Enphase Energy is a global energy technology company and leading provider of solar, battery, and electric vehicle charging products. Founded in 2006, Enphase transformed the solar industry with our revolutionary microinverter technology, which turns sunlight into a safe, reliable, resilient, and scalable source of energy to power our lives. Today, the Enphase Energy System helps people make, use, save, and sell their own power. Enphase is also one of the fastest growing and innovative clean energy companies in the world, with approximately 68 million products installed across more than 145 countries.
n We are building teams that are designing, developing, and manufacturing next-generation energy technologies and our work environment is fast-paced, fun and full of exciting new projects.
nIf you are passionate about advancing a more sustainable future, this is the perfect time to join Enphase!
n About the role
nCloud SecOps Engineer will be responsible for the operational security of cloud-based systems and applications. This role requires collaboration with cross-functional teams, including DevOps, infrastructure, and security teams, to build, deploy, and maintain secure cloud environments. The ideal candidate will have experience in AWS cloud technologies, automation, incident response, and security best practices.
nWhat you will do
- nSecurity Integration:
- nImplement security controls and processes into the software development lifecycle (SDLC) from the ground up.
- nCollaborate with development and operations teams to incorporate secure coding, vulnerability scanning, and security testing in CI/CD pipelines.
- nCloud Security Design & Management:
- nDesign and maintain secure AWS infrastructure using best practices such as least privilege, IAM, and encryption.
- nLeverage AWS security services (e.g., VPC Flow Logs, Guard Duty, IAM, and CloudTrail) to monitor and secure cloud environments.
- nImplement and manage security measures like firewalls, VPNs, and intrusion detection/prevention systems.
- nAutomation and Continuous Security:
- nBuild and manage Infrastructure-as-Code (IaC) scripts using tools like AWS CloudFormation and Terraform to automate secure infrastructure deployment.
- nAutomate security tasks by integrating security tools into CI/CD pipelines for continuous security testing and remediation (e.g., AWS Code Pipeline, Jenkins).
- nIncident Response & Monitoring:
- nDevelop incident response plans and workflows to detect, contain, and remediate security incidents.
- nMonitor systems and networks for signs of compromise using AWS monitoring tools (e.g., CloudWatch, CloudTrail, XDR).
- nConduct security assessments and penetration testing to identify and mitigate vulnerabilities.
- nRisk Management & Threat Intelligence:
- nIdentify, assess, and prioritize security risks associated with the cloud environment.
- nImplement threat detection, vulnerability scanning, and patch management processes.
- nStay up to date on emerging cloud security threats and vulnerabilities, and proactively mitigate risks.
nEducation:
- nBachelors degree in computer science, Information Security, or a related field (or equivalent work experience).
n
nWho you are and what you bring
- nExperience: 4+ years of experience in a DevSecOps, cloud security, or related role.
- nHands-on experience with AWS security services such as IAM, Security Hub, Guard Duty, WAF, and CloudTrail.
- nExperience with DevOps tools (e.g., Jenkins, GitLab, Docker, Kubernetes) and Infrastructure-as-Code (IaC) tools (e.g., Terraform, AWS CloudFormation).
- nExperience with integrating security into CI/CD pipelines.
nCertifications (preferred but not mandatory):
nAWS Certified Security Specialty
nAWS Certified DevOps Engineer Professional
nCertified Information Systems Security Professional (CISSP)
nCertified Cloud Security Professional (CCSP)
