SATEC

ExpertPower, a subsidiary of SATEC, is a fast-growing company delivering cloud, data, and AI solutions for the energy sector. We’re hiring a DevOps Engineer to strengthen our R&D team. 

🔹 About the Role

You will own our Azure cloud infrastructure, ensuring scalability, security, and cost efficiency. You’ll build CI/CD pipelines, drive FinOps practices, manage networking and security, and oversee databases (PostgreSQL, MSSQL). This role combines technical leadership with day-to-day engineering.

🔹 Responsibilities

• Design, automate, and operate Azure services (VMs, AKS, App Service, Functions).
• Build and maintain CI/CD pipelines and use infrastructure-as-code (Terraform, Bicep, ARM).
• Optimize cloud spend and implement FinOps policies.
• Ensure infrastructure security, compliance, and resilience.
• Manage and tune databases (SQL/NoSQL).
• Mentor engineers and collaborate with R&D and product teams.

🔹 Requirements

• Proven DevOps Engineer / Lead experience in cloud-native environments.
• Strong skills with Microsoft Azure, networking, and cloud security.
• Hands-on FinOps experience (cost analysis and optimization).
• Proficiency with infrastructure-as-code and CI/CD tools.
• DBA experience (PostgreSQL, MSSQL).

🔹 Nice to Have

• Multi-cloud experience (AWS/GCP).
• Knowledge of big data tools (Data bricks, Spark, Trino, Airflow).
• Familiarity with compliance (ISO 27001, SOC2, GDPR).

About the Role

We are seeking a highly skilled Cyber Architect with deep expertise in embedded cybersecurity, secure firmware design, and encrypted communication for industrial and SCADA environments.
The candidate will be responsible for defining, designing, and guiding the implementation of end-to-end cyber protection architectures for SATEC next-generation industrial embedded products.

Key Responsibilities

1. Cybersecurity Architecture & Design
• Define the overarching cybersecurity architecture for SATEC embedded industrial products, covering secure boot, firmware integrity, identity management, key storage, and communication protection.
• Lead the development of security requirements, policies, and hardening guidelines for firmware, hardware, and communication interfaces.
• Own the secure-by-design approach from concept to deployment, aligning with industry standards (e.g., NIST, CIP, IEC 62443, IEC 61850, IEEE 1686, DLMS/COSEM security suites).

2. Embedded Cyber Protection & Firmware Security
• Design and oversee implementation of embedded protection mechanisms such as:
o Secure boot & firmware authentication
o Secure storage / hardware root of trust
o Anti-tamper and anti-cloning techniques
o Runtime protection and anomaly detection
o Cryptographic key lifecycle management
• Review and guide secure coding practices for embedded teams (C/C++, secure memory handling, privilege separation, TrustZone, etc.)

3. Secure Communications & SCADA Integration
• Architect and implement encrypted communication with external SCADA, EMS, and industrial control systems using protocols such as:
o TLS/DTLS, IPsec
o IEC 62351, IEC 61850 security
o DLMS/COSEM Security Suite 1/2/3
o Modbus/TCP Security, DNP3-SA
• Lead hands-on development and debugging of secure protocols on resource-constrained embedded devices.
• Ensure mutual authentication, certificate handling, and secure session lifecycle.

4. Threat Modeling, Risk Assessment & Hardening
• Perform threat modeling (STRIDE, MITRE ATT&CK for ICS) and product-level risk assessments.
• Identify vulnerabilities and propose mitigation strategies for:
o Firmware and boot chain
o Hardware interfaces (JTAG/SWD, UART, SPI, I²C)
o Communication stacks
o Industrial network exposure
• Drive penetration testing activities and remediation plans.
5. Compliance, Standards & Security Documentation
• Ensure product compliance with relevant standards, including:
o IEC 62443-4-1/4-2, NIST, CIP-013/005/007, RED Cybersecurity (EU)
o IEEE 1686, ISO 27001 product-level implications
• Develop technical documentation including security architecture, threat models, and certification packages.

6. Cross-Team Leadership
• Collaborate with hardware, firmware, cloud, and product teams to ensure cohesive security
implementation.
• Mentor engineers developing secure firmware and communication stacks.

Required Qualifications

Technical Skills
• 7+ years of experience in embedded systems cybersecurity, secure firmware development, or embedded networking.
• Strong proficiency in C/C++, embedded Linux and RTOS environments, and microcontroller security features (ARM TrustZone, hardware accelerators, secure elements).
• Hands-on experience implementing cryptographic protocols, certificate management, and secure channel establishment.

Architectural Skills
• Proven capability to design end-to-end security architectures for complex embedded products.
• Experience defining cybersecurity requirements, policies, and secure development lifecycle (SDL) processes.
• Strong analytical and documentation skills, with ability to translate risks into practical engineering solutions.

Soft Skills
• Excellent communication skills with the ability to educate, mentor, and influence crossfunctional teams.
• Strong problem-solving abilities and hands-on technical approach.
We are seeking an ambitious personality with proven experience in management and development of cyber development systems. A curious personality, constant learner looking for learning new stuff

Bachelor’s or Master’s degree in Computer Science, Data Science, Engineering, or a related field.

5+ years of hands-on experience in AI / Machine Learning development, including production deployments.

Strong proficiency in Python and common AI/ML libraries (PyTorch, TensorFlow, scikit-learn, pandas, NumPy).

Proven experience with time-series analysis and forecasting models (e.g. ARIMA, Prophet, LSTM, GRU).

Experience designing and training models for anomaly detection, prediction, and optimization.

Solid understanding of the full ML lifecycle: data preparation, feature engineering, training, validation, deployment, and monitoring.

Experience deploying AI/ML models to production environments, preferably on cloud platforms (Azure preferred).

Strong data engineering skills: SQL, data pipelines, handling large-scale and streaming datasets.

Familiarity with MLOps practices, CI/CD, model versioning, and monitoring tools (e.g. MLflow).

Experience working with IoT or sensor-based data is an advantage.

Background in energy, utilities, or industrial data analytics is a strong advantage.

Ability to lead AI initiatives end-to-end and take technical ownership.

Strong analytical, problem-solving, and system-design skills.

Excellent communication skills and ability to work with cross-functional teams.