Job Specifications
COMPANY OVERVIEW
Hanwha Energy USA, headquartered in Houston, Texas, is part of the Hanwha Group—a FORTUNE Global 300 company and one of South Korea's most respected business enterprises. With over a decade of experience delivering high-quality, utility-scale energy projects across North America, Hanwha Energy USA has evolved into a comprehensive energy solutions provider. Our portfolio now spans utility-scale renewables, natural gas generation, retail electricity, and strategic partnerships that power America's growing data center industry.
Our expertise covers the entire energy value chain—from project development and engineering to construction, operations, and maintenance. By integrating advanced technologies, proven processes, and strong partnerships, we deliver reliable, customized solutions that meet the dynamic needs of local energy markets.
Hanwha Energy USA is actively advancing strategic initiatives in natural gas generation and data center development, including hyperscaler solutions on both sides of the meter. We are proud to serve as the parent company of:
Hanwha Renewables – specializing in utility-scale solar and battery energy storage systems (BESS)
Chariot Energy – providing retail electricity services for residential, commercial, and industrial customers in deregulated markets
POSITION OVERVIEW
We are seeking an experienced and highly skilled Cybersecurity Engineer to join our team. This role is crucial in safeguarding our organization's digital infrastructure through proactive threat management, strategic security planning, and effective incident response. You will lead the implementation of security measures, collaborate across teams, and continuously improve our security posture in line with emerging threats and compliance requirements. The ideal candidate will have deep expertise in cloud security, Microsoft 365, network and endpoint protection, and a strong ability to communicate and collaborate across departments. The employee may be required to perform other job-related duties as requested by management. All duties will be assigned in accordance with applicable laws and company policies.
This position is located in Houston, TX, and the ideal candidate will be within commutable distance to the Houston office location.
Key Responsibilities:
Network Security & Firewalls
Manage FortiGate firewalls (cloud-hosted) and FortiAnalyzer for centralized logging/analysis.
Configure firewall policies, NAT, SSL inspection, and web filtering.
Maintain and troubleshoot site-to-site VPN tunnels.
Review firewall logs, alerts, and anomalies regularly.
Coordinate escalations with MSP for advanced network support.
Identity & Access Security
Administer Conditional Access and security policies in Entra ID.
Manage Privileged Identity Management (PIM) for just-in-time access.
Monitor risky user sign-ins with Azure Identity Protection.
Audit and manage guest/B2B access across multiple tenants.
Ensure federated SSO integrations (Workday, Concur, Jira, CRM) follow least-privilege design.
Endpoint & Vulnerability Security
Operate SentinelOne & Huntress as primary EDR platforms.
Manage Microsoft Defender for Endpoint and Vulnerability Management.
Collaborate with IT and MSP to remediate vulnerabilities and track patch compliance.
Email & Data Security
Configure Exchange Online transport rules (encryption, forwarding, malicious forwarding detection).
Evaluate and propose new email security options.
Monitor SaaS-specific alerts (M365, Concur, Workday, Jira, Salesforce/CRM).
Manage Spanning O365 backups and validate data recoverability.
Define and enforce DLP rules across Exchange, OneDrive, SharePoint, and Teams.
SaaS Security & Alerts
Monitor Microsoft 365 Secure Score and Compliance Manager dashboards.
Investigate alerts from M365, Azure, AWS, SentinelOne, Huntress, Blackpoint SOC, and SAAS Alerts.
Research false positives, escalate true positives, and recommend corrective actions.
Threat Detection, SOC & Incident Response
Triage alerts from Blackpoint SOC, SAAS Alerts, SentinelOne, and Huntress.
Create and lead incident response playbooks (ransomware, insider threat, token theft).
Collect forensic evidence (logs, snapshots, memory captures) as needed.
Escalate incidents to MSP/SOC when required, while retaining internal ownership.
Provide executive-level incident reports with remediation and root cause analysis.
Security Awareness & Compliance
Operate KnowBe4 for annual training, phishing simulations, and remedial assignments.
Maintain compliance training tracking and provide quarterly reports.
Enforce completion of remedial training for failed phishing tests.
Align controls with NIST CSF, NIST 800-53, and PCI DSS.
Maintain IT security policy library (Acceptable Use Policy, Password Policy, BYOD, data classification).
Cloud Security Oversight
Azure: Configure and monitor Defender for Cloud, Azure Firewall, DDoS Protection, NSGs/ASGs, Key Vault, and activity logs.
AWS: Manage WAF, Shield, VPC Security G