Shire Jobs

Everything we do at Sunrun is driven by a determination to transform the way we power our lives. We know that starts at the individual employee level. We strive to foster an environment you can thrive in through our commitment to diversity, inclusion and belonging.

The Security Analyst is responsible for managing and improving the existing Vulnerability Management Program. This analyst will also assist with other cloud and operational security initiatives. This position will include responsibilities that range across the security domains based on new and emerging threats.

You will partner with various internal stakeholders including IT Engineering and Operations teams, and various business groups to manage risk, vulnerabilities, and drive improvement across the organization.

This is an exciting opportunity to join the largest operator of residential solar in the US! This analyst will have incredible growth potential with the ability to work on projects and domains of interest in a continually evolving field. The successful candidate possesses excellent interpersonal and communication skills required to partner with leaders across the organization to identify security risks and develop solutions that protect the business. A successful candidate is excited to spread knowledge and facilitate intellectual growth within the organization. And, most importantly, has a passion for Enterprise Security and a hunger to learn.

Key Responsibilities:

Vulnerability Management:

• Lead the end-to-end vulnerability management program, including identification, prioritization, remediation, and reporting.

• Conduct regular vulnerability assessments and penetration testing to identify security gaps in infrastructure, applications, and cloud environments.

• Automate vulnerability scanning and remediation processes to ensure continuous monitoring and rapid response to threats.

• Collaborate with IT, DevOps, and application teams to ensure timely patching and remediation of security vulnerabilities.

• Develop and maintain risk-based vulnerability management strategies and programs that reduce risk exposure and maintain compliance with industry standards.

Cloud Security:

• Design and implement security solutions for cloud infrastructure (AWS, Azure, GCP) ensuring best practices are followed for securing cloud-native applications and services.

• Continuously monitor cloud environments for security threats, vulnerabilities, and misconfigurations.

• Provide cloud security expertise in architecture reviews, advising on security controls and helping teams secure infrastructure from the ground up.

• Work closely with DevOps teams to integrate security into CI/CD pipelines, ensuring secure deployments across cloud environments.

• Lead efforts to ensure that cloud environments comply with relevant security standards and frameworks, such as NIST, ISO 27001, and CIS.

Incident Response & Monitoring:

• Act as the primary escalation point for security incidents, particularly in cloud environments.

• Work with the SOC and other security teams to detect, analyze, and respond to security threats and incidents.

• Perform root cause analysis on security incidents and provide recommendations for improvements to cloud security controls.

Security Policy and Compliance:

• Develop, document, and enforce security policies and procedures for cloud infrastructure and vulnerability management.

• Ensure that cloud environments meet regulatory compliance requirements such as GDPR, HIPAA, PCI-DSS, etc.

• Assist in preparing for and responding to security audits and assessments.

Collaboration and Leadership:

• Mentor and provide guidance to junior engineers on security best practices, vulnerability management processes, and cloud security architecture.

• Collaborate with other security engineers, infrastructure, development, and DevOps teams to promote a security-first mindset throughout the organization.

• Stay up-to-date with the latest security trends, vulnerabilities, and emerging technologies, continuously improving the organization’s security posture.

Required Skills and Experience:

• 5+ years of experience in information security with a focus on vulnerability management and cloud security.

• In-depth experience with cloud environments (AWS, GCP), cloud-native security tools, and best practices.

• Proficiency in identifying, analyzing, and remediating vulnerabilities across cloud, infrastructure, and application layers.

• Hands-on experience with vulnerability management tools (e.g., Wiz.io, Orca, Tenable, or others) and cloud security platforms.

• Expertise in automation and security-as-code principles to enforce security policies and automate detection/remediation workflows.

• Strong understanding of security frameworks such as NIST, ISO 27001, CIS, and OWASP.

• Experience with container security, microservices architecture, and securing Kubernetes or other container orchestration platforms.

Preferred Qualifications:

• Security certifications such as CISSP, CISM, CISA, CCSP, or equivalent.

• Experience with DevSecOps practices and integrating security tools into the development lifecycle.

• Strong programming/scripting skills (e.g., Python, PowerShell, Bash) to automate security tasks.

• Familiarity with cloud-native security platforms like Wiz.io, Orca Security, Prisma Cloud, etc.

Soft Skills

• Excellent communication skills with the ability to explain complex security issues to non-technical stakeholders.

• Strong analytical and problem-solving abilities with a focus on security incident response.

• Ability to work independently and lead security initiatives across cross-functional teams.

• A proactive mindset with a passion for staying ahead of evolving security threats.

Recruiter:

Kristina Sedjo (kristina.sedjo@sunrun.com)

Please note that the compensation information that follows is a good faith estimate for this position only and is provided pursuant to acts, such as The Equal Pay Transparency Act. It assumes that the successful candidate will be located in markets within the United States that warrant the compensation listed. Candidates in locations outside this local area may have a different starting salary range for this opportunity which may be higher or lower. Please speak with your recruiter to learn more.

Starting salary/wage for this opportunity:

144,510.19 to 173,412.23

Other rewards may include annual bonus eligibility, which is based on company and individual performance, short and long term incentives, and program-specific awards. Sunrun provides a variety of benefits to employees, including health insurance coverage, an employee wellness program, life and disability insurance, a retirement savings plan, paid holidays and paid time off (PTO). A candidate’s salary history will not be used in compensation decisions.

This description sets forth the general nature and level of the qualifications and duties required of employees in this job classification, as well as some of the essential functions of this role. It is not designed to be a comprehensive inventory of all essential duties and qualifications. If you have a disability or special need that may require reasonable accommodation in order to participate in the hiring process or to perform this role if you are offered employment, please let us know by contacting us at candidateaccomodations@sunrun.com .

Sunrun is proud to be an equal opportunity employer that does not tolerate discrimination or harassment of any kind. Our commitment to Diversity, Inclusion & Belonging drives our ability to build diverse teams and develop inclusive work environments. At Sunrun, we believe that empowering people and valuing their differences are essential for our mission of connecting people to the cleanest energy on earth. We are committed to equal employment opportunities without consideration of race, color, religion, ethnicity, citizenship, political activity or affiliation, marital status, age, national origin, ancestry, disability, veteran status, sexual orientation, gender identity, gender expression, sex or gender, pregnancy or any other basis protected by law. We also consider qualified applicants with criminal convictions, consistent with applicable federal, state and local law.

Sunrun is proud to be an equal opportunity employer that does not tolerate discrimination or harassment of any kind. Our commitment to Diversity, Inclusion & Belonging drives our ability to build diverse teams and develop inclusive work environments. At Sunrun, we believe that empowering people and valuing their differences will help us create a planet run by the sun for everyone. We are committed to equal employment opportunities without consideration of race, color, religion, ethnicity, citizenship, political activity or affiliation, marital status, age, national origin, ancestry, disability, veteran status, sexual orientation, gender identity, gender expression, sex or gender, pregnancy or any other basis protected by law. We also consider qualified applicants with criminal convictions, consistent with applicable federal, state and local law.