Senior Cybersecurity Engineer

Description

Enphase Energy is a global energy technology company and a leading provider of solar, battery, and electric vehicle charging products. Founded in 2006, our innovative microinverter technology revolutionized solar power, making it a safer, more reliable, and scalable energy source. Today, the Enphase Energy System enables users to make, use, save, and sell their own power. Enphase is also one of the most successful and innovative clean energy companies in the world, with more than 80 million products shipped across 160 countries.

Join our dynamic teams designing and developing next-gen energy technologies and help drive a sustainable future!

About the Role

We are seeking a Senior Cybersecurity Engineer with deep expertise in Security Operations (SecOps), detection engineering, and incident response. This role focuses on building and enhancing detection capabilities, leading investigations, and engineering scalable security solutions across cloud and endpoint environments. The ideal candidate has hands-on experience with EDR/XDR, SIEM, cloud security (AWS), and forensics, with a passion for automation and proactive defense.

What you will do

Security Engineering & Detection Design

• Lead design, deployment, and tuning of EDR/XDR platforms (e.g., CrowdStrike, Defender, SentinelOne).
• Engineer detection rules and pipelines to identify and alert on malicious behaviors using KQL, Sigma, or similar.
• Integrate and optimize telemetry within SIEM/SOAR platforms.

Incident Response & Threat Detection

• Act as the technical lead for major incident response efforts: containment, remediation, RCA.
• Design and maintain detection coverage mapped to MITRE ATT&CK.
• Develop automation for triage, enrichment, and remediation workflows.

Threat Hunting & Forensics

• Lead structured threat hunting using hypothesis-driven and intel-led approaches.
• Conduct or support disk, memory, and log forensics during investigations.
• Simulate adversary behavior to test and tune detection logic.
• Cloud Security
• Design and enforce security controls within AWS environments (IAM, GuardDuty, CloudTrail, Config, WAF, etc.).
• Automate cloud misconfiguration detection and remediation.

Who you are and What you bring

• Bachelor’s degree in cybersecurity, computer science, or related field with 5+ years of relevant experience, OR Master’s degree with 3+ years of hands-on security engineering experience.
• Strong hands-on experience with EDR (e.g., CrowdStrike, SentinelOne, Defender).
• Proficiency in SIEM/XDR/MDR platforms and query/detection engineering.
• Solid experience with AWS security services and cloud-native controls.
• Comfortable with scripting (Python, Bash, PowerShell) for automation and integration.
• Strong understanding of incident response, detection logic, and security infrastructure.
• Cryptography & PKI (Nice to Have)
• Familiarity with PKI infrastructure, certificate lifecycle management, and cryptographic concepts.
• Understanding of symmetric/asymmetric encryption (AES, RSA, ECC), TLS, and key exchange protocols.

Certifications (Optional)

GIAC certifications: GCIH, GCFA

The base pay range for this position is $105,000 to $162,000. This salary range may be modified in the future. The successful candidate’s starting pay will be determined based on job-related skills, experience, education or training, work location, and market conditions. This position is also eligible for bonus, equity, and benefits.