Cloud Security Engineer

Become a Cloud Security Engineer with Enviva in Raleigh, United States. Lead security projects, optimize security tools, and enhance the Cyber Security program. Enjoy a collaborative environment and the opportunity for domestic travel. Join Enviva as a Cloud Security Engineer in Raleigh, United States, and play a key role in advancing the Cyber Security program. You will lead security projects, optimize security tools, and collaborate with IT teams to enhance security posture. This position offers a chance to work in a purpose-driven company focused on renewable energy solutions, with up to 10% domestic travel and a supportive team environment.

Enviva Raleigh, United States On-site Full Time UTC-05:00

Enviva

Company Overview

Name

Enviva

Headquarters

Maryland, United States

Year Founded

2014

Business Model

Sector

Renewable Energy

Core Activities

Enviva specializes in producing sustainable wood pellets from biomass, which are used as a renewable energy source. Their operations include sourcing, manufacturing, and distributing wood pellets to customers globally.

Revenue Streams

The company generates revenue primarily through the sale of wood pellets to energy producers and utilities. They also engage in long-term contracts with customers, ensuring a steady income stream.

Locations & Geography

Global Presence

Enviva operates in multiple countries, with significant operations in the United States and Europe. Their facilities are strategically located to optimize logistics and supply chain efficiency.

Company Culture

Mission & Values

Enviva's mission is to provide sustainable energy solutions that contribute to a cleaner environment. They value integrity, sustainability, and innovation in their operations and corporate culture.

Work Environment

The work environment at Enviva is collaborative and focused on safety and sustainability. They encourage employees to contribute ideas and participate in decision-making processes.

Employee Development

Enviva is committed to employee development through training programs and career advancement opportunities. They aim to foster a culture of continuous learning and professional growth.

Activities & Projects

Current Projects

Enviva is currently expanding its production capacity to meet the growing demand for renewable energy. They are also investing in new technologies to enhance the efficiency of their operations.

Innovations

The company is focused on innovative practices in biomass production and logistics. They are exploring advanced manufacturing techniques to improve sustainability and reduce carbon emissions.

Sustainability Practices

Enviva implements rigorous sustainability practices, including responsible sourcing of wood and minimizing waste in their production processes. They are dedicated to reducing their environmental footprint.

Career Opportunities

Job Openings

Typical job openings at Enviva include positions in operations, engineering, and environmental management. They seek individuals who are passionate about renewable energy and sustainability.

Benefits & Perks

Enviva offers competitive benefits, including health insurance, retirement plans, and opportunities for professional development. They prioritize employee well-being and work-life balance.

Contact Information

Social Media

Homepage

envivabiomass.com

Careers Page

Careers at Enviva

Last updated on 2025-03-27 | Report an issue

Job Description

The Enviva team is driven by our shared vision for a renewable energy future. We are a fast-growing, purpose-driven, global energy company specializing in delivering sustainable wood bioenergy solutions. We are the world’s largest producer of sustainable wood pellets, which provide a low-carbon alternative to fossil fuels.

The Cyber Security Engineer reports to the Director of IT Infrastructure and Security and is responsible for leading security projects across the enterprise. This newly created position will be part of a high performing team and assist the Cyber Security Manager in driving the Enviva Cyber Security program, strategy, and road map to protect Enviva’s assets from security threats.

A successful candidate will be a resourceful self-starter capable of owning security solutions and platforms end-to-end and will work closely with the Director of IT Infrastructure and Security, the Infrastructure team, and Technology Solution Center resources to advance security initiatives and support corporate objectives.

Responsibilities

Advance the Cyber Security road map and identify and lead security posture improvements
Maintain and optimize security software and tools
Evaluate capabilities and effectiveness of control environment and its individual controls and platforms and recommend required enhancements to the Cyber Security Manager
Liaise with the Managed Detection and Response (MDR) services provider and ensure quality delivery through reporting and governance
Investigate potential and confirmed security incidents, lead response efforts, lessons learned, and implementation of resulting proposed improvements
Work with members of IT, application and system owners, and the business where required to remediate systems and applications with detected vulnerabilities.
Work closely with peers in the Infrastructure team, the Infrastructure Architect, Application Development, to create and maintain a secure environment
Consult with lines of business to guide best practices and offer solutions when the need arises
Lead the threat and vulnerability management function leveraging vulnerability management tools and processes

Qualifications

A Bachelor’s degree in Information Technology, Information Systems, Engineering, or a related field. Any combination of advanced course enrollment, certification and years of relevant work experience can be substituted
10+ years of experience in IT
4 years of IT security experience designing or building security solutions and supporting security incident response.
Industry certifications, or demonstrated extracurricular participation in one or multiple security domains are required
A diverse technical skill set with the desire to stay “up to speed” with the changing threat landscape, trends, and security solutions on the market
Proficiency and experience in the below technical areas:
- Endpoint: OS hardening, endpoint management, endpoint protection/Anti-virus, disk encryption, USB protection
- Network: UTM, TCP/IP, SSL/TLS, proxy, content filtering
- Data: security implications of data-in-transit, at-rest, and in-use, DLP, DAG
- Identity: SSO, MFA, authentication and authorization logic
- Additional concepts: least privilege/least access, attack surface reduction, good knowledge of a wide range of applications, services, and protocols
Demonstrated knowledge of tactics, techniques, and procedures (TTP’s) commonly used by threat actors and indicators of compromise (IoC’s)
Awareness of cyber attack models- MITRE Att&ck, Cyber Kill Chain and how these translate to defense planning
Ability to quickly assess risk impact from environment changes like implementation of new solutions or software, network design change or integration, and modification of system features
Motivation and drive to “hunt” for threats or seek out optimization opportunities to improve effectiveness of controls
Ability to maintain a people, process, technology view through design, build, and run phases of service and capability delivery
Ability to handle multiple tasks, prioritize and meet deadlines
Familiarity with regulatory and legal obligations:
- SOX
- ITGC
Understanding of IT Security frameworks:
- NIST CSF
- CIS CSC
Excellent written and verbal communication skills
Able to lead or participate in Cyber Security incident response and investigations.

Preferred Qualifications - What Will Set You Apart

Desired Certifications (or equivalent demonstrable experience):
- One of the below:
  - Microsoft Certified Cyber Security Architect Expert
  - Microsoft Certified Azure Security Engineer
  - CompTIA Security+
- Plus SANS certification demonstrating specialized knowledge within a security domain
- Knowledge of PowerShell or other scripting languages

Travel requirements

Up to 10% domestic travel to Enviva facilities. Occasional international travel may be required depending on future business needs.

Working Conditions

Normal office hours – however, could be longer hours when business requires. This position will assume a shared responsibility of ensuring applications are available 24x7x365.
Willing and able to maintain strict adherence to safety rules and regulations, to include wearing safety equipment.

Physical Requirements

Ability to safely and successfully perform the essential job functions consistent with the ADA and other federal, state and local standards, including meeting qualitative and/or quantitative productivity standards.

*This position does not offer visa sponsorship or support for work authorization

EEO Statement

Enviva is dedicated to the principles of equal employment opportunity (EEO) in any term, condition or privilege of employment. Enviva does not discriminate against applicants or employees on the basis of race, color, creed, religion, sex, national origin, age, physical or mental disability, ancestry, marital status, sexual orientation, gender identity or expression, veteran status, uniform service member, genetic information or any other status protected by law. Enviva complies with applicable state and local laws governing nondiscrimination in employment in every location in which we operate.