About Energy Vault

Energy Vault develops sustainable energy storage solutions designed to transform the world’s approach to utility-scale energy storage for grid resiliency. Our proprietary gravity-based Energy Storage Technology and the Energy Storage Management and Integration Platform are intended to help utilities, independent power producers and large industrial energy users significantly reduce their levelized cost of energy while maintaining power reliability. Utilizing eco-friendly materials with the ability to integrate waste materials for beneficial re-use, Energy Vault is facilitating the shift to a circular economy while accelerating the clean energy transition for its customers. Energy Vault is listed on the New York Stock Exchange under the ticker symbols NRGV and NRGV WS. For more information, please visit www.energyvault.com.

About the role

As a Cyber Security Engineer, you will develop, implement, and incrementally improve numerous types of security-first Operations Frameworks for the enterprise. This role is highly technical in nature and spans a spectrum of disciplines with a focus on application integrations, software, Operating Systems, and Cloud architecture and services. The role will require pen testing experience, root cause analysis, auditing, as well as the ability to work cross functionally with various other disciplines. The main objective of this role is to communicate and cross-functionally collaborate to continually improve, scale, and secure an evolving IT ecosystem ensuring the highest levels of systems security internally and externally. Strong innovation, curiosity, automation, communication, and organizational skills along with some out-of-the-box thinking will make you successful in this role. Energy Vault is a rapidly growing company so you will have an opportunity to be diverse and play an integral part in the company’s future security posture as the company scales.

What you will do

Provide high-quality, cost-effective engineering enforcing automated workflows.
Deliver security testing, evaluation, and reporting capabilities for corporate and customer systems.
Establish a consistent active and passive threat hunting capability using scanning and active penetration testing.
Integrate security software and services into development efforts making them enforceable and repeatable with minimal impediments to development teams.
Participate in technical design reviews, integration, testing, and documentation efforts.
Identify threats and develop suitable defense measures, evaluate system changes for security implementation, and recommend security enhancements.
Participate in development meetings providing security guidance and backlog requirements.
Assist with planning, implementation, and maintenance of a comprehensive enterprise-wide security program that protects Energy Vaults information and technology ecosystem.
Effectively respond to all reported security incidents and other reports of suspicious behavior related to software and services.
Monitor and test application performance for potential bottlenecks and vulnerabilities, identify possible solutions, and work cross functionally to implement solutions and improvements.
Help instill a security first mindset and awareness across the company.
Shape a culture of collaboration, innovation, constant improvement, excellence, transparency, open mindedness, humility, integrity, efficiency, joy, compassion, and fulfillment.

What a qualified candidate should possess

Bachelor’s Degree preferred in Computer Science or Science/Technology/Engineering/Math
5+ years of work experience
Foundational cyber security knowledge in architecture, attacker methodologies, digital forensics, and incident response
Experience with programming languages commonly used for penetration testing and automation (e.g., Python, Shell, etc.)
Experience with fuzz, chaos, penetration, and load testing
Experience using GitLab, Rapid7 InsightVM, Metasploit, Tenable, or similar tools
Experience working with Cloud and Cloud Native architectures (e.g., Lambda, docker, Kubernetes)
Experience doing root cause analysis, risk assessments, and participating in postmortems
Foundational cyber security knowledge in architecture, attacker methodologies, digital forensics, and incident response
Familiar with Agile and DevSecOps (CI/CD) practices
Familiar with information security best practices (NIST, CMMC, CSA, OWASP, ISO)
Familiarity with Metasploit or Kali Linux in the context of penetration testing is a plus
Familiarity with industrial control security protocols such as ProfiSafe, SCADA Security, Modbus Security is a plus
Strong communication (verbal and non-verbal) and organizational skills, innovative, open-minded, and a team player
Willingness to travel domestic and international an estimated 15-25%
Experience in public companies is a plus
Comfort in fast-paced, rapid growth environments is a plus
A passion for sustainability, our mission, and our vision is a bonus!

At Energy Vault we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants. We believe inclusion creates opportunity for collaborative excellence through diversity of thought. We invite individuals of all genders, races, identities, ethnicities, sexual orientations, national origins, abilities, protected veteran status, religions, educational and socioeconomic backgrounds to explore employment with our organization.