security-related incidents and conducts post-incident digital forensics to identify causes and recommend future mitigation strategies. Identifies security vulnerabilities/issues, performs risk assessments, and evaluates remediation alternatives. Contributes to the development and maintenance of information security architecture. Collaborates with other IT teams such as infrastructure and application development in the protection of the company’s IT assets including network, servers, applications, and 3rd party service providers. Contributes to the development of ongoing information security policies and procedures, and ensures such policies and procedures are put into practice in the day-to-day operations of the company’s technology environment. The qualifications you must have: Some Experience with IAM, SASE, SSDLC, SIEM/SOAR, EDR, EPP Knowledge of Cybersecurity architectures and methodologies (OWASP, Github Advanced Security, Azure DevOps, Zero Trust, NIST, Defense in depth, Kill-Chain, etc.) Knowledge of Secure Cloud Architecture, Vulnerability Management, and Incident Response Familiar with Data Loss Prevention (DLP), Data Protection, and Disaster Recovery Familiar with network/security (IDS/IPS, firewalls, DNS, DHCP) Technical knowledge of Microsoft and Linux Our preferred qualifications: Cyber Security certifications. 5-10 years of IT industry experience with 3-5 years of those in a role directly related to information security and IT compliance disciplines such as app security, cloud security, IAM, DLP, SASE, etc. Strong subject matter expertise in one or more of technical disciplines such as IT infrastructure, applications development and/or information security. Familiarity with information security disciplines such as privacy protection and data loss prevention. Strong experience in managing cybersecurity incidents and event response. Awareness of industry standards such as ISO, NIST as they relate to information security and protection of privacy. Experience with NERC-CIP standard and polices a plus. Experienced in executing privacy compliance initiatives in response to global privacy regulations such as GDPR and LGPD would be an asset. Knowledge of national and international regulatory compliances and frameworks such as ISO, NIST, and SOX. Array Technologies, Inc. offers equal employment opportunity without regard to race, color, gender, age, creed, sex, religion, national origin, disability (physical or mental), marital status, citizenship, ancestry, sexual orientation, gender identity and gender expression, or any other legally protected status. Seniority levelSeniority levelAssociate Employment typeEmployment typeFull-time Job functionJob functionEngineering and Information Technology IndustriesRenewable Energy Equipment Manufacturing Referrals increase your chances of interviewing at Array Technologies by 2x Cyber Security Analyst Junior (SOC) - Campinas/SPWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr