Lead Cyber Security Engineer - DevSecOps & Compliance

This role is based in Boston, MA or Berlin, Germany

The Role: Lead Cyber Security Engineer - DevSecOps & Compliance

Apply your cyber security skills on the fastest growing climate technology of our time – hydrogen. Join LIFTE's rapidly growing international team and make a difference where climate meets tech.

We offer competitive pay, flexible working conditions, stock options, and other great benefits. We are looking for the best who share our passion in energy and climate technologies and want to innovate in the hardest-to-decarbonize sectors.

The Lead Cyber Security Engineer will be responsible for securing LIFTE’s digital solutions, including web & mobile applications built on React, React Native, AWS Amplify’s full-stack serverless architecture, and IoT edge devices. You will integrate and automate security in all our digital products & services used across the whole hydrogen infrastructure value chain around the globe. You will have the opportunity to lead and grow the cyber security team in a company creating supply-chain innovation to fundamentally change how the hydrogen industry is growing to meet the world’s energy demand.

The Lead Cyber Security Engineer will be passionate and customer obsessed, with a blend of business, technical, project and people management skills. You will work with digital and physical equipment, technology providers, nationally recognized testing laboratories, codes and standards organizations, and LIFTE’s cross-functional teams to help develop and deliver robust state of the art security for hydrogen solutions and supply chains.

The Lead Cyber Security Engineer will report to the Head of Digital Products & Services.

Your Responsibilities

• You will develop and integrate security solutions and architectures into LIFTE’s digital applications from equipment to user
• You will oversee the day-to-day operational security of LIFTE’s applications, and work with external auditors on achieving SOC and ISO compliance
• You will work directly with a team of software engineers, and create your own plan on how you want to grow the cyber security team to meet the rapidly growing demand for securing hydrogen infrastructure
• You are responsible for the security, integrity, and privacy of LIFTE’s applications for deployments to harsh environments and office workers alike
• You will set and own the digital team’s security standards and templates for creating secure products & services
• You will work with LIFTE’s Head of Digital and COO to ensure continuous compliance, security, and privacy are delivered to our users at all times
• You will be actively engaged in developing the cyber security products & services roadmap
• You will implement security monitoring systems and use analytics to make data-driven decisions on improving LIFTE’s and our users’ security practices

Additional Details

• Domestic travel at 10% with occasional international travel required
• Position is based in Boston, Massachusetts or Berlin, Germany
• Hybrid working model with one day in office per week
• US visa and green card sponsorship based on mutual agreement

Extremely Competitive Benefits Program

US:

• Incentive Stock Options
• Performance-based company profit sharing bonuses
• 401K plan with company match
• Industry leading healthcare coverage: medical, dental, and vision
• Generous time away, including 5 weeks paid vacation for all, regardless of seniority
• Sick Time
• Company-paid life and disability insurance
• 6 Holidays plus 2 floating holidays

DE:

• Urlaubsgeld
• Weihnachtsgeld
• Performance-based company profit sharing bonuses
• Stock options possible
• Betriebliche Altersvorsorge
• VWL
• Travel, health, and accident insurance
• Jobrad
• Competitive and environmentally friendly mobility options paid for by employer
• Family friendly policies

What Experience & Education is Required?

• For US: Must have legal authorization to work in the US on a full-time basis.
• Bachelor's in Computer Science or equivalent engineering degree with a solid understanding of cloud, application, network, and device security required.
• CISSP, CISM, and SANS qualifications greatly preferred.
• AWS Certified Security – Specialty greatly preferred.
• Minimum 3 years of experience working with software or IoT application security as a security engineer and at least 1 year of experience working with applications built with React or React Native.
• Must have 2+ years of experience working with AWS serverless services in production. Experience with AWS Amplify, AppSync, DynamoDB, Kinesis is greatly preferred.
• Prior experience with industrial sensors, wearable devices, vehicle interfaces, and wireless communication protocols greatly preferred. 
• Working knowledge with NIST CSF and applying NIST standards to energy infrastructure preferred.
• Prior experience with compliance and audit preferred.
• Prior experience with obtaining SOC 2, ISO 27001, and GDPR compliance greatly preferred.

What Skills are Necessary for Success?

• Detail-oriented
• Superior writing skills
• Ability to self-direct
• Fast learning and critical thinking
• Overcommunication and transparency
• Patience to read and extract knowledge from complex requirements

What Qualities are We Looking for?

• Passion: your passion is incorporated in what you do and drives your progress.
• Servant leadership: constant focus on how your work can serve the needs of others.
• A focus on excellence: your work is error-free and complete.
• Good judgment: your recommendations are sound.
• High integrity: do the right thing, especially when no one is looking.
• Community builder: we like each other and want you to be a contributing member of the LIFTE community in whichever way you are uniquely designed. Diversity of thought and approach is important to us.