About the role
TerraForm Power is seeking a dynamic and strategic Manager of Cybersecurity to lead the development, execution, and continuous improvement of its cybersecurity program across both Information Technology (IT) and Operational Technology (OT) environments. This role bridges strategic leadership with hands-on execution, ensuring cybersecurity resilience across enterprise and industrial domains.
The successful candidate will be responsible for building and maintaining a robust cybersecurity posture, developing long-term security roadmaps, and translating technical risks into business impact for senior leadership. They will oversee governance alignment, vendor management, and compliance with standards such as NERC CIP, ISO 27001, and the NIST Cybersecurity Framework. Operationally, the role includes leading incident response, configuring and tuning security tools (SIEM, EDR, IAM, firewalls), conducting vulnerability scans, and supporting secure operations across TerraForm Power’s wind, solar, and battery storage sites, as well as corporate and remote work environments.
Key Responsibilities
-
Lead the design, implementation, and continuous improvement of cybersecurity programs across IT and OT systems.
-
Manage cybersecurity service providers and specialized vendors to ensure quality delivery and alignment with TerraForm Power’s security objectives.
-
Oversee security operations including monitoring, threat detection, vulnerability management, and incident response.
-
Ensure compliance with relevant frameworks and regulations, including NERC CIP, ISO 27001, SOC 2, and SOX ITGC.
-
Provide security architecture guidance for cloud infrastructure, enterprise systems, and OT networks (e.g., SCADA, telemetry, and industrial firewalls).
-
Conduct regular risk assessments and security reviews across IT and OT assets.
-
Promote cybersecurity awareness across teams, business units, and stakeholders.
-
Collaborate with IT, OT, project, and engineering teams to embed security in project design and operational planning.
Strategic Responsibilities
-
Develop and maintain long-term cybersecurity roadmaps aligned with business growth and regulatory evolution.
-
Translate cybersecurity risks into business impact for senior leadership and provide executive-level reporting.
-
Ensure cybersecurity policies and standards are current and aligned with enterprise risk posture.
-
Collaborate with IT, OT, and corporate risk teams to drive governance and compliance initiatives.
-
Lead vendor and service provider management to ensure alignment with strategic cybersecurity objectives.
Operational Responsibilities
-
Set-out requirements and manage third party providers for the configuration and tuning of tools such as SIEM, EDR, IAM, and firewall platforms including Check Point.
-
Provide strategic direction and oversee third-party providers to ensure the configuration and optimization of security tools, including SIEM, EDR, IAM, and firewall platforms such as Check Point, to effectively protect our environment.
-
Direct containment and recovery efforts during cybersecurity incidents and manage incident response workflows.
-
Conduct vulnerability scans, phishing simulations, and root-cause analysis of security events.
-
Oversee implementation of tactical security controls across IT and OT environments.
-
Administer cybersecurity systems and support global awareness programs.
Qualifications
Education: Bachelor’s or master’s degree in Cybersecurity, Information Systems, Engineering, or a related discipline.
Experience:
-
Minimum of 7 years of progressive cybersecurity experience, including at least 2 years in a management role.
-
Proven ability to manage external security vendors and service providers.
-
Blend of strategic and operational responsibilities in cybersecurity.
Technical Expertise:
-
Strong knowledge of cybersecurity frameworks and compliance requirements in IT and OT environments (examples include: NIST CSF, ISO 27001, NERC CIP).
-
Familiarity with SCADA systems, ICS, PLCs, and segmented OT network design.
-
Previous experience in the hands-on configuration and tuning of SIEM, EDR, IAM, and firewall platforms (including Check Point) is valuable, as you will be responsible for directing, managing, and setting requirements for third-party providers delivering these services.
-
Experience with a variety of cybersecurity tools, such as Security Information and Event Management (SIEM) platforms including Microsoft Sentinel and Splunk; Endpoint Detection and Response (EDR) solutions like CrowdStrike and Defender for Endpoint; firewall and network security technologies such as Check Point, Palo Alto, and Cisco; Identity and Access Management (IAM) tools including Azure AD, Okta, and CyberArk; vulnerability management solutions like Tenable, Rapid7, and Qualys; OT security monitoring platforms such as Nozomi Networks, Dragos, and Claroty; as well as Cloud Security Posture Management (CSPM) tools like Microsoft Defender for Cloud and Wiz.
Certifications: CISSP, CISM, GICSP, GIAC, or equivalent.
Leadership & Communication: Strong ability to influence cross-functional teams and communicate effectively.
#LI-FD1
About Brookfield Renewable
Brookfield Renewable is one of the world’s largest owners, operators and developers of renewable power, with $52 billion of power assets under management. Our portfolio of hydropower, wind, solar and storage assets extends across North America, South America, Europe and Asia, totaling over 19,000 megawatts of installed capacity, with an 18,000-megawatt development pipeline.
Leveraging over 120 years of operating experience and industry-leading innovation, we drive value across our extensive clean energy platform and deliver innovative renewable power solutions that accelerate the world towards a sustainable, low-carbon future. Our value extends well beyond the clean energy we produce to fuel a sustainable, growing economy. From our extensive renewable power fleet we make positive economic, social and environmental impacts in the communities where we live and work.
About the role
TerraForm Power is seeking a dynamic and strategic Manager of Cybersecurity to lead the development, execution, and continuous improvement of its cybersecurity program across both Information Technology (IT) and Operational Technology (OT) environments. This role bridges strategic leadership with hands-on execution, ensuring cybersecurity resilience across enterprise and industrial domains.
The successful candidate will be responsible for building and maintaining a robust cybersecurity posture, developing long-term security roadmaps, and translating technical risks into business impact for senior leadership. They will oversee governance alignment, vendor management, and compliance with standards such as NERC CIP, ISO 27001, and the NIST Cybersecurity Framework. Operationally, the role includes leading incident response, configuring and tuning security tools (SIEM, EDR, IAM, firewalls), conducting vulnerability scans, and supporting secure operations across TerraForm Power’s wind, solar, and battery storage sites, as well as corporate and remote work environments.
Key Responsibilities
-
Lead the design, implementation, and continuous improvement of cybersecurity programs across IT and OT systems.
-
Manage cybersecurity service providers and specialized vendors to ensure quality delivery and alignment with TerraForm Power’s security objectives.
-
Oversee security operations including monitoring, threat detection, vulnerability management, and incident response.
-
Ensure compliance with relevant frameworks and regulations, including NERC CIP, ISO 27001, SOC 2, and SOX ITGC.
-
Provide security architecture guidance for cloud infrastructure, enterprise systems, and OT networks (e.g., SCADA, telemetry, and industrial firewalls).
-
Conduct regular risk assessments and security reviews across IT and OT assets.
-
Promote cybersecurity awareness across teams, business units, and stakeholders.
-
Collaborate with IT, OT, project, and engineering teams to embed security in project design and operational planning.
Strategic Responsibilities
-
Develop and maintain long-term cybersecurity roadmaps aligned with business growth and regulatory evolution.
-
Translate cybersecurity risks into business impact for senior leadership and provide executive-level reporting.
-
Ensure cybersecurity policies and standards are current and aligned with enterprise risk posture.
-
Collaborate with IT, OT, and corporate risk teams to drive governance and compliance initiatives.
-
Lead vendor and service provider management to ensure alignment with strategic cybersecurity objectives.
Operational Responsibilities
-
Set-out requirements and manage third party providers for the configuration and tuning of tools such as SIEM, EDR, IAM, and firewall platforms including Check Point.
-
Provide strategic direction and oversee third-party providers to ensure the configuration and optimization of security tools, including SIEM, EDR, IAM, and firewall platforms such as Check Point, to effectively protect our environment.
-
Direct containment and recovery efforts during cybersecurity incidents and manage incident response workflows.
-
Conduct vulnerability scans, phishing simulations, and root-cause analysis of security events.
-
Oversee implementation of tactical security controls across IT and OT environments.
-
Administer cybersecurity systems and support global awareness programs.
Qualifications
Education: Bachelor’s or master’s degree in Cybersecurity, Information Systems, Engineering, or a related discipline.
Experience:
-
Minimum of 7 years of progressive cybersecurity experience, including at least 2 years in a management role.
-
Proven ability to manage external security vendors and service providers.
-
Blend of strategic and operational responsibilities in cybersecurity.
Technical Expertise:
-
Strong knowledge of cybersecurity frameworks and compliance requirements in IT and OT environments (examples include: NIST CSF, ISO 27001, NERC CIP).
-
Familiarity with SCADA systems, ICS, PLCs, and segmented OT network design.
-
Previous experience in the hands-on configuration and tuning of SIEM, EDR, IAM, and firewall platforms (including Check Point) is valuable, as you will be responsible for directing, managing, and setting requirements for third-party providers delivering these services.
-
Experience with a variety of cybersecurity tools, such as Security Information and Event Management (SIEM) platforms including Microsoft Sentinel and Splunk; Endpoint Detection and Response (EDR) solutions like CrowdStrike and Defender for Endpoint; firewall and network security technologies such as Check Point, Palo Alto, and Cisco; Identity and Access Management (IAM) tools including Azure AD, Okta, and CyberArk; vulnerability management solutions like Tenable, Rapid7, and Qualys; OT security monitoring platforms such as Nozomi Networks, Dragos, and Claroty; as well as Cloud Security Posture Management (CSPM) tools like Microsoft Defender for Cloud and Wiz.
Certifications: CISSP, CISM, GICSP, GIAC, or equivalent.
Leadership & Communication: Strong ability to influence cross-functional teams and communicate effectively.
#LI-FD1
About Brookfield Renewable
Brookfield Renewable is one of the world’s largest owners, operators and developers of renewable power, with $52 billion of power assets under management. Our portfolio of hydropower, wind, solar and storage assets extends across North America, South America, Europe and Asia, totaling over 19,000 megawatts of installed capacity, with an 18,000-megawatt development pipeline.
Leveraging over 120 years of operating experience and industry-leading innovation, we drive value across our extensive clean energy platform and deliver innovative renewable power solutions that accelerate the world towards a sustainable, low-carbon future. Our value extends well beyond the clean energy we produce to fuel a sustainable, growing economy. From our extensive renewable power fleet we make positive economic, social and environmental impacts in the communities where we live and work.