Engineer/Senior Engineer, Network/Server OT

Location: TerraForm Power Remote Operations Center, Albany NY

About Us

TerraForm Power (“TERP”), a platform company of Brookfield, attracts high-performing individuals who are driven to make an impact in a fast-paced and collaborative environment. We offer unparalleled opportunities to lead and manage one of the largest renewable energy businesses with decades of history, while contributing to the global need for sustainable energy.

The company is committed to employee development, encouraging curiosity, ownership, and continuous learning. You’ll be empowered to take initiative, contribute ideas, and grow your career within a supportive and ambitious organization. This position will be based in remote.

Job Summary

We are seeking a hands-on Network/Server OT Engineer to design, secure, and operate the network and server infrastructure that powers our renewable energy portfolio (wind, solar, battery storage), including our TerraForm Power Remote Operation Center (T-ROC) and remote generation sites. The successful candidate will own the lifecycle of OT systems across HP/HPE/Intel servers, Synology NAS, Microsoft/VMware virtualization, certain AWS cloud services, and security tooling used to monitor and control grid-connected assets.

Responsibilities

Architecture, Design & Implementation

- Design and implement secure, resilient network and server architectures for T-ROC and support field sites (wind, solar, battery storage).

- Evaluate and introduce new technologies (hardware, software, cloud, security) that improve reliability, scalability, and compliance; create solution designs, reference architectures, and implementation plans.

- Build and support virtualized environments (VMware/Hyper-V), Windows Server, Azure and AWS environments as required for OT environments.

- Configure and manage HP/HPE/Intel or similar server platforms and Synology NAS and similar for storage, backup, and replication; optimize performance and capacity planning.

Remote Operations Center (T-ROC) Operations

- Support T-ROC infrastructure, including EMS/SCADA networks, historian, time synchronization (NTP/PTP), and reliable telemetry paths.

- Ensure high availability, redundancy, and failover across T-ROC and remote sites; manage DR/BCP strategies, tabletop exercises, and recovery runbooks.

- Collaborate with Operations, Compliance, and Asset Management to align changes with grid operations, dispatch needs, and regulatory obligations.

Security & Compliance (NERC CIP / OT Security)

- Working with IT and Compliance, maintain security controls aligned to NERC CIP, with practical application in OT environments.

- Design and enforce network segmentation between IT and OT, least-privilege access, MFA, secure remote/vendor access, and Zero Trust principles where applicable.

- Lead/participate in incident response, cyber event triage, and post-incident reviews; maintain playbooks and test recovery procedures.

- Own technical evidence for network/server controls (configs, logs, diagrams, test records) and support internal and external audits as SME.

Monitoring, Telemetry & Change Management

- Deploy and maintain monitoring/observability across servers, network devices, applications, and site communications.

- Implement configuration management, baseline verification, and change management processes that adhere to NERC CIP (including approvals, testing, back-out plans, and evidence).

- Maintain accurate OT inventories (hardware, software, firmware), network diagrams, data flow maps, and access lists; ensure audit-ready documentation.

Operations & Support

- Provide support for OT network/server issues, perform root cause analysis, and drive corrective actions.

- Schedule and execute maintenance windows, firmware/patch cycles, and lifecycle refresh plans.

- Coordinate with vendors and OEMs for support, RMA, security advisories, and product roadmaps.

- Collaboration across IT, OT, Compliance, Operations, Asset Management, Operations, and external partners.

Required Qualifications

Engineer

- Bachelor’s degree in Computer Science, Electrical/Computer Engineering, Information Systems, or related field; or equivalent practical experience.

- 5+ years managing enterprise networks and servers (Windows/Linux), including virtualization (VMware/Hyper-V), storage/NAS (Synology or similar), and core Microsoft services (AD, DNS, DHCP, GPO, PKI).

- Hands-on experience with server platforms (deployment, firmware/low level management such as ILO, performance tuning).

- Strong knowledge of routing/switching, VLANs, ACLs, VPNs, NAT, QoS, BGP/OSPF, and secure remote access.

- Working knowledge of AWS and Azure networking and security.

- Experience implementing security monitoring, patch management, and backup/restore for servers and NAS.

- Familiarity with NERC CIP concepts for Low Impact assets and Medium Impact control centers, plus OT fundamentals.

- Proficiency with scripting/automation (PowerShell, Bash, Python) for configuration, monitoring, and evidence collection.

- Strong communication skills—able to translate technical requirements for operations, compliance, and executive stakeholders.

- A strong personal commitment to continuous improvement

- Value excellence in safety and environmental performance

- Ability to travel to remote generation sites (wind/solar/storage), substations as needed (~10%).

- Participate in on-call rotation and planned after-hours maintenance windows.

- Ability to lift and install 50+lbs

Senior Engineer

- All of the above, plus: - 10+ years experience spanning IT/OT environments.

- Experience with direct responsibility for control center infrastructure.

- Demonstrated leadership in architecture, program design, audit readiness, and cross-functional stakeholder management.

- Proven track record implementing defense-in-depth and segmentation for OT networks, vendor remote access, and interconnection security (e.g., ICCP/TASE.2).

- Ability to set standards, mentor engineers, and drive large-scale changes across diverse sites.

Preferred

- Background in battery storage communications and site control systems; knowledge of inverter/plant controller vendor ecosystems.

- Exposure to Zero Trust, micro-segmentation, and Privileged Access Management in industrial or utility OT environments.

- Experience with SOAR, configuration drift detection, and compliance evidence automation.

- Monitoring/Control: SNMP/Syslog/NetFlow, Windows Eventing, OT telemetry integrations, SCADA/EMS monitoring.

- Automation: PowerShell, Python, Ansible (optional), Git., Bash, Batch

Compensation: $120,000-$140,000 USD, bonus eligible