Cyber Security Engineer

COMPANY OVERVIEW

174 Power Global, headquartered in Irvine, California, is an affiliate company of Hanwha Group, a FORTUNE Global 500 firm that is among the eight largest business enterprises in South Korea. 174 Power Global designs, builds and manages solar power plant solutions. The company brings a decade of global leadership in solar PV to North America, combining best-of-world technology, processes and partnerships to deliver utility-grade solar PV solutions customized for local energy markets. 174 Power Global offers the full spectrum of PV solutions – from power plant development, design, construction, operations and maintenance. With proven capabilities across the solar value chain, 174 Power Global minimizes uncertainty and risk, and helps customers achieve a higher return on their investment in solar energy.

POSITION OVERVIEW

We are seeking an experienced and highly skilled Cybersecurity Engineer to join our team. This role is crucial in safeguarding our organization's digital infrastructure through proactive threat management, strategic security planning, and effective incident response. You will lead the implementation of security measures, collaborate across teams, and continuously improve our security posture in line with emerging threats and compliance requirements. The ideal candidate will have deep expertise in cloud security, Microsoft 365, network and endpoint protection, and a strong ability to communicate and collaborate across departments. The employee may be required to perform other job-related duties as requested by management. All duties will be assigned in accordance with applicable laws and company policies.

This position is located in Houston, TX, and the ideal candidate will be within commutable distance to the Houston office location.

Key Responsibilities:

1. Network Security & Firewalls

2. Manage FortiGate firewalls (cloud-hosted) and FortiAnalyzer for centralized logging/analysis.

3. Configure firewall policies, NAT, SSL inspection, and web filtering.
4. Maintain and troubleshoot site-to-site VPN tunnels.
5. Review firewall logs, alerts, and anomalies regularly.

6. Coordinate escalations with MSP for advanced network support.

7. Identity & Access Security

8. Administer Conditional Access and security policies in Entra ID.

9. Manage Privileged Identity Management (PIM) for just-in-time access.
10. Monitor risky user sign-ins with Azure Identity Protection.
11. Audit and manage guest/B2B access across multiple tenants.

12. Ensure federated SSO integrations (Workday, Concur, Jira, CRM) follow least-privilege design.

13. Endpoint & Vulnerability Security

14. Operate SentinelOne & Huntress as primary EDR platforms.

15. Manage Microsoft Defender for Endpoint and Vulnerability Management.

16. Collaborate with IT and MSP to remediate vulnerabilities and track patch compliance.

17. Email & Data Security

18. Configure Exchange Online transport rules (encryption, forwarding, malicious forwarding detection).

19. Evaluate and propose new email security options.
20. Monitor SaaS-specific alerts (M365, Concur, Workday, Jira, Salesforce/CRM).
21. Manage Spanning O365 backups and validate data recoverability.

22. Define and enforce DLP rules across Exchange, OneDrive, SharePoint, and Teams.

23. SaaS Security & Alerts

24. Monitor Microsoft 365 Secure Score and Compliance Manager dashboards.

25. Investigate alerts from M365, Azure, AWS, SentinelOne, Huntress, Blackpoint SOC, and SAAS Alerts.

26. Research false positives, escalate true positives, and recommend corrective actions.

27. Threat Detection, SOC & Incident Response

28. Triage alerts from Blackpoint SOC, SAAS Alerts, SentinelOne, and Huntress.

29. Create and lead incident response playbooks (ransomware, insider threat, token theft).
30. Collect forensic evidence (logs, snapshots, memory captures) as needed.
31. Escalate incidents to MSP/SOC when required, while retaining internal ownership.

32. Provide executive-level incident reports with remediation and root cause analysis.

33. Security Awareness & Compliance

34. Operate KnowBe4 for annual training, phishing simulations, and remedial assignments.

35. Maintain compliance training tracking and provide quarterly reports.
36. Enforce completion of remedial training for failed phishing tests.
37. Align controls with NIST CSF, NIST 800-53, and PCI DSS.

38. Maintain IT security policy library (Acceptable Use Policy, Password Policy, BYOD, data classification).

39. Cloud Security Oversight

40. Azure: Configure and monitor Defender for Cloud, Azure Firewall, DDoS Protection, NSGs/ASGs, Key Vault, and activity logs.

41. AWS: Manage WAF, Shield, VPC Security Groups, GuardDuty, Security Hub, CloudTrail, and Secrets Manager.

42. Cross-Cloud: Ensure encryption at rest and in transit, centralized logging, quarterly config reviews, audit support, and secure IaC templates.

43. Research & Continuous Improvement

44. Stay current with emerging threats, MITRE ATT&CK techniques, and zero-days.

45. Evaluate new security tools (email filtering, SIEM, CASB, SaaS posture management).

46. Provide detailed project proposals to pilot and implement approved tools with no user disruption.

47. Reporting & Metrics

48. Deliver monthly reports on phishing campaigns, SOC alerts, Secure Score, patching, and SaaS alerts.

49. Conduct quarterly compliance reviews and privileged access audits.

50. Additional Responsibilities from File

51. Design and implement comprehensive cybersecurity strategy and architecture.

52. Lead or participate in security architecture reviews for new and existing projects.
53. Develop and implement automation scripts to streamline security tasks (Python, PowerShell).
54. Assess third-party vendor security posture and conduct regular audits.
55. Support internal and external audits, maintaining thorough documentation for compliance.
56. Conduct digital forensics and investigations as needed.

Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field.
• Minimum of 4–5 years in a cybersecurity role, preferably in a mid to large-sized organization.
• Certifications such as CISSP, CCSP, CCSK, CASP+, CEH, OSCP, or similar are highly desirable.
• Deep knowledge of cybersecurity frameworks (NIST, ISO 27001, CIS Controls).
• Hands-on experience with security tools (firewalls, IDS/IPS, SIEM, endpoint protection).
• Strong understanding of cloud security (Azure, AWS) and Microsoft 365 Admin Centers (Entra ID, Intune, Exchange, Security, Compliance).
• Proficiency in programming/scripting (Python, PowerShell).
• Excellent analytical, problem-solving, and communication skills.
• Experience in vulnerability management, penetration testing, and digital forensics.
• Project management experience and ability to coordinate cross-functional teams.
• Experience integrating security into business operations and collaborating across departments.
• Familiarity with Zero Trust architecture and principles

174 Power Global provides equal employment opportunities (EEO) to all employees and applicants for employment
without
regard to race, color, religion, sex, national origin, age, disability or genetics.