Careers

Company Summary:

MN8 Energy is an innovative energy company that provides clean, safe, and reliable energy to better the lives the transition to a zero-carbon economy is only accelerating – and with our scaled renewable energy portfolio, industry-leading team, and deep technological expertise across solar energy, storage, EV charging and more, we help customers take control of their energy future.

 

Job Description:

We are seeking a highly skilled and experienced Cyber Security Manager with expertise in the NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) framework and the NIST (National Institute of Standards and Technology) Cybersecurity Framework. This role will be responsible for leading our cyber security efforts, with a focus on securing both IT and OT (Operational Technology) platforms within our organization.

The ideal candidate will possess in-depth knowledge of the NERC CIP and NIST frameworks, along with prior experience in managing cyber security programs in complex environments. Strong leadership, communication, and technical skills are essential for success in this role.

 

Responsibilities:

· Conduct and document internal assessments and audits to ensure compliance with internal policies and NERC CIP framework and recommend remediation actions as needed.

· Independently drive end-to-end planning, coordination, and execution of assigned deliverables supporting compliance monitoring and internal controls activities.

· Provide information and operational technology security, networking, and operations proficiency guidance.

· Collaborate with cross-functional teams (IT Infrastructure, Compliance and Operation Departments) to identify and mitigate cyber security risks across IT and OT platforms, ensuring compliance with NERC CIP and NIST standards and regulations.

· Develop NERC CIP policies and procedures to ensure they support emerging technologies and new requirements.

· Maintain awareness of emerging utility industry and cyber security threats/issues through benchmarking and incorporate this knowledge into Cyber Security Strategy and Roadmap.

· Lead and oversee all aspects of cyber security operations, including threat detection, incident response, vulnerability management, and security awareness training.

· Analyze security incidents to identify the root cause, and document knowledge base.

· Prepares, maintains, or updates security procedures, security system drawings, or related documentation.

· Research security enhancements and make recommendations to management.

 

Internal Interfaces:

· Sec Dev Ops: to improve the automatization process of detection, remediation, and mitigation.

· CISO: report the KPI and cyber security covered by technology/locations.

· Cyber Intelligent: Identify possible low-level incident to be manage as critical base on the company impact.

· MSS: Coordinate with the Manage Service Provider the information, evidence and by the official point of contact for all the company when an incident needs to be address.

· Compliance: Prepare reports and evidence of compliance with applicable requirements.

 

Qualifications:

· Bachelor’s degree in information technology, Computer Science, Cyber Security, or related discipline

· 5+ years of demonstrated independent IT/OT technical acumen application.

· Previous Security Operations Center (SOC) experience would be a plus.

· Knowledge of NERC CIP standards and NIST security guidelines.

· Critical thinking skills with the ability to identify and solve complex problems with limited managerial oversight.

· Strong interpersonal skills with the desire to work in a fast-paced, entrepreneurial environment and to meet deadlines and complete time-sensitive duties.

· Ability to use discretion in handling confidential information.

· Willingness to travel between 10-25%.

 

Skills/Specific Knowledge

 

· Desired Certifications: CISSP, CISM, and CISA

· Advanced organizational, presentation/facilitation, verbal, and written communication skills

· Knowledge of security topics including network and application security, infrastructure hardening, security baselines, web server, and database security, security testing; security integration and governance; malware analysis; incident response; cloud security or risk and compliance.

· Working knowledge of secure network design is a plus.