Application Guide

How to Apply for Engineer, Cloud Security

at Clean Power Alliance

🏢 About Clean Power Alliance

Clean Power Alliance is a community choice aggregator serving over 1 million customer accounts across 35 Southern California communities. As a public agency focused on renewable energy, it offers a mission-driven environment where your security expertise directly protects critical infrastructure and customer data. The remote-first culture and commitment to sustainability make it an attractive employer for those seeking purpose-driven work.

About This Role

As the Engineer, Cloud Security, you will be the primary architect and operator of Clean Power Alliance's Microsoft security stack, protecting cloud workloads and endpoints. Your work directly enables the organization to securely deliver clean energy services to millions, while ensuring compliance with NIST frameworks. This role is pivotal in building a security program from the ground up in a growing public agency.

💡 A Day in the Life

A typical day starts with reviewing alerts from Defender XDR and Sentinel, then tuning detection rules or investigating incidents. You might meet with the IT team to assess a new SaaS tool's security posture, followed by updating a NIST control implementation in Purview. Afternoons often involve documenting policies or leading a tabletop exercise with stakeholders.

🎯 Who Clean Power Alliance Is Looking For

  • Experienced in designing and managing Microsoft security solutions (Entra ID, Defender XDR, Sentinel, Intune, Purview) in production environments, not just certification holders.
  • Hands-on with NIST CSF (especially 800-53 or 800-171) and can translate framework controls into technical configurations and policies.
  • Comfortable working autonomously in a remote environment and leading incident response and vulnerability management programs end-to-end.
  • Able to communicate security risks to non-technical stakeholders and partner with departments to evaluate security implications of new tools.

📝 Tips for Applying to Clean Power Alliance

1

Tailor your resume to highlight specific Microsoft security tools (Entra ID, Defender, Sentinel, etc.) with examples of architectures you've implemented.

2

Mention any experience with NIST frameworks explicitly, including which controls you've mapped or audited.

3

Showcase remote work experience and self-management skills, as this is a fully remote role.

4

Research Clean Power Alliance's renewable energy mission and mention how securing their infrastructure aligns with your values.

5

Include a portfolio or case study of a cloud security project you led, detailing the problem, solution, and impact.

✉️ What to Emphasize in Your Cover Letter

['Your passion for clean energy and protecting critical infrastructure.', 'Your hands-on expertise with the Microsoft security stack and NIST frameworks.', 'Your ability to work independently and drive security initiatives in a remote setting.', 'Your experience in cross-departmental collaboration to assess security implications of new technologies.']

Generate Cover Letter →

🔍 Research Before Applying

To stand out, make sure you've researched:

  • Understand Clean Power Alliance's organizational structure and the types of renewable energy programs they offer (e.g., solar, wind).
  • Review the latest NIST Cybersecurity Framework publications to be ready to discuss specific controls.
  • Check out CPA's annual reports and newsroom to understand their growth and recent initiatives.
  • Familiarize yourself with California's energy regulations and any cybersecurity requirements for utilities.

💬 Prepare for These Interview Topics

Based on this role, you may be asked about:

1 Walk through how you would architect a secure Microsoft 365 tenant for a mid-sized organization like CPA.
2 Describe a time you led an incident response for a cloud security breach and the steps you took.
3 How do you prioritize vulnerabilities in a mixed environment of cloud and on-premises?
4 Explain how you would implement NIST 800-53 controls using Microsoft Defender and Sentinel.
5 How do you communicate security risks to non-technical stakeholders, such as energy program managers?
Practice Interview Questions →

⚠️ Common Mistakes to Avoid

  • Submitting a generic resume that doesn't highlight Microsoft security tools or NIST experience.
  • Overemphasizing unrelated cloud platforms (e.g., AWS, GCP) without connecting them to Microsoft or security.
  • Failing to demonstrate remote work readiness, such as time management or async communication skills.

📅 Application Timeline

This position is open until filled. However, we recommend applying as soon as possible as roles at mission-driven organizations tend to fill quickly.

Typical hiring timeline:

1

Application Review

1-2 weeks

2

Initial Screening

Phone call or written assessment

3

Interviews

1-2 rounds, usually virtual

Offer

Congratulations!

Ready to Apply?

Good luck with your application to Clean Power Alliance!