Director Cybersecurity

At Powin, we are advancing the next frontier of energy and changing the way we power our daily lives by ensuring access to clean, resilient, and affordable power. With 17 GWh of projects deployed and under construction, we are a leading and trusted energy storage provider dedicated to creating an exceptional customer experience through end-to-end energy storage solutions. As a global energy storage solutions provider, we offer fully integrated battery solutions, software, and services to optimize grid performance and enable the transition to cleaner energy sources.

It's your chance to be part of something great

Create a World You're Proud of

We envision a future powered by clean, carbon-free, renewable energy. Achieving our vision requires incorporating diverse perspectives and experiences and fostering collaboration to find viable solutions. We are looking for visionaries like you who aspire to more than just a job-those driven by a desire to make a real impact and who want to add their voice and ideas to the conversation. We value the input of all employees and stakeholders and strive to integrate their ideas into the best solutions to create a greener world for tomorrow. Our mission transcends batteries. Join us in creating a cleaner tomorrow, today.

Summary:

As the Director Cybersecurity, you will champion the security and compliance initiatives at the enterprise level and lead a team in managing the cybersecurity requirements, infrastructure and internal controls associated with physical and electronic cyber security risks, associated with Powin's technical, product, and business teams. This position will report to the CISO with a high degree of autonomy while maintaining close collaboration with cross-functional teams and subject matter experts to represent Powin's cybersecurity compliance related to its energy storage offerings to clients and auditors.

Job Duties:

• Provide strategic vision and leadership to manage organizational risk, ensure business alignment, effective governance, system and product availability, integrity and confidentiality.
• Stay current with emerging threats and innovative security solutions to address evolving cyber threats, with a focus on critical infrastructure protection in the energy sector.
• Collaborate with product development teams to integrate security considerations into hardware and software design and development.
• Lead product security initiatives, including security assessments and penetration testing.
• Develop and implement training programs to ensure staff are equipped with the latest cybersecurity knowledge and skills.
• Assess and manage the cybersecurity posture of third-party vendors and partners, ensuring they meet the company's security requirements.
• Implement strategies to secure the supply chain against cyber threats, particularly in the delivery of hardware and software products.
• Conduct detailed technical reviews and compliance evaluations of security standards, including implementation of internal controls, compliance evidence, and audit worksheets and provide recommendations to the CISO and SMEs.
• Coordinate with Powin internal Legal and Audit staff and/or other third parties utilized for supplemental compliance assessment.
• Select security products and vendors and drive selected projects to implementation to strengthen Powin's security posture.
• Assist in investigation of and external reporting associated with compliance violations and cyber incidents and lead the creation of incident risk mitigation, issue resolution and recovery processes for Powin.
• Promote awareness and understanding of NIST, NERC-CIP, and ISO regulations and internal processes for compliance with Powin's business units.
• Perform other duties as assigned.

Managerial Responsibilities:

• Lead, mentor, and develop a high-performing team of IT Cybersecurity professionals, fostering a culture of security awareness, continuous improvement, collaboration, and innovation. Contribute to strategic planning, aligning team efforts with organizational objectives, and identifying opportunities for process improvements.
• Set performance goals, monitor progress, and conduct performance appraisals. Conduct regular 1:1 meetings with direct reports, providing guidance, feedback, and professional development opportunities to ensure continuous growth and performance and participate in continued company management trainings.
• Manage team workload and resources effectively, ensuring necessary tools and support are available. Facilitate open communication within the team and across departments, promoting collaborative efforts and efficient execution.
• Facilitate transparent communication, address and resolve conflicts promptly, and maintain a positive and inclusive team culture.
• Ensure team adherence to company policies and promote employee engagement through recognition and support.

Required Qualifications:

• Bachelor's degree in Computer Science, Information Technology or related field, or equivalent education and work experience.
• 10+ years of Cybersecurity experience with at least one relevant certification (e.g., CISM, CISSP, CISA, GCIP).
• Extensive technical understanding of security frameworks (NIST, CIS) for cyber security, physical security, data security, security controls, incident response, and/or network/cloud architecture.
• Experience with product security utilizing OT protocols (e.g., Modbus, DNP3, IEC 61850) and IT networking protocols (e.g., TCP/IP, DNS, HTTPS).
• Proven ability to develop and execute security strategies, roadmaps and plans.
• Demonstrated experience in planning, executing, and supporting business continuity and disaster recovery projects, particularly in cloud environments.
• Strong background in leading internal and external IT security audits and collaborating with audit committees and clients.
• Ability to build consensus and collaborate with diverse groups to meet compliance objectives while maintaining business agility.
• Experience managing complex projects involving internal teams, vendors, and external contractors.
• Versatility in leading a small team and providing hands-on troubleshooting as needed.
• Excellent independent judgment and time management abilities in a dynamic environment.
• Exceptional communication skills, both written and spoken, with the ability to clearly articulate security needs at all levels of the organization.
• Proven ability to build positive and productive working relationships across diverse teams.

Preferred Qualifications:

• Experience with international security, NERC CIP and ISO 27001, is preferred.
• Prior exposure to recovering from a threat or attack.
• Background in the energy sector, particularly with energy storage systems and critical infrastructure, is highly desirable.

Physical Requirements:

• Ability to sit or stand for extended periods at a desk and working on a computer.
• Capability to frequently lift up to 25lbs and occasionally lift up to 50lbs.
• Limited travel requirements - up to 15%.