The Role
The Cybersecurity Engineer is responsible for ensuring compliance with security standards, conducting vulnerability assessments, and implementing best practices for data privacy and security across IT systems.
Summary Generated by Built In
About Commonwealth Fusion Systems:
Commonwealth Fusion Systems is on a mission to deliver the urgent transition to fusion energy.
Combining decades of research, top talent, and new technologies, we’re designing and building commercially viable fusion power plants. And working with policymakers and suppliers to build the energy industry of the future.
We’re in the best position to make it happen. Since 2018, we’ve raised nearly $3 billion in capital, making us the largest and leading private fusion company in the world.
Now we’re looking for more thinkers, doers, builders, and makers to join us. People who’ll bring new perspectives, solve tough problems, and thrive as part of a team.
If that’s you and this role fits, we want to hear from you.
Join the power movement as a Cybersecurity Engineer
CFS is seeking a highly skilled and experienced Cybersecurity & Compliance Engineer to join the dynamic IT organization. This critical role offers a unique opportunity to directly shape and uphold the highest standards of security and data privacy for our cutting-edge solutions.
As the primary driver for internal compliance, you will be instrumental in maturing and maintaining our robust cybersecurity compliance posture across a diverse portfolio of industry standards, including ISO 27001. The Cybersecurity Engineer integrates security requirements into IT systems, conducts vulnerability assessments, maintains secure baselines, and implements best practices while collaborating with architects. You will collaborate extensively across the IT organization and with broader CFS teams, benefiting from the deep compliance and security expertise that exists within the wider organization. This ensures our innovative solutions not only meet but consistently exceed stringent regulatory requirements. You will use the expertise and credentials gained through these compliance efforts to strategically support all employees across all sites. This position demands a blend of deep technical expertise in compliance and privacy, exceptional cross-functional communication skills, and a proactive, strategic approach to safeguarding sensitive data and fostering trust.
Your leadership and hands-on contribution will be vital in ensuring our organization remains at the forefront of security and compliance, protecting sensitive data and building unwavering trust with our employees.
What you'll do:
- Ensure safe use of cloud services by developing cloud infrastructure security standards
- Deploy tools to monitor compliance of cloud infrastructure
- Perform ongoing assessments to monitor cloud infrastructure compliance and vulnerabilities
- Perform security assessment of new cloud infrastructure platforms
- Integrate security requirements into IT systems.
- Conduct regular vulnerability assessments and penetration testing to identify potential risks and weaknesses.
- Develop and implement effective remediation strategies for identified security gaps.
- Implement system hardening and compliance
- Implement and integrate static and dynamic code analysis tools
- Research and evaluate Cybersecurity tools and methodologies
- Collaborate with cyber and product architects to harden platforms and tool chains
- Define and enforce secure-by-default software engineering practices
- Ensure compliance documents remain up-to-date, including system policies, procedures, controls, data maps, and customer documentation. Model efficiency in your own work, and arm subject matter experts with content, tools, and direction to minimize their effort
What we’re looking for:
- Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related field; additional experience, certifications or training may be considered in lieu of degree
- 3-5 years of relevant IT/ DevOps/Security Engineering experience
- Self-starting individual with the right attitude, aptitude to identify, take ownership of and solve challenging problems
- Interest in continual learning and development of the team and themselves
- Ability to work collaboratively and independently to develop creative solutions
- Passion for securing and maintaining IT and OT systems critical to national and international security
- Project management skills
- Great numerical and analytical skills
- Possess Excellent problem-solving skills
- Have attention to detail and excellent communication skills, both written and verbal
- Have an agile mindset to provide solutions quickly with an incremental value to customers
Bonus points for:
- Beginner to intermediate Windows, Linux and Networking skills
- Familiarity with tools like Rapid7/Metasploit, CrowdStrike, Snyk and KnowBe4
- Experience in hardening modern operating systems and implementing security engineering best practices.
- Familiarity with cloud security platforms such as AWS, Azure, or Google Cloud.
- Experience with NIST Cybersecurity Framework, ISO 27001, NIST 800-171 (CMMC), or Risk Management Framework (RMF)
Must-have requirements:
- Ability to occasionally lift up to 50 lbs
- Perform activities such as typing, standing, or sitting for extended periods of time
- Willingness to occasionally travel or work required nights/weekends/on-call
- Work in a facility that contains industrial hazards including heat, cold, noise, fumes, strong magnets, lead (Pb), high voltage, high current, pressure systems, and cryogenics
#LI-Hybrid
At CFS, we excel in fast-paced environments, driven by our values of integrity, execution, impact, and self-critique. As we grow, we’re eager to bring on mission-driven folks who offer diverse perspectives and fresh ways to tackle challenges.
We value diversity deeply and are proud to be an equal opportunity employer by choice. We consider all qualified applicants equally, regardless of race, color, national origin, ancestry, citizenship status, protected veteran status, religion, physical or mental disability, marital status, sex, sexual orientation, gender identity or expression, age, or any other basis protected by law.
This role requires compliance with U.S. laws concerning the export of controlled or protected technologies or information (collectively, “Export Control Laws"). Any offer of employment will be contingent on the need for compliance with such Export Control Laws.
Top Skills
AWS
Azure
Crowdstrike
GCP
Iso 27001
Knowbe4
Metasploit
Nist Cybersecurity Framework
Rapid7
Snyk
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Commonwealth Fusion Systems (CFS) has the fastest, lowest cost path to commercial fusion energy.
CFS is collaborating with MIT to leverage decades of research combined with new groundbreaking high-temperature superconducting (HTS) magnet technology. HTS magnets will enable compact fusion power plants that can be constructed faster and at lower cost. CFS is now building SPARC, the world's first commercially relevant, net energy fusion demonstration device. SPARC will pave the way for the first fusion power plant, ARC, that will produce power on the grid.
The ultimate mission is to deploy fusion power plants to meet global decarbonization goals as fast as possible. CFS has assembled a team of leaders in tough tech, fusion science, and manufacturing with a track record of rapid execution. Supported by the world’s leading investors, CFS is uniquely positioned to deliver limitless, clean, fusion power to combat climate change.
If you are interested in joining our team, check out cfs.energy/careers for more information.
