SOLV Energy is a leading provider of infrastructure services to the power industry, designing, building and maintaining utility scale solar, battery storage and high voltage substation projects nationwide.
Job Description Summary:
The Senior Cybersecurity Engineer is a senior, hands-on individualcontributor responsible for the design, implementation, hardening, and continuous improvement of security controls across SOLV Energy’s enterprise technology environment, spanning the Azure / Microsoft 365 cloud supporting the Corporate business and the onpremise, NERC CIP-regulated Operational Technology (OT) environments supporting Operations & Maintenance (O&M) and Engineering, Procurement & Construction (EPC). This position combines security architecture with engineering execution: translating risk into actionable, secure-by-design solutions and building, deploying, and operating the controls that protect IT and OT assets. The Senior Cybersecurity Engineer also serves as the Cybersecurity lead for merger, acquisition, and divestiture (M&A) activity, performing technical security due diligence on acquisition targets and integrating acquired IT/OT environments, generation assets, and engineering teams into SOLV’s security program. As a member of a lean SOC, this role operates with significant autonomy, partners closely with the Cybersecurity Engineer, Cybersecurity Analysts, SOC Manager and Director of Cybersecurity. This role acts as a senior technical subject matter expert across security architecture, OT security, and incident response.
This role is fully remote. Specific location details and expectations will be discussed during the interview process.
Job Description:
*This job description reflects management’s assignment of essential functions; it does not prescribe or restrict the tasks that may be assigned.
Position Responsibilities and Duties:
- Design, implement, and maintain scalable security architectures and controls across IT, OT, cloud (Azure / M365), infrastructure, and application environments, balancing measurable risk reduction with operational reliability and end-user functionality.
- Lead security architecture and infrastructure reviews for new and existing systems, providing secure-by-design recommendations and translating risk into prioritized, actionable roadmaps.
- Manage, develop, deploy, and support advanced security solutions for both cloud and on-premise environments, including Microsoft Azure and, where applicable, Amazon Web Services (AWS).
- Lead cross-functional security initiatives from planning and design through implementation, ensuring measurable risk reduction and stakeholder alignment.
- Drive innovation, automation, orchestration, and integration across the security toolset to improve detection, response, and operational efficiency.
- Lead OT/ICS security architecture and engineering for a NERC CIP-regulated environment, including IT/OT segmentation aligned to the Purdue Model and ISA/IEC 62443, secure remote access, and monitoring of OT assets.
- Design and implement OT-specific controls and visibility (asset inventory, network monitoring, secure data flows) that respect the availability and safety constraints of generation and control systems.
- Partner with OT Engineering and field operations to harden control systems, evaluate vendor and integrator security, and support NERC CIP compliance evidence, walkthroughs, and audits.
- Serve as the cybersecurity lead for merger, acquisition, and divestiture activity, performing technical security due diligence on target companies, project portfolios, and generation/OT assets.
- Assess the security posture, risk exposure, and remediation needs of acquisition targets across both IT and OT, and develop integration plans to onboard acquired environments, identities, and assets into SOLV’s security program and monitoring.
- Identify NERC CIP and other regulatory scoping implications of newly acquired or divested assets, and coordinate remediation and integration activities with IT, OT, Engineering, and Compliance teams.
- Act as a senior subject matter expert for incident response and threat mitigation across application, network, endpoint, identity, cloud, and OT domains; lead complex technical investigations and forensic collection.
- Develop and manage a comprehensive vulnerability management program across IT and OT, including regular assessments, risk-based remediation planning, and tracking of vulnerabilities to timely resolution.
- Partner with the SOC team on log source onboarding, detection engineering, and alert tuning to ensure detection coverage across both IT and OT environments.
- Collaborate with the Corporate IT team, Operational Technology, and Business Applications teams to ensure the security architecture supports both existing and planned initiatives, with a focus on scalability and security.
- Collaborate with and mentor the SecOps team, and provide education and training to process/control owners to deepen their understanding of technology control frameworks and their responsibilities.
- Serve as a senior SME supporting complex security projects or sub-projects, owning initiatives end-to-end from concept through implementation.
- Generate detailed reports and technical documentation for the SecOps team, providing insights and recommendations for continuous improvement.
- Contribute to incident response planning, risk assessment, and security strategy as a senior technical resource.
- Maintain current awareness of emerging threats, vulnerabilities, and detection techniques relevant to cloud, identity, endpoint, and the renewable energy / OT sector.
- Partner with software development and engineering teams to embed secure coding and data storage practices throughout the Secure Software Development Lifecycle (SSDLC).
Minimum Skills or Experience Requirements:
- Bachelor’s degree in Cybersecurity, Information Technology, Engineering, or related field (or equivalent experience).
- 7+ years of progressive cybersecurity experience, including securing cloud (Azure, Entra ID, M365) and on-premise environments.
- Demonstrated, hands-on experience securing Operational Technology (OT) or Industrial Control System (ICS) environments, including IT/OT segmentation and applied knowledge of the Purdue Model and ISA/IEC 62443.
- Demonstrated experience supporting the cybersecurity aspects of mergers, acquisitions, or divestitures — including security due diligence, posture and risk assessment, and integration of acquired IT and/or OT environments.
- Demonstrated experience designing and implementing enterprise security architectures across IT, OT, cloud, and/or application environments.
- Excellent knowledge of Identity and Access Management in Microsoft Entra ID (Azure AD) and M365.
- Excellent knowledge of Microsoft 365 Defender, including incident response, threat hunting, and vulnerability management.
- Strong understanding of network segmentation, identity architecture, and zero trust principles.
- Experience developing and managing a vulnerability management program across IT and/or OT.
- Experience developing and updating incident response plans and runbooks.
- Familiarity with common network, system, and web application attacks and mitigations.
- Knowledge of information security standards and regulatory frameworks such as NERC CIP, NIST CSF, NIST 800-82, ISO 27001/2, SOX, and IEC 62443.
- Scripting and automation experience (PowerShell, Python, and/or KQL).
- Ability to work effectively in a team environment and in cross-functional teams.
- Ability to effectively document security designs, investigations, procedures, and technical findings.
- Excellent verbal and written communication skills, with the ability to brief both technical peers and non-technical stakeholders.
- Strong project ownership and organizational skills.
- Entrepreneurial spirit.
Preferred Qualifications:
- One or more of the following certifications (or industry equivalents): CISSP, GICSP, GMON, Azure Security Engineer Associate, or equivalent.
- Experience in energy, industrial, utility, or other regulated / critical-infrastructure environments (renewable energy a plus).
- Hands-on experience deploying, configuring, and operating a SIEM platform (e.g., Microsoft Sentinel, Splunk, IBM QRadar), including data onboarding, detection rule development, tuning, and investigation.
- Experience with the MITRE ATT&CK framework, including MITRE ATT&CK for ICS.
- Demonstrated experience with security automation, orchestration, and SOAR capabilities.
- Experience implementing DevSecOps or secure code tooling.
- Experience integrating acquired companies or assets into an enterprise security monitoring and identity program.
- Experience supporting or maturing SOC operations, detection engineering, or threat hunting programs.
SOLV Energy Is an Equal Opportunity Employer
At SOLV Energy we celebrate the power of our differences. We are committed to building diverse, equitable, and inclusive workplaces that improve our communities. SOLV Energy prohibits discrimination and harassment of any kind against an employee or applicant based on race, color, age, religion, sex, sexual orientation, gender identity or expression, marital status, national origin, or ethnicity, mental or physical disability, veteran status, parental status, or any other characteristic protected by law.
Benefits:
Employees (and their families) are eligible for medical, dental, vision, basic life and disability insurance. Employees can enroll in our company’s 401(k) plan and are provided vacation, sick and holiday pay.
Compensation Range:
$127,453.00 - $152,944.00
Pay Rate Type:
Salary
SOLV Energy does not accept unsolicited candidate introductions, referrals or resumes from third-party recruiters or staffing agencies. We require all third-party recruiters to communicate exclusively with our internal talent acquisition team. SOLV Energy will not pay a placement fee to any third-party recruiter or agency that has not coordinated their recruiting activity with the appropriate member of our internal talent acquisition team.
In addition, candidate introductions or resumes can only be submitted to our internal talent acquisition recruiting team if a signed vendor agreement is already on file and the third-party recruiter or agency has received formal instructions from our internal talent acquisition team to submit candidates for a particular job posting.
Any unsolicited candidate introductions, referrals or resumes sent by third-party recruiters to SOLV Energy or directly to any of our employees, or received through our website or career portal, will be considered property of SOLV Energy and will not be eligible for a placement fee. In the event a third-party recruiter submits a resume or refers a candidate without a previously signed vendor agreement, SOLV Energy explicitly reserves the right to pursue and hire the candidate(s) without financial liability to such third-party recruiter.
#LI-Remote
Job Number: J13637
If you’re interested in a meaningful career with a brighter future, join the SOLV Energy Team.
Similar Jobs
What you need to know about the Colorado Tech Scene
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute


