Cyber Security Engineer
NRG Energy · Houston, TX · Yesterday
Information TechnologyFull-time
Position Summary
The Cyber Security Engineer is responsible for maintaining security measures that protect the organization's systems, cloud workloads, and data. This role focuses on identifying vulnerabilities and risks, operating security tools across on-premises and cloud environments, providing security guidance to engineering teams, and supporting incident response efforts.
Key Responsibilities
- Cloud posture across AWS (and/or Azure/GCP), identify misconfigurations and risks, and drive remediation by partnering with cloud and application owners.
- Provide security guidance and advisory support to cloud, infrastructure, and development teams on secure configuration, IAM, encryption, network segmentation, and logging.
- Support secure cloud architecture reviews and ensure alignment with the Framework (Security Pillar), CIS Benchmarks, and organizational cloud security standards.
- Understand Network protocols and network security Tools like NAC, IPS.
- Administer IAM platforms and integrations (e.g., SSO, MFA, directory services, conditional access) across on-premises and cloud environments.
- Conduct vulnerability assessments across on-premises, cloud, and container workloads to identify potential risks.
- Assist in the remediation of vulnerabilities by working closely with IT, cloud, and development teams.
- Aid in the deployment, configuration, and maintenance of security tools such as IDS/IPS, endpoint protection, SIEM, and WAF.
- Aid in the development, implementation, and enforcement of security policies and procedures, including cloud security standards and guardrails.
- Perform routine audits to ensure security compliance with organizational policies and regulatory requirements (e.g., NIST CSF, PCI DSS, SOX) across hybrid and cloud environments.
- Research and stay informed about current cybersecurity threats, vulnerabilities, cloud attack techniques, and best practices.
- Provide technical support and guidance to IT, cloud engineering, and development staff on security-related issues.
Qualifications
- Hands-on experience operating a CSPM/CNAPP platform (Orca preferred; Wiz, Prisma Cloud, or Defender for Cloud also relevant).
- Working knowledge of at least one major cloud provider (AWS preferred), including native security services (e.g., GuardDuty, Security Hub, IAM Identity Center, KMS, CloudTrail, WAF/Shield).
- Strong understanding of cloud security concepts including IAM, key management, network security (VPC, transit gateway, private endpoints), logging/monitoring, and shared responsibility models.
- Ability to interpret cloud misconfiguration findings, assess risk, and clearly communicate remediation guidance to cloud and application teams.
- Exposure to container and serverless security concepts (e.g., EKS, ECS, Lambda) is a plus.
- Cloud security certifications such as AWS Certified Security – Specialty, AWS Certified Solutions Architect, Microsoft SC-200/AZ-500, or CCSP are highly desired.
- Bachelor's degree in Cyber Security, Computer Science, or related field or equivalent relevant work experience.
- 2–5 years of experience in cyber security or related roles, including exposure to cloud environments.
- Additional certifications such as Security+, CEH, or CySA+ are desired.
- Knowledge of security tools, technologies, and best practices across enterprise and cloud environments.
- Strong understanding of networking and operating systems.
- Analytical and problem-solving skills with attention to detail.
- Ability to work collaboratively in a team environment and communicate technical concepts effectively.