• Work with the technical lead on cybersecurity project scopes • Work with Team to develop strategy and timeline to meet project’s milestones and deliverables • Participate in network design, security architecture, and diagrams • Participate in hardware, software, and communications media specification • Participate in device configurations and hardening for security compliance and Risk Management • Work with Team to ensure timely delivery of high-quality cybersecurity documentation including security policies and procedures, RMF artifacts, configuration guides, testing reports, and training materials • Participate in cybersecurity assessments including vulnerability and compliance scanning and reporting • Participate in S&C’s Information Security program as it applies to customer facing services • Must be able to work independently in a fully remote environment • Ability to relay technical information to non-technical audiences • Function effectively within a global teams environment and under minimal supervision • Ability to travel internationally and out of state on average 4-5 times per year for 1-3 weeks per trip • Maintains regular and punctual attendance. • Attends in-person or virtual meetings as requested or required. • Communicates effectively and respectfully with others. • Other responsibilities as assigned.

• Monitorar, triar e enriquecer alertas de segurança de baixa, média e alta complexidade gerado pelo SIEM; • Analisar logs provenientes de múltiplas fontes: ZTNA, EDR/XDR, Cloud, Banco de Dados, DLP, WAF e CSPM; • Conduzir análises detalhadas de alertas e eventos de segurança, correlacionando múltiplos indicadores antes de concluir uma investigação; • Investigar e responder a incidentes cibernéticos, propondo ações corretivas e preventivas; • Gerenciar o fluxo de tickets, garantindo registro adequado, acompanhamento e escalação quando necessário; • Desenvolver, revisar e aprimorar Playbooks, Runbooks e Procedimentos Operacionais Padrão (POPs); • Fornecer feedbacks estruturados à Engenharia de Detecção sobre casos de uso que necessita, de tuning de regras; • Identificar lacunas de monitoramento e propor ativamente novos casos de uso para o SIEM, com base no framework MITRE ATT&CK, em TTPs relevantes ao negócio,ativos críticos e ameaças emergentes do setor; • Contribuir ativamente em atividades de Cyber Threat Intelligence (CTI) e Threat Hunting; • Impulsionar a melhora contínua do SOC por meio de automação e otimização de processos; • Produzir relatórios técnicos e gerenciais sobre o status da segurança e incidentes tratados; • Apoiar a conformidade com normas e regulamentos: PCI-DSS, ISO 27001, LGPD e normativas BACEM; • Suportar auditorias internas fornecendo evidências e documentação técnica.

Role Description Lunar Energy is currently seeking a Staff SecOps Engineer to join our talented team of engineers, dedicated to delivering a more sustainable future. You will play a pivotal role in ensuring end-to-end platform security and have the opportunity to strongly influence and contribute to the team’s future. Lunar Energy empowers you to explore multiple facets of our technology stack, aligned with your personal interests and abilities. We have a strong tradition of leveraging functional programming and type systems to craft pragmatic and flexible systems that align with business requirements. Key Responsibilities: - Incident response and detection - Architect and evolve the SecOps platform - Run hypothesis-driven hunts and operationalize threat intelligence - Reason about cloud infrastructure strategy to help ensure that solutions are the best fit for requirements - Develop and evangelise security best practices amongst the wider Software Engineering team, automating secure software development processes where possible. Qualifications - Bachelor's or Master's degree in a technical field, or equivalent practical experience - A minimum of 8 years’ of combined experience in DevOps, SecOps, Platform Engineering or SRE roles, with at least 4 years of specific focus on SecOps. - Offensive background: red team, pentest, or purple team experience - Experience using infrastructure as code - Strong understanding of networking and network security - Strong background in Linux operating systems - Strong expertise in Cloud security in AWS - Proficiency in one or more scripting programming languages (Python, Ruby, Bash, etc.) Requirements - Fluency in compliance frameworks such as SOC2 or ISO27001 - Systems programming in Go or Rust - Experience with serverless technologies - Experience with Typescript - Interest in the IoT and renewable energy industry Benefits We’re dedicated to creating a remarkable employee experience. At Lunar, competitive base pay is one part of our total compensation package. Lunar employees also have the opportunity to become Lunar shareholders by getting equity in a fast-growing company and participating in our employee stock program. - Competitive salary and stock options package - Private Medical Insurance scheme through BUPA (medical history disregarded) - A wellbeing and lifestyle benefits plan through Medicash - 5% employer contributions pension matching - A budget for work related training of £1,000 per financial year and an allowance of 4 training days - Cycle To Work scheme and Workplace Nursery benefit - Access to Spill - Mental Health Support platform - Enhanced Maternity + Paternity Pay - 25 days annual holiday entitlement + 8 Bank Holidays - Flexible start and finish times, fully remote working or hybrid depending on preferences Company Description Lunar Energy was founded to transition homes to 100% clean energy—making our electricity greener, our air cleaner and our energy more safe, secure and reliable for all. We’re a fast-growing, global company building the world’s best clean energy products to electrify all homes and connect communities to form clean, resilient virtual power plants.

• Design, deploy, and optimize DLP solutions across network, endpoint, and cloud. • Build and refine data classification schemes for sensitive assets (wallets, trading algorithms, customer PII). • Configure DLP policies to prevent data exfiltration while minimizing false positives. • Monitor, analyze, and tune alerts and incidents for continuous improvement. • Lead investigations of DLP incidents and insider threats. • Conduct threat hunting and forensic analysis of data exfiltration attempts. • Integrate DLP monitoring into broader SOC workflows and incident response playbooks. • Build custom DLP tools and integrations (e.g., macOS Swift endpoint protection, Unix socket monitoring). • Develop automation scripts, APIs, regexes and integrations to enhance detection and response. • Explore AI/LLM-driven methods for anomaly detection and response efficiency. • Ensure controls align with crypto and financial regulations (AML, KYC, GDPR, CCPA). • Support audits and regulatory reviews related to data protection. • Assess and mitigate data loss risks across trading platforms, onboarding systems, and blockchain infrastructure.