Senior Cyber Security Engineer at ORAU

Madison, Wisconsin, United States -

Full Time

Start Date

Immediate

Expiry Date

18 May, 26

Salary

0.0

Posted On

17 Feb, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cyber Security Operations, Incident Response, Security Platform Implementation, SIEM Implementation, Vulnerability Scanning, Risk Management, CMMC Level 2, NIST 800-171, Zscaler, Aurascape, SentinelOne, Identity Management, Endpoint Security, Network Security, Audit Readiness, Technical Investigation

Industry

Government Administration

Description

Overview Location: Knoxville, TN or Madison, WIRole: Permanent, full timeSalary: Highly competitive plus bonus and benefits ORAU is conducting the search on behalf of Type One Energy for a permanent, full‑time Cyber Security Engineer in Knoxville, TN or Madison, WI. About Type One Energy Type One Energy Group is mission-driven to provide sustainable, affordable fusion power to the world. Established in 2019 and venture-backed in 2023, the company is led by a team of globally recognized fusion scientists with a strong track record of building state-of-the-art stellarator fusion machines, together with veteran business leaders experienced in scaling companies and commercializing energy technologiesIf you are searching for the best new ideas and share our vision, join us as a Senior Cyber Secruity Engineer. This is what you need to know: Your role in the mission: The Cyber Security Engineer will be the primary hands-on security operator, responsible for day-to-day cyber security operations and the implementation and operation of core security platforms. This role partners closely with the Director of IT, who sets security strategy, priorities, and risk tolerance, while the Cyber Security Engineer executes, operates, and continuously improves the technical security program. The Cyber Security Engineer is responsible for coordinating closely with the MSP on these services, ensuring they are correctly configured, monitored, and aligned with internal security objectives. While certain operational tasks are delegated, accountability for security outcomes remains internal. This role will play a central part in establishing durable, auditable, and defensible cyber security operations. Responsibilities Cyber Security Operations Own day-to-day internal cyber security operations and outcomes. Monitor, triage, and investigate security alerts and incidents. Act as the primary internal technical responder for security events. Coordinate closely with the MSP on managed security services (including SentinelOne), retaining internal accountability. Security Platform Ownership Implement, configure, and operate core security platforms, including Zscaler and Aurascape. Design and enforce security policies; integrate with identity, endpoint, and network systems. Serve as technical owner for MSP-managed platforms by defining standards, reviewing findings, and validating response actions. Lead implementation and operation of a SIEM platform, including logging standards, alerting, and workflows. Incident Response and Risk Management Lead technical investigation, containment, and remediation of security incidents. Conduct post-incident reviews and recommend control improvements. Operate vulnerability scanning and configuration assessment tools. Prioritize and track remediation based on risk and business impact. Compliance and Audit Readiness Implement and operate technical controls supporting CMMC Level 2 and NIST 800-171. Maintain defensible documentation of security controls and operations. Support audits, investor due diligence, and third-party security assessments. Partner with leadership to identify and remediate gaps. Collaboration and Advisory Work closely with the Director of IT on priorities, risk acceptance, and escalation decisions. Advise IT, engineering, and research teams on secure system design and operational trade-offs. Qualifications Professional Experience Typically 3–7 years of experience in cybersecurity, systems engineering, or a closely related field. Experience operating security controls in production environments with real accountability. Experience working with Managed Service Providers while retaining internal ownership of outcomes. Prior experience in regulated or high-scrutiny environments preferred. Communication and Judgment Ability to communicate security risks clearly to non-security stakeholders. Sound judgment balancing security requirements with business and research needs. Comfort operating in an environment where execution is shared, but accountability is not. Preferred but Not Required Direct experience with CMMC, NIST 800-171, SOC 2, or IPO readiness. Relevant certifications (e.g., CISSP, GCIH, GCED, CCSP).

Responsibilities

The Cyber Security Engineer will serve as the primary hands-on security operator, managing day-to-day cyber security operations and implementing core security platforms. This role involves owning security outcomes, monitoring alerts, leading incident response, and coordinating closely with the Managed Service Provider (MSP).