Cyber Security Engineer
Houston, TX, US, 77010 UT, US, 84043 Princeton, NJ, US, 08540
As an NRG employee, we encourage you to take charge of your career and development journey. We invite you to explore exciting opportunities across our businesses. You’ll find that our dynamic work environment provides variety and challenge. Your growth is key to our ongoing success—take the lead in shaping your career development, goals and future!
Position Summary: The Cyber Security Engineer is responsible for maintaining security measures that protect the organization's systems, cloud workloads, and data. This role focuses on identifying vulnerabilities and risks, operating security tools across on-premises and cloud environments, providing security guidance to engineering teams, and supporting incident response efforts.
Key Responsibilities:
· Cloud posture across AWS (and/or Azure/GCP), identify misconfigurations and risks, and drive remediation by partnering with cloud and application owners.
· Provide security guidance and advisory support to cloud, infrastructure, and development teams on secure configuration, IAM, encryption, network segmentation, and logging.
·Support secure cloud architecture reviews and ensure alignment with the Framework (Security Pillar), CIS Benchmarks, and organizational cloud security standards.
· Understanding of Network protocols and network security Tools like NAC, IPS.
· Administer IAM platforms and integrations (e.g., SSO, MFA, directory services, conditional access) across on-premises and cloud environments.
· Conduct vulnerability assessments across on-premises, cloud, and container workloads to identify potential risks.
· Assist in the remediation of vulnerabilities by working closely with IT, cloud, and development teams.
· Assist in deploying, configuring, and maintaining security tools such as IDS/IPS, endpoint protection, SIEM, and WAF.
· Assist in the development, implementation, and enforcement of security policies and procedures, including cloud security standards and guardrails.
· Perform routine audits to ensure security compliance with organizational policies and regulatory requirements (e.g., NIST CSF, PCI DSS, SOX) across hybrid and cloud environments.
· Research and stay informed about current cybersecurity threats, vulnerabilities, cloud attack techniques, and best practices.
· Provide technical support and guidance to IT, cloud engineering, and development staff on security-related issues.
Qualifications:
· Hands-on experience operating a CSPM/CNAPP platform (Orca preferred; Wiz, Prisma Cloud, or Defender for Cloud also relevant).
· Working knowledge of at least one major cloud provider (AWS preferred), including native security services (e.g., GuardDuty, Security Hub, IAM Identity Center, KMS, CloudTrail, WAF/Shield).
· Strong understanding of cloud security concepts including IAM, key management, network security (VPC, transit gateway, private endpoints), logging/monitoring, and shared responsibility models.
· Ability to interpret cloud misconfiguration findings, assess risk, and clearly communicate remediation guidance to cloud and application teams.
· Exposure to container and serverless security concepts (e.g., EKS, ECS, Lambda) is a plus.
· Cloud security certifications such as AWS Certified Security – Specialty, AWS Certified Solutions Architect, Microsoft SC-200/AZ-500, or CCSP are highly desired.
· Bachelor's degree in Cyber Security, Computer Science, or related field or equivalent relevant work experience.
· 2–5 years of experience in cyber security or related roles, including exposure to cloud environments.
· Additional certifications such as Security+, CEH, or CySA+ are desired.
· Knowledge of security tools, technologies, and best practices across enterprise and cloud environments.
· Strong understanding of networking and operating systems.
· Analytical and problem-solving skills with attention to detail.
· Ability to work collaboratively in a team environment and communicate technical concepts effectively.
We support the use of AI tools to help you prepare for your interview (e.g., practicing responses, researching the role, or refining your resume). However, during interviews and assessments, we expect responses to reflect your own thinking, experience, and communication. Use of AI to generate or read answers in real time, complete assessments, or misrepresent your qualifications is not permitted and may impact your candidacy.
NRG Energy is committed to a drug and alcohol-free workplace. To the extent permitted by law and any applicable collective bargaining agreement, employees are subject to periodic random drug testing, and post-accident and reasonable suspicion drug and alcohol testing. EOE AA M/F/Vet/Disability. Level, Title and/or Salary may be adjusted based on the applicant's experience or skills.
Official description on file with Talent.
Nearest Major Market: Houston